Zdravím,
poprosil bych o kontrolu logu. Nějak mi začal lagovat počítač a chtěl bych vyloučit vir.
Logfile of random's system information tool 1.10 (written by random/random)
Run by jakub at 2020-02-01 15:40:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 27 GB (18%) free of 153 GB
Total RAM: 16351 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:40:24, on 1.2.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19355)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTime.Client.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
C:\Users\jakub\Desktop\adwcleaner_4.107.exe
C:\Program Files\trend micro\jakub.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: Check Point Endpoint EFR (CPEFR) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
O23 - Service: Check Point Sandblast Agent Cipolla (CpSbaCipolla) - Unknown owner - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
O23 - Service: Check Point Sandblast Agent Updater (CpSbaUpdater) - Unknown owner - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Check Point Endpoint Remediation (RemediationService) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: Check Point SandBlast Agent Threat Emulation (TESvc) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: ZoneAlarm ICM NET Service (ZA NET ICM Service) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
O23 - Service: ZAAR Update Service (ZAARUpdateService) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 14456 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
taskeng.exe {FB4435A2-3CF4-4E69-8584-DB3BAE52BC18}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe"
"C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe"
"C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTimeOptimizer.exe" -norestore
\??\C:\Windows\system32\conhost.exe "6306582391764200124-1390181197-1145138815-900750504-265698028-717460596-653599054
"C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe"
"C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2760
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000b74
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5612.0.1757843171\1619979130" -parentBuildID 20200117190643 -prefsHandle 1152 -prefMapHandle 1144 -prefsLen 1 -prefMapSize 373545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5612 "\\.\pipe\gecko-crash-server-pipe.5612" 1244 gpu
"C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTime.Client.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5612.3.1078221500\289542444" -childID 1 -isForBrowser -prefsHandle 1620 -prefMapHandle 1760 -prefsLen 158 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5612 "\\.\pipe\gecko-crash-server-pipe.5612" 1660 tab
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5612.13.245385622\303928951" -childID 2 -isForBrowser -prefsHandle 2812 -prefMapHandle 2808 -prefsLen 6314 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5612 "\\.\pipe\gecko-crash-server-pipe.5612" 2824 tab
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" --type=collab-renderer --proc=3204
"C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5612.20.947555768\1085515572" -childID 3 -isForBrowser -prefsHandle 3260 -prefMapHandle 3256 -prefsLen 6378 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5612 "\\.\pipe\gecko-crash-server-pipe.5612" 3276 tab
"C:\Program Files\Rainmeter\Rainmeter.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5612.27.1278046689\1780142009" -parentBuildID 20200117190643 -prefsHandle 3836 -prefMapHandle 3864 -prefsLen 7137 -prefMapSize 373545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5612 "\\.\pipe\gecko-crash-server-pipe.5612" 2824 rdd
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe"
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Motive\McciCMService.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe" -s
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe" /verysilent /nostart /norestart /suppressmsgboxes
"C:\Windows\TEMP\is-OUI0C.tmp\avira_speedup_setup_update.tmp" /SL5="$B0034,27181987,257024,C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe" /verysilent /nostart /norestart /suppressmsgboxes
"C:\Windows\SYSTEM32\WISPTIS.EXE" /ManualLaunch;
C:\Windows\system32\DeviceDisplayObjectProvider.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5612.31.1628894742\1114439291" -childID 4 -isForBrowser -prefsHandle 3672 -prefMapHandle 1620 -prefsLen 7847 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5612 "\\.\pipe\gecko-crash-server-pipe.5612" 3792 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="5612.45.1089861059\1334916443" -childID 6 -isForBrowser -prefsHandle 7944 -prefMapHandle 3612 -prefsLen 7847 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 5612 "\\.\pipe\gecko-crash-server-pipe.5612" 3556 tab
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Users\jakub\Desktop\adwcleaner_4.107.exe"
"C:\Users\jakub\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000Core.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000UA.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\EPSON L365 Series Update {AE4F56D3-2240-448A-A7B8-AAEC33E384DF}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE /EXE:"{AE4F56D3-2240-448A-A7B8-AAEC33E384DF}" /F:"Update"
=========Mozilla firefox=========
ProfilePath - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "resource://firefox-at-usepanda-dot-com/data/index.html"
"web2pdfextension.17@acrobat.adobe.com"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.321 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.321 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\extensions\
staged
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13 210632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2020-01-13 993152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-19 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2020-01-13 694872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-19 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-19 141496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2019-01-22 2410968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2019-11-19 24552064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe [2019-11-19 24552064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Discord]
C:\Users\jakub\AppData\Local\Discord\app-0.0.301\Discord.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EpicGamesLauncher]
C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [2020-01-30 36098448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GalaxyClient]
C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [2019-05-06 7606344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-12-11 563416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jakub^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe [2020-01-23 6261760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KNet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger=""C:\Program Files (x86)\System Explorer\SystemExplorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.FPS1"=frapsv64.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2020-02-01 14:38:43 ----D---- C:\Users\jakub\AppData\Roaming\wtablet
2020-02-01 14:36:02 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2020-02-01 14:35:57 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2020-02-01 14:32:14 ----D---- C:\Program Files\TabletPlugins
2020-02-01 14:31:55 ----A---- C:\Windows\system32\drivers\wacomrouterfilter.sys
2020-02-01 14:31:47 ----A---- C:\Windows\system32\drivers\wdfcoinstaller01009.dll
2020-02-01 14:31:47 ----A---- C:\Windows\system32\drivers\wachidrouter.sys
2020-02-01 14:31:47 ----A---- C:\Windows\system32\drivers\hidkmdf.sys
2020-01-28 10:10:13 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2020-01-23 11:28:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2020-01-08 11:21:06 ----A---- C:\Windows\system32\drivers\phantomtap.sys
2020-01-02 19:50:20 ----HD---- C:\ProgramData\CanonBJ
2020-01-02 19:50:17 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2020-01-02 19:50:15 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2020-01-02 19:50:15 ----A---- C:\Windows\SYSWOW64\CNC_ATU.dll
2020-01-02 19:50:15 ----A---- C:\Windows\SYSWOW64\CNC_ATL.dll
2020-01-02 19:50:15 ----A---- C:\Windows\system32\CNHMCA6.dll
2020-01-02 19:50:15 ----A---- C:\Windows\system32\CNC_ATL.dll
2020-01-02 19:50:15 ----A---- C:\Windows\system32\CNC_ATI.dll
2020-01-02 19:50:15 ----A---- C:\Windows\system32\CNC_ATC.dll
2020-01-02 19:50:07 ----A---- C:\Windows\system32\CNMLMAT.DLL
2020-01-02 19:50:05 ----A---- C:\Windows\system32\CNMIUAT.DLL
2020-01-02 19:50:05 ----A---- C:\Windows\system32\CNC_ATO.dll
2020-01-02 19:50:01 ----HD---- C:\Program Files\CanonBJ
======List of files/folders modified in the last 1 month======
2020-02-01 15:40:24 ----D---- C:\Program Files\trend micro
2020-02-01 15:40:23 ----D---- C:\Windows\Temp
2020-02-01 15:40:22 ----D---- C:\rsit
2020-02-01 15:37:00 ----D---- C:\Windows\SYSWOW64\Macromed
2020-02-01 14:49:34 ----D---- C:\Windows\system32\config
2020-02-01 14:42:14 ----D---- C:\Windows\System32
2020-02-01 14:42:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-02-01 14:42:09 ----D---- C:\Program Files (x86)\Steam
2020-02-01 14:42:08 ----D---- C:\Windows\inf
2020-02-01 14:42:08 ----D---- C:\Windows
2020-02-01 14:36:02 ----D---- C:\Windows\system32\drivers
2020-02-01 14:35:37 ----D---- C:\ProgramData\NVIDIA
2020-02-01 14:32:16 ----D---- C:\Program Files (x86)\TabletPlugins
2020-02-01 14:32:14 ----RD---- C:\Program Files
2020-02-01 14:32:02 ----D---- C:\Windows\system32\DriverStore
2020-02-01 14:31:55 ----D---- C:\Program Files\Tablet
2020-02-01 14:31:30 ----D---- C:\Windows\SysWOW64
2020-02-01 00:19:33 ----D---- C:\Users\jakub\AppData\Roaming\obs-studio
2020-01-31 13:38:27 ----SHD---- C:\System Volume Information
2020-01-31 13:22:29 ----D---- C:\Program Files\Defraggler
2020-01-31 12:56:23 ----D---- C:\Windows\system32\LogFiles
2020-01-31 12:34:54 ----D---- C:\Users\jakub\AppData\Roaming\com.madebysource.subtlepatterns
2020-01-31 12:34:53 ----D---- C:\Users\jakub\AppData\Roaming\subtlepatterns.com
2020-01-31 11:56:17 ----D---- C:\Windows\system32\catroot2
2020-01-31 11:51:47 ----D---- C:\Users\jakub\AppData\Roaming\Stardock
2020-01-31 11:51:46 ----D---- C:\ProgramData\NVIDIA Corporation
2020-01-31 11:51:43 ----SHD---- C:\Windows\Installer
2020-01-31 11:51:42 ----D---- C:\Windows\Panther
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\slobs-client
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\Kopsik
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\FEZ
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\ActiveDossierUploader
2020-01-31 11:51:35 ----D---- C:\Windows\system32\Msdtc
2020-01-31 11:51:35 ----D---- C:\Program Files\WOT replay analyser
2020-01-31 11:51:35 ----D---- C:\Program Files (x86)\Origin
2020-01-31 11:51:35 ----D---- C:\Program Files (x86)\FontForgeBuilds
2020-01-31 11:51:33 ----D---- C:\Windows\Logs
2020-01-31 11:51:33 ----D---- C:\Temp
2020-01-31 11:51:32 ----D---- C:\Users\jakub\AppData\Roaming\Skype
2020-01-31 11:51:30 ----D---- C:\Users\jakub\AppData\Roaming\discord
2020-01-31 11:51:29 ----D---- C:\Windows\Downloaded Program Files
2020-01-31 11:51:23 ----D---- C:\ProgramData\EA Logs
2020-01-31 11:50:42 ----RD---- C:\Program Files (x86)
2020-01-31 11:50:39 ----D---- C:\Windows\Help
2020-01-31 11:50:32 ----D---- C:\Windows\SYSWOW64\LogFiles
2020-01-30 15:57:09 ----D---- C:\Users\jakub\AppData\Roaming\Surviving Mars
2020-01-30 12:03:18 ----D---- C:\Program Files (x86)\Battle.net
2020-01-30 10:12:54 ----D---- C:\Program Files\LibreOffice
2020-01-30 10:12:48 ----SHD---- C:\Config.Msi
2020-01-30 09:46:28 ----RSD---- C:\Windows\Fonts
2020-01-29 21:52:24 ----D---- C:\Users\jakub\AppData\Roaming\The Witness
2020-01-29 09:46:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-28 21:08:46 ----D---- C:\Windows\system32\Tasks
2020-01-28 15:17:04 ----D---- C:\Windows\winsxs
2020-01-28 14:22:40 ----D---- C:\ProgramData\Avira
2020-01-28 14:22:40 ----D---- C:\Program Files (x86)\Avira
2020-01-28 14:20:33 ----D---- C:\Windows\Microsoft.NET
2020-01-28 14:09:51 ----D---- C:\ProgramData\Package Cache
2020-01-26 10:26:59 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-01-26 10:26:02 ----D---- C:\Program Files (x86)\Microsoft Office
2020-01-23 10:42:05 ----D---- C:\Users\jakub\AppData\Roaming\Dropbox
2020-01-23 00:54:52 ----D---- C:\Users\jakub\AppData\Roaming\vlc
2020-01-21 19:48:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2020-01-21 19:48:05 ----D---- C:\Windows\system32\Macromed
2020-01-16 19:20:18 ----D---- C:\Windows\debug
2020-01-15 18:42:22 ----D---- C:\Users\jakub\AppData\Roaming\Thunderbird
2020-01-15 10:42:09 ----D---- C:\Windows\system32\MRT
2020-01-15 10:37:15 ----AC---- C:\Windows\system32\MRT.exe
2020-01-15 10:35:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2020-01-03 21:01:31 ----RSD---- C:\Windows\assembly
2020-01-02 19:50:31 ----RSD---- C:\Windows\Media
2020-01-02 19:50:30 ----D---- C:\Windows\twain_32
2020-01-02 19:50:20 ----HD---- C:\ProgramData
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2019-06-15 68152]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2019-10-06 175808]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2019-02-26 36072]
R1 CPEPMon;CPEPMon; C:\Windows\system32\DRIVERS\CPEPMon.sys [2019-11-05 110880]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R1 epnetflt;Endpoint Security Network Filter Driver; \??\C:\Windows\system32\drivers\epnetflt.sys [2019-10-06 130336]
R1 epregflt;Endpoint Security Registry Filter Driver; \??\C:\Windows\system32\drivers\epregflt.sys [2019-05-01 132176]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2017-04-13 461240]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2019-12-27 222888]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-07-13 78600]
R2 cpbak;cpbak; C:\Windows\system32\DRIVERS\cpbak.sys [2019-11-05 66848]
R2 ISWKL;ISWKL; \??\C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [2019-08-12 65264]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2020-02-01 214496]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-08-11 482128]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-08-06 14136]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2020-02-01 248968]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2019-12-07 228792]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-10-01 74576]
R3 phantomtap;Phantom TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\phantomtap.sys [2020-01-08 35664]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2014-08-06 102200]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2014-08-06 15160]
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys []
S3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys []
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2019-09-10 88136]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-10-08 3147344]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-10-08 2914896]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2019-12-27 484768]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2019-12-27 484768]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2020-01-15 617520]
R2 AviraOptimizerHost;Avira Optimizer Host; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2020-01-08 2989536]
R2 AviraPhantomVPN;Avira Phantom VPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2020-01-08 379624]
R2 AviraSecurity;Avira Security; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [2020-01-22 240408]
R2 AviraUpdaterService;Avira Updater Service; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2019-12-23 150648]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-01-07 11164232]
R2 CPEFR;Check Point Endpoint EFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2019-11-27 2825976]
R2 CpSbaCipolla;Check Point Sandblast Agent Cipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [2019-10-29 33016]
R2 CpSbaUpdater;Check Point Sandblast Agent Updater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [2019-10-29 33016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 170824]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2019-12-28 6960640]
R2 McciCMService;McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-12-07 860608]
R2 RemediationService;Check Point Endpoint Remediation; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [2019-11-04 18168]
R2 TESvc;Check Point SandBlast Agent Threat Emulation; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [2019-11-04 301304]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2018-05-18 4292984]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2019-12-27 1210168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-08-19 154920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-01-21 335416]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2020-01-26 803456]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2019-05-06 791112]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2019-05-06 7172680]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe [2020-01-16 1113072]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-08-19 154920]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-04-25 116224]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-01-23 244936]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2017-11-10 2123104]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 214832]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-01-06 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2020-01-18 1756624]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-30 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2020-01-21 574848]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-11-10 3002728]
S4 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2019-12-30 66872]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola Rsit logu, laguje počítač
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola Rsit logu, laguje počítač
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kontrola Rsit logu, laguje počítač
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-01-2020
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1331 octets] - [10/04/2019 16:47:02]
AdwCleaner[C00].txt - [1479 octets] - [10/04/2019 16:47:41]
AdwCleaner[S01].txt - [1535 octets] - [01/02/2020 16:46:58]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-01-2020
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1331 octets] - [10/04/2019 16:47:02]
AdwCleaner[C00].txt - [1479 octets] - [10/04/2019 16:47:41]
AdwCleaner[S01].txt - [1535 octets] - [01/02/2020 16:46:58]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola Rsit logu, laguje počítač
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
:commands
[purity]
[emptytemp]
[emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kontrola Rsit logu, laguje počítač
All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1\\Description not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect\\Description not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: jakub
->Temp folder emptied: 8179568 bytes
->Temporary Internet Files folder emptied: 3114522 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 1090777946 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 59586 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65102276 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 143537036 bytes
Total Files Cleaned = 1 250,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: jakub
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 02022020_135356
Files moved on Reboot...
C:\Users\jakub\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\jakub\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\is-URNER.tmp\avira_speedup_setup_update.tmp moved successfully.
C:\Windows\temp\is-ABEB4.tmp\Avira.Optimizer.Common.Native.Library.dll moved successfully.
C:\Windows\temp\adobegc.log moved successfully.
C:\Windows\temp\JAKUB-PC-20200202-1012.log moved successfully.
C:\Windows\temp\mat-debug-2656.log moved successfully.
File C:\Windows\temp\officeclicktorun.exe_streamserver(20200202101232A60).log not found!
File C:\Windows\temp\ZLT01bb2.TMP not found!
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1\\Description not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect\\Description not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: jakub
->Temp folder emptied: 8179568 bytes
->Temporary Internet Files folder emptied: 3114522 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 1090777946 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 59586 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65102276 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 143537036 bytes
Total Files Cleaned = 1 250,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: jakub
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 02022020_135356
Files moved on Reboot...
C:\Users\jakub\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\jakub\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\is-URNER.tmp\avira_speedup_setup_update.tmp moved successfully.
C:\Windows\temp\is-ABEB4.tmp\Avira.Optimizer.Common.Native.Library.dll moved successfully.
C:\Windows\temp\adobegc.log moved successfully.
C:\Windows\temp\JAKUB-PC-20200202-1012.log moved successfully.
C:\Windows\temp\mat-debug-2656.log moved successfully.
File C:\Windows\temp\officeclicktorun.exe_streamserver(20200202101232A60).log not found!
File C:\Windows\temp\ZLT01bb2.TMP not found!
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kontrola Rsit logu, laguje počítač
Logfile of random's system information tool 1.10 (written by random/random)
Run by jakub at 2020-02-02 14:01:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (18%) free of 153 GB
Total RAM: 16351 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:01:10, on 2.2.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19355)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTime.Client.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
C:\Program Files\trend micro\jakub.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: Check Point Endpoint EFR (CPEFR) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
O23 - Service: Check Point Sandblast Agent Cipolla (CpSbaCipolla) - Unknown owner - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
O23 - Service: Check Point Sandblast Agent Updater (CpSbaUpdater) - Unknown owner - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Check Point Endpoint Remediation (RemediationService) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: Check Point SandBlast Agent Threat Emulation (TESvc) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: ZoneAlarm ICM NET Service (ZA NET ICM Service) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
O23 - Service: ZAAR Update Service (ZAARUpdateService) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 14334 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
taskeng.exe {413CF4E9-36E3-422B-8803-E80AD4C13736}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe"
"C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe"
"C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTimeOptimizer.exe" -norestore
\??\C:\Windows\system32\conhost.exe "-1423984307-137106099620978780291345860096-830971481-184752854117460221331319620575
"C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe"
"C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2896
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000008d8
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe"
"C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTime.Client.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" --type=collab-renderer --proc=6112
"C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Windows\SYSTEM32\WISPTIS.EXE" /ManualLaunch;
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe"
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Motive\McciCMService.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe" -s
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.0.467698570\823287590" -parentBuildID 20200117190643 -prefsHandle 1128 -prefMapHandle 1120 -prefsLen 1 -prefMapSize 373545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 1200 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.1.2136694599\269306082" -childID 1 -isForBrowser -prefsHandle 1784 -prefMapHandle 1780 -prefsLen 158 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 1796 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.13.1863095051\1588592983" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 2960 -prefsLen 6310 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 2976 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.20.823452763\88267010" -childID 3 -isForBrowser -prefsHandle 3252 -prefMapHandle 3248 -prefsLen 6310 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 3264 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.27.1764166444\2038677044" -childID 4 -isForBrowser -prefsHandle 3992 -prefMapHandle 2492 -prefsLen 7042 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 4068 tab
"C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe" /verysilent /nostart /norestart /suppressmsgboxes
"C:\Windows\TEMP\is-RK7BP.tmp\avira_speedup_setup_update.tmp" /SL5="$150102,27181987,257024,C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe" /verysilent /nostart /norestart /suppressmsgboxes
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.41.288802791\381542651" -childID 6 -isForBrowser -prefsHandle 1680 -prefMapHandle 776 -prefsLen 7089 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 3828 tab
"C:\Users\jakub\Desktop\RSITx64(1).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
wmiadap.exe /F /T /R
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000Core.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000UA.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\EPSON L365 Series Update {AE4F56D3-2240-448A-A7B8-AAEC33E384DF}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE /EXE:"{AE4F56D3-2240-448A-A7B8-AAEC33E384DF}" /F:"Update"
=========Mozilla firefox=========
ProfilePath - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "resource://firefox-at-usepanda-dot-com/data/index.html"
"web2pdfextension.17@acrobat.adobe.com"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.321 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.321 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\extensions\
staged
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13 210632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2020-01-13 993152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-19 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2020-01-13 694872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-19 141496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-11-19 24552064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2019-01-22 2410968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2019-11-19 24552064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe [2019-11-19 24552064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Discord]
C:\Users\jakub\AppData\Local\Discord\app-0.0.301\Discord.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EpicGamesLauncher]
C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [2020-01-30 36098448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GalaxyClient]
C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [2019-05-06 7606344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-12-11 563416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jakub^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe [2020-01-23 6261760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KNet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger=""C:\Program Files (x86)\System Explorer\SystemExplorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.FPS1"=frapsv64.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2020-02-02 13:57:31 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2020-02-02 13:57:13 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2020-02-01 18:04:55 ----D---- C:\Program Files (x86)\HD Tune
2020-02-01 14:38:43 ----D---- C:\Users\jakub\AppData\Roaming\wtablet
2020-02-01 14:32:14 ----D---- C:\Program Files\TabletPlugins
2020-02-01 14:31:55 ----A---- C:\Windows\system32\drivers\wacomrouterfilter.sys
2020-02-01 14:31:47 ----A---- C:\Windows\system32\drivers\wdfcoinstaller01009.dll
2020-02-01 14:31:47 ----A---- C:\Windows\system32\drivers\wachidrouter.sys
2020-02-01 14:31:47 ----A---- C:\Windows\system32\drivers\hidkmdf.sys
2020-01-28 10:10:13 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2020-01-23 11:28:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2020-01-08 11:21:06 ----A---- C:\Windows\system32\drivers\phantomtap.sys
======List of files/folders modified in the last 1 month======
2020-02-02 14:01:09 ----D---- C:\Windows\Temp
2020-02-02 14:01:07 ----D---- C:\Program Files\trend micro
2020-02-02 13:59:28 ----D---- C:\Windows
2020-02-02 13:57:32 ----D---- C:\Windows\system32\drivers
2020-02-02 13:56:52 ----D---- C:\ProgramData\NVIDIA
2020-02-02 13:55:36 ----D---- C:\Windows\system32\config
2020-02-02 10:19:03 ----D---- C:\Windows\System32
2020-02-02 10:19:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-02-02 10:19:00 ----D---- C:\Windows\inf
2020-02-02 04:02:51 ----D---- C:\Program Files (x86)\Steam
2020-02-02 01:37:00 ----D---- C:\Windows\SYSWOW64\Macromed
2020-02-02 01:31:03 ----D---- C:\Users\jakub\AppData\Roaming\obs-studio
2020-02-01 18:04:55 ----RD---- C:\Program Files (x86)
2020-02-01 16:56:09 ----D---- C:\Windows\system32\Tasks
2020-02-01 15:40:22 ----D---- C:\rsit
2020-02-01 14:32:16 ----D---- C:\Program Files (x86)\TabletPlugins
2020-02-01 14:32:14 ----RD---- C:\Program Files
2020-02-01 14:32:02 ----D---- C:\Windows\system32\DriverStore
2020-02-01 14:31:55 ----D---- C:\Program Files\Tablet
2020-02-01 14:31:30 ----D---- C:\Windows\SysWOW64
2020-01-31 13:38:27 ----SHD---- C:\System Volume Information
2020-01-31 13:22:29 ----D---- C:\Program Files\Defraggler
2020-01-31 12:56:23 ----D---- C:\Windows\system32\LogFiles
2020-01-31 12:34:54 ----D---- C:\Users\jakub\AppData\Roaming\com.madebysource.subtlepatterns
2020-01-31 12:34:53 ----D---- C:\Users\jakub\AppData\Roaming\subtlepatterns.com
2020-01-31 11:56:17 ----D---- C:\Windows\system32\catroot2
2020-01-31 11:51:47 ----D---- C:\Users\jakub\AppData\Roaming\Stardock
2020-01-31 11:51:46 ----D---- C:\ProgramData\NVIDIA Corporation
2020-01-31 11:51:43 ----SHD---- C:\Windows\Installer
2020-01-31 11:51:42 ----D---- C:\Windows\Panther
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\slobs-client
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\Kopsik
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\FEZ
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\ActiveDossierUploader
2020-01-31 11:51:35 ----D---- C:\Windows\system32\Msdtc
2020-01-31 11:51:35 ----D---- C:\Program Files\WOT replay analyser
2020-01-31 11:51:35 ----D---- C:\Program Files (x86)\Origin
2020-01-31 11:51:35 ----D---- C:\Program Files (x86)\FontForgeBuilds
2020-01-31 11:51:33 ----D---- C:\Windows\Logs
2020-01-31 11:51:33 ----D---- C:\Temp
2020-01-31 11:51:32 ----D---- C:\Users\jakub\AppData\Roaming\Skype
2020-01-31 11:51:30 ----D---- C:\Users\jakub\AppData\Roaming\discord
2020-01-31 11:51:29 ----D---- C:\Windows\Downloaded Program Files
2020-01-31 11:51:23 ----D---- C:\ProgramData\EA Logs
2020-01-31 11:50:39 ----D---- C:\Windows\Help
2020-01-31 11:50:32 ----D---- C:\Windows\SYSWOW64\LogFiles
2020-01-30 15:57:09 ----D---- C:\Users\jakub\AppData\Roaming\Surviving Mars
2020-01-30 12:03:18 ----D---- C:\Program Files (x86)\Battle.net
2020-01-30 10:12:54 ----D---- C:\Program Files\LibreOffice
2020-01-30 10:12:48 ----SHD---- C:\Config.Msi
2020-01-30 09:46:28 ----RSD---- C:\Windows\Fonts
2020-01-29 21:52:24 ----D---- C:\Users\jakub\AppData\Roaming\The Witness
2020-01-29 09:46:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-28 15:17:04 ----D---- C:\Windows\winsxs
2020-01-28 14:22:40 ----D---- C:\ProgramData\Avira
2020-01-28 14:22:40 ----D---- C:\Program Files (x86)\Avira
2020-01-28 14:20:33 ----D---- C:\Windows\Microsoft.NET
2020-01-28 14:09:51 ----D---- C:\ProgramData\Package Cache
2020-01-26 10:26:59 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-01-26 10:26:02 ----D---- C:\Program Files (x86)\Microsoft Office
2020-01-23 10:42:05 ----D---- C:\Users\jakub\AppData\Roaming\Dropbox
2020-01-23 00:54:52 ----D---- C:\Users\jakub\AppData\Roaming\vlc
2020-01-21 19:48:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2020-01-21 19:48:05 ----D---- C:\Windows\system32\Macromed
2020-01-16 19:20:18 ----D---- C:\Windows\debug
2020-01-15 18:42:22 ----D---- C:\Users\jakub\AppData\Roaming\Thunderbird
2020-01-15 10:42:09 ----D---- C:\Windows\system32\MRT
2020-01-15 10:37:15 ----AC---- C:\Windows\system32\MRT.exe
2020-01-15 10:35:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2020-01-03 21:01:31 ----RSD---- C:\Windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2019-06-15 68152]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2019-10-06 175808]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2019-02-26 36072]
R1 CPEPMon;CPEPMon; C:\Windows\system32\DRIVERS\CPEPMon.sys [2019-11-05 110880]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R1 epnetflt;Endpoint Security Network Filter Driver; \??\C:\Windows\system32\drivers\epnetflt.sys [2019-10-06 130336]
R1 epregflt;Endpoint Security Registry Filter Driver; \??\C:\Windows\system32\drivers\epregflt.sys [2019-05-01 132176]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2017-04-13 461240]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2019-12-27 222888]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-07-13 78600]
R2 cpbak;cpbak; C:\Windows\system32\DRIVERS\cpbak.sys [2019-11-05 66848]
R2 ISWKL;ISWKL; \??\C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [2019-08-12 65264]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2020-02-02 214496]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-08-11 482128]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-08-06 14136]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2020-02-02 248968]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2019-12-07 228792]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-10-01 74576]
R3 phantomtap;Phantom TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\phantomtap.sys [2020-01-08 35664]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2014-08-06 102200]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2014-08-06 15160]
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys []
S3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys []
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2019-09-10 88136]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-10-08 3147344]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-10-08 2914896]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2019-12-27 484768]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2019-12-27 484768]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2020-01-15 617520]
R2 AviraOptimizerHost;Avira Optimizer Host; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2020-01-08 2989536]
R2 AviraPhantomVPN;Avira Phantom VPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2020-01-08 379624]
R2 AviraSecurity;Avira Security; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [2020-01-22 240408]
R2 AviraUpdaterService;Avira Updater Service; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2019-12-23 150648]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-01-07 11164232]
R2 CPEFR;Check Point Endpoint EFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2019-11-27 2825976]
R2 CpSbaCipolla;Check Point Sandblast Agent Cipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [2019-10-29 33016]
R2 CpSbaUpdater;Check Point Sandblast Agent Updater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [2019-10-29 33016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 170824]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2019-12-28 6960640]
R2 McciCMService;McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-12-07 860608]
R2 RemediationService;Check Point Endpoint Remediation; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [2019-11-04 18168]
R2 TESvc;Check Point SandBlast Agent Threat Emulation; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [2019-11-04 301304]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2018-05-18 4292984]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2019-12-27 1210168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-08-19 154920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-01-21 335416]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2020-01-26 803456]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2019-05-06 791112]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2019-05-06 7172680]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe [2020-01-16 1113072]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-08-19 154920]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-04-25 116224]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-01-23 244936]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2017-11-10 2123104]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 214832]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-01-06 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2020-01-18 1756624]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-30 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2020-01-21 574848]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-11-10 3002728]
S4 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2019-12-30 66872]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
-----------------EOF-----------------
Run by jakub at 2020-02-02 14:01:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (18%) free of 153 GB
Total RAM: 16351 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:01:10, on 2.2.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19355)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTime.Client.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
C:\Program Files\trend micro\jakub.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: Check Point Endpoint EFR (CPEFR) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
O23 - Service: Check Point Sandblast Agent Cipolla (CpSbaCipolla) - Unknown owner - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
O23 - Service: Check Point Sandblast Agent Updater (CpSbaUpdater) - Unknown owner - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Check Point Endpoint Remediation (RemediationService) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: Check Point SandBlast Agent Threat Emulation (TESvc) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: ZoneAlarm ICM NET Service (ZA NET ICM Service) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
O23 - Service: ZAAR Update Service (ZAARUpdateService) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 14334 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
taskeng.exe {413CF4E9-36E3-422B-8803-E80AD4C13736}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe"
"C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe"
"C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTimeOptimizer.exe" -norestore
\??\C:\Windows\system32\conhost.exe "-1423984307-137106099620978780291345860096-830971481-184752854117460221331319620575
"C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe"
"C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2896
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000008d8
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe"
"C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTime.Client.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" --type=collab-renderer --proc=6112
"C:\Program Files\Mad Catz\RAT6\RAT6_Profiler.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Windows\SYSTEM32\WISPTIS.EXE" /ManualLaunch;
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe"
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Common Files\Motive\McciCMService.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe" -s
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe"
"C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.0.467698570\823287590" -parentBuildID 20200117190643 -prefsHandle 1128 -prefMapHandle 1120 -prefsLen 1 -prefMapSize 373545 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 1200 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.1.2136694599\269306082" -childID 1 -isForBrowser -prefsHandle 1784 -prefMapHandle 1780 -prefsLen 158 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 1796 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.13.1863095051\1588592983" -childID 2 -isForBrowser -prefsHandle 2964 -prefMapHandle 2960 -prefsLen 6310 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 2976 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.20.823452763\88267010" -childID 3 -isForBrowser -prefsHandle 3252 -prefMapHandle 3248 -prefsLen 6310 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 3264 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.27.1764166444\2038677044" -childID 4 -isForBrowser -prefsHandle 3992 -prefMapHandle 2492 -prefsLen 7042 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 4068 tab
"C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe" /verysilent /nostart /norestart /suppressmsgboxes
"C:\Windows\TEMP\is-RK7BP.tmp\avira_speedup_setup_update.tmp" /SL5="$150102,27181987,257024,C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe" /verysilent /nostart /norestart /suppressmsgboxes
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7060.41.288802791\381542651" -childID 6 -isForBrowser -prefsHandle 1680 -prefMapHandle 776 -prefsLen 7089 -prefMapSize 373545 -parentBuildID 20200117190643 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 7060 "\\.\pipe\gecko-crash-server-pipe.7060" 3828 tab
"C:\Users\jakub\Desktop\RSITx64(1).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
wmiadap.exe /F /T /R
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000Core.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3719608471-1457720249-86965872-1000UA.job - C:\Users\jakub\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\EPSON L365 Series Update {AE4F56D3-2240-448A-A7B8-AAEC33E384DF}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNYE.EXE /EXE:"{AE4F56D3-2240-448A-A7B8-AAEC33E384DF}" /F:"Update"
=========Mozilla firefox=========
ProfilePath - C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "resource://firefox-at-usepanda-dot-com/data/index.html"
"web2pdfextension.17@acrobat.adobe.com"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.321 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.321 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
C:\Users\jakub\AppData\Roaming\Mozilla\Firefox\Profiles\nlhpu5mp.default\extensions\
staged
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13 210632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23 571968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2020-01-13 993152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23 235584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-19 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2020-01-13 694872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-19 141496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-11-19 24552064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2019-01-22 2410968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2019-11-19 24552064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Smart Cleaning]
C:\Program Files\CCleaner\CCleaner64.exe [2019-11-19 24552064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Discord]
C:\Users\jakub\AppData\Local\Discord\app-0.0.301\Discord.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EpicGamesLauncher]
C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [2020-01-30 36098448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GalaxyClient]
C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [2019-05-06 7606344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-12-11 563416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jakub^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe [2020-01-23 6261760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KNet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger=""C:\Program Files (x86)\System Explorer\SystemExplorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.FPS1"=frapsv64.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2020-02-02 13:57:31 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2020-02-02 13:57:13 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2020-02-01 18:04:55 ----D---- C:\Program Files (x86)\HD Tune
2020-02-01 14:38:43 ----D---- C:\Users\jakub\AppData\Roaming\wtablet
2020-02-01 14:32:14 ----D---- C:\Program Files\TabletPlugins
2020-02-01 14:31:55 ----A---- C:\Windows\system32\drivers\wacomrouterfilter.sys
2020-02-01 14:31:47 ----A---- C:\Windows\system32\drivers\wdfcoinstaller01009.dll
2020-02-01 14:31:47 ----A---- C:\Windows\system32\drivers\wachidrouter.sys
2020-02-01 14:31:47 ----A---- C:\Windows\system32\drivers\hidkmdf.sys
2020-01-28 10:10:13 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2020-01-23 11:28:23 ----D---- C:\Program Files (x86)\Mozilla Firefox
2020-01-08 11:21:06 ----A---- C:\Windows\system32\drivers\phantomtap.sys
======List of files/folders modified in the last 1 month======
2020-02-02 14:01:09 ----D---- C:\Windows\Temp
2020-02-02 14:01:07 ----D---- C:\Program Files\trend micro
2020-02-02 13:59:28 ----D---- C:\Windows
2020-02-02 13:57:32 ----D---- C:\Windows\system32\drivers
2020-02-02 13:56:52 ----D---- C:\ProgramData\NVIDIA
2020-02-02 13:55:36 ----D---- C:\Windows\system32\config
2020-02-02 10:19:03 ----D---- C:\Windows\System32
2020-02-02 10:19:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-02-02 10:19:00 ----D---- C:\Windows\inf
2020-02-02 04:02:51 ----D---- C:\Program Files (x86)\Steam
2020-02-02 01:37:00 ----D---- C:\Windows\SYSWOW64\Macromed
2020-02-02 01:31:03 ----D---- C:\Users\jakub\AppData\Roaming\obs-studio
2020-02-01 18:04:55 ----RD---- C:\Program Files (x86)
2020-02-01 16:56:09 ----D---- C:\Windows\system32\Tasks
2020-02-01 15:40:22 ----D---- C:\rsit
2020-02-01 14:32:16 ----D---- C:\Program Files (x86)\TabletPlugins
2020-02-01 14:32:14 ----RD---- C:\Program Files
2020-02-01 14:32:02 ----D---- C:\Windows\system32\DriverStore
2020-02-01 14:31:55 ----D---- C:\Program Files\Tablet
2020-02-01 14:31:30 ----D---- C:\Windows\SysWOW64
2020-01-31 13:38:27 ----SHD---- C:\System Volume Information
2020-01-31 13:22:29 ----D---- C:\Program Files\Defraggler
2020-01-31 12:56:23 ----D---- C:\Windows\system32\LogFiles
2020-01-31 12:34:54 ----D---- C:\Users\jakub\AppData\Roaming\com.madebysource.subtlepatterns
2020-01-31 12:34:53 ----D---- C:\Users\jakub\AppData\Roaming\subtlepatterns.com
2020-01-31 11:56:17 ----D---- C:\Windows\system32\catroot2
2020-01-31 11:51:47 ----D---- C:\Users\jakub\AppData\Roaming\Stardock
2020-01-31 11:51:46 ----D---- C:\ProgramData\NVIDIA Corporation
2020-01-31 11:51:43 ----SHD---- C:\Windows\Installer
2020-01-31 11:51:42 ----D---- C:\Windows\Panther
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\slobs-client
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\Kopsik
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\FEZ
2020-01-31 11:51:42 ----D---- C:\Users\jakub\AppData\Roaming\ActiveDossierUploader
2020-01-31 11:51:35 ----D---- C:\Windows\system32\Msdtc
2020-01-31 11:51:35 ----D---- C:\Program Files\WOT replay analyser
2020-01-31 11:51:35 ----D---- C:\Program Files (x86)\Origin
2020-01-31 11:51:35 ----D---- C:\Program Files (x86)\FontForgeBuilds
2020-01-31 11:51:33 ----D---- C:\Windows\Logs
2020-01-31 11:51:33 ----D---- C:\Temp
2020-01-31 11:51:32 ----D---- C:\Users\jakub\AppData\Roaming\Skype
2020-01-31 11:51:30 ----D---- C:\Users\jakub\AppData\Roaming\discord
2020-01-31 11:51:29 ----D---- C:\Windows\Downloaded Program Files
2020-01-31 11:51:23 ----D---- C:\ProgramData\EA Logs
2020-01-31 11:50:39 ----D---- C:\Windows\Help
2020-01-31 11:50:32 ----D---- C:\Windows\SYSWOW64\LogFiles
2020-01-30 15:57:09 ----D---- C:\Users\jakub\AppData\Roaming\Surviving Mars
2020-01-30 12:03:18 ----D---- C:\Program Files (x86)\Battle.net
2020-01-30 10:12:54 ----D---- C:\Program Files\LibreOffice
2020-01-30 10:12:48 ----SHD---- C:\Config.Msi
2020-01-30 09:46:28 ----RSD---- C:\Windows\Fonts
2020-01-29 21:52:24 ----D---- C:\Users\jakub\AppData\Roaming\The Witness
2020-01-29 09:46:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-28 15:17:04 ----D---- C:\Windows\winsxs
2020-01-28 14:22:40 ----D---- C:\ProgramData\Avira
2020-01-28 14:22:40 ----D---- C:\Program Files (x86)\Avira
2020-01-28 14:20:33 ----D---- C:\Windows\Microsoft.NET
2020-01-28 14:09:51 ----D---- C:\ProgramData\Package Cache
2020-01-26 10:26:59 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-01-26 10:26:02 ----D---- C:\Program Files (x86)\Microsoft Office
2020-01-23 10:42:05 ----D---- C:\Users\jakub\AppData\Roaming\Dropbox
2020-01-23 00:54:52 ----D---- C:\Users\jakub\AppData\Roaming\vlc
2020-01-21 19:48:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2020-01-21 19:48:05 ----D---- C:\Windows\system32\Macromed
2020-01-16 19:20:18 ----D---- C:\Windows\debug
2020-01-15 18:42:22 ----D---- C:\Users\jakub\AppData\Roaming\Thunderbird
2020-01-15 10:42:09 ----D---- C:\Windows\system32\MRT
2020-01-15 10:37:15 ----AC---- C:\Windows\system32\MRT.exe
2020-01-15 10:35:41 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2020-01-03 21:01:31 ----RSD---- C:\Windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2019-06-15 68152]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2019-10-06 175808]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2019-02-26 36072]
R1 CPEPMon;CPEPMon; C:\Windows\system32\DRIVERS\CPEPMon.sys [2019-11-05 110880]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R1 epnetflt;Endpoint Security Network Filter Driver; \??\C:\Windows\system32\drivers\epnetflt.sys [2019-10-06 130336]
R1 epregflt;Endpoint Security Registry Filter Driver; \??\C:\Windows\system32\drivers\epregflt.sys [2019-05-01 132176]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2017-04-13 461240]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2019-12-27 222888]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-07-13 78600]
R2 cpbak;cpbak; C:\Windows\system32\DRIVERS\cpbak.sys [2019-11-05 66848]
R2 ISWKL;ISWKL; \??\C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [2019-08-12 65264]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2020-02-02 214496]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-08-11 482128]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-08-06 14136]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2020-02-02 248968]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2019-12-07 228792]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-10-01 74576]
R3 phantomtap;Phantom TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\phantomtap.sys [2020-01-08 35664]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2014-08-06 102200]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2014-08-06 15160]
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2009-02-17 17792]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys []
S3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys []
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2019-09-10 88136]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-10-08 3147344]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-10-08 2914896]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2019-12-27 484768]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2019-12-27 484768]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2020-01-15 617520]
R2 AviraOptimizerHost;Avira Optimizer Host; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2020-01-08 2989536]
R2 AviraPhantomVPN;Avira Phantom VPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2020-01-08 379624]
R2 AviraSecurity;Avira Security; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [2020-01-22 240408]
R2 AviraUpdaterService;Avira Updater Service; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2019-12-23 150648]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-01-07 11164232]
R2 CPEFR;Check Point Endpoint EFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2019-11-27 2825976]
R2 CpSbaCipolla;Check Point Sandblast Agent Cipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [2019-10-29 33016]
R2 CpSbaUpdater;Check Point Sandblast Agent Updater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [2019-10-29 33016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 170824]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2019-12-28 6960640]
R2 McciCMService;McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-12-07 860608]
R2 RemediationService;Check Point Endpoint Remediation; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [2019-11-04 18168]
R2 TESvc;Check Point SandBlast Agent Threat Emulation; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [2019-11-04 301304]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2018-05-18 4292984]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2019-12-27 1210168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-08-19 154920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-01-21 335416]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2020-01-26 803456]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2019-05-06 791112]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2019-05-06 7172680]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe [2020-01-16 1113072]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-08-19 154920]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-04-25 116224]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-01-23 244936]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2017-11-10 2123104]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 214832]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-01-06 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2020-01-18 1756624]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2012-11-25 821720]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-30 1255736]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2020-01-21 574848]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-10-01 139264]
S4 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-11-10 3002728]
S4 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2019-12-30 66872]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola Rsit logu, laguje počítač
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kontrola Rsit logu, laguje počítač
Zdravím, bohužel nepomohlo. Mám podezření na hardware, pravděpodobně zdroj.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola Rsit logu, laguje počítač
O zdroji pochybuji, to by PC padal, nebo nešel spustit. Udělejte sken CrystalDiskInfo: https://www.instaluj.cz/crystaldiskinfo a přes Úpravy>Kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kontrola Rsit logu, laguje počítač
Zdroj začal totiž vrčet, myslel jsem, že odchází větráček, ale mám podezření, že odchází celej. Disky by měli být snad v pořádku. Ještě jedna věc – před měsícem mi jeden HD odešel a nevím jestli v registrech nezůstal bordel po nainstalovanejch hrách, co na něm byli, i když jsem zkoušel pročistit CCleanerem.
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2020/02/02 18:11:32
-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) Desktop/Workstation/Server Express Chipset SATA AHCI Controller [ATA]
- WDC WD20EARX-00PASB0
- INTEL SSDSA2BW160G3H
- HL-DT-ST DVDRAM GH22NS40
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Virtual CloneDrive [SCSI]
- ELBY CLONEDRIVE SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD20EARX-00PASB0 : 2000,3 GB [0/0/0, pd1] - wd
(2) INTEL SSDSA2BW160G3H : 160,0 GB [1/0/1, pd1] - il
----------------------------------------------------------------------------
(1) WDC WD20EARX-00PASB0
----------------------------------------------------------------------------
Model : WDC WD20EARX-00PASB0
Firmware : 51.0AB51
Serial Number : WD-WMAZA7301336
Disk Size : 2000,3 GB (8,4/137,4/2000,3/2000,3)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 25860 hod.
Power On Count : 2520 krát
Temperature : 30 C (86 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
Drive Letter : E: F:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 166 163 _21 000000001A13 Čas na roztočení ploten
04 _92 _92 __0 00000000227D Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _65 _65 __0 000000006504 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 0000000009D8 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000104 Počet vypnutí disku
C1 _45 _45 __0 0000000719AD Počet cyklů načítání/vymazání
C2 120 _99 __0 00000000001E Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 415A 4137 3330 3133 3336
020: 0000 0000 0032 3531 2E30 4142 3531 5744 4320 5744
030: 3230 4541 5258 2D30 3050 4153 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0006 0044 0044
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 407F 00CC
090: 00CC 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 0000 6003 0000 5001 4EE2
110: 5C1C 740A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6EA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 A6 A3 13 1A 00 00 00 00 00 04 32 00 5C 5C 7D
020: 22 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 41 41 04 65 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 D8 09 00 00 00 00 00 C0 32
070: 00 C8 C8 04 01 00 00 00 00 00 C1 32 00 2D 2D AD
080: 19 07 00 00 00 00 C2 22 00 78 63 1E 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 18 9C 01 7B
170: 03 00 01 00 02 FF 05 81 01 00 00 00 00 00 00 00
180: 00 00 01 06 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 25
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 C8 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 C8 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 C8 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AD
----------------------------------------------------------------------------
(2) INTEL SSDSA2BW160G3H
----------------------------------------------------------------------------
Model : INTEL SSDSA2BW160G3H
Firmware : 4PC10365
Serial Number : CVPR140405ET160DGN
Disk Size : 160,0 GB (8,4/137,4/160,0/160,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : ---- | SATA/300
Power On Hours : 2995 hod.
Power On Count : 3216 krát
Host Reads : 31753 GB
Host Writes : 55986 GB
Temperature : Neznámy údaj
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM
APM Level : ----
AAM Level : ----
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 100 100 __0 000000000000 Čas na roztočení ploten
04 100 100 __0 000000000000 Počet spuštění/zastavení
05 100 100 __0 000000000000 Počet přemapovaných sektorů
09 100 100 __0 000000000BB3 Zapnuto hodin
0C 100 100 __0 000000000C90 Počet cyklů zapnutí zařízení
AA 100 100 _10 000000000000 Available Reserved Space
AB 100 100 __0 000000000000 Program Fail Count
AC 100 100 __0 000000000000 Erase Fail Count
B7 100 100 _10 000000000309 SATA Downshift Count
B8 100 100 _97 000000000000 End to End Error Detection Count
BB 100 100 __0 000000000000 Uncorrectable Error Count
C0 100 100 __0 000000000044 Unsafe Shutdown Count
C7 100 100 __0 00000000001D CRC Error Count
E1 100 100 __0 0000001B5646 Host Writes
E2 100 100 __0 00000000FFFF Timed Workload Media Wear
E3 100 100 __0 00000000FFFF Timed Workload Host Read/Write Ratio
E4 100 100 __0 00000000FFFF Timed Workload Timer
E8 100 100 _10 000000000000 Dostupný vyhrazený prostor
E9 _93 _93 __0 000000000000 Mediální indikátor poruch
F1 100 100 __0 0000001B5646 Total LBAs Written
F2 100 100 __0 0000000F8123 Total LBAs Read
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 4356 5052 3134 3034 3035 4554 3136 3044 474E 2020
020: 0000 0000 0000 3450 4331 3033 3635 494E 5445 4C20
030: 5353 4453 4132 4257 3136 3047 3348 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4020
070: 0000 0000 0000 0000 0000 001F 0506 0000 0048 0048
080: 01FC 0029 706B 7C01 4123 7069 BC01 4123 407F 0001
090: 0001 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0008 4000 0000 5001 5179
110: 596E A742 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0001
130: 1770 0BB7 1770 1770 1770 0BB7 0FA0 0FA0 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 9DA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 05 00 03 20 00 64 64 00 00 00 00 00 00 00 04 30
010: 00 64 64 00 00 00 00 00 00 00 05 32 00 64 64 00
020: 00 00 00 00 00 00 09 32 00 64 64 B3 0B 00 00 00
030: 00 00 0C 32 00 64 64 90 0C 00 00 00 00 00 AA 33
040: 00 64 64 00 00 00 00 00 00 00 AB 32 00 64 64 00
050: 00 00 00 00 00 00 AC 32 00 64 64 00 00 00 00 00
060: 00 00 B7 32 00 64 64 09 03 00 00 00 00 00 B8 33
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 C0 32 00 64 64 44 00 00 00 00
090: 00 00 C7 36 00 64 64 1D 00 00 00 00 00 00 E1 32
0A0: 00 64 64 46 56 1B 00 00 00 00 E2 32 00 64 64 FF
0B0: FF 00 00 00 00 00 E3 32 00 64 64 FF FF 00 00 00
0C0: 00 00 E4 32 00 64 64 FF FF 00 00 00 00 00 E8 33
0D0: 00 64 64 00 00 00 00 00 00 00 E9 32 00 5D 5D 00
0E0: 00 00 00 00 00 00 F1 32 00 64 64 46 56 1B 00 00
0F0: 00 00 F2 32 00 64 64 23 81 0F 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 75
170: 03 00 01 00 01 16 01 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 05 00 03 00 00 00 00 00 00 00 00 00 00 00 04 00
010: 00 00 00 00 00 00 00 00 00 00 05 00 00 00 00 00
020: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
030: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 AA 0A
040: 00 00 00 00 00 00 00 00 00 00 AB 00 00 00 00 00
050: 00 00 00 00 00 00 AC 00 00 00 00 00 00 00 00 00
060: 00 00 B7 0A 00 00 00 00 00 00 00 00 00 00 B8 61
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 E1 00
0A0: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00
0B0: 00 00 00 00 00 00 E3 00 00 00 00 00 00 00 00 00
0C0: 00 00 E4 00 00 00 00 00 00 00 00 00 00 00 E8 0A
0D0: 00 00 00 00 00 00 00 00 00 00 E9 00 00 00 00 00
0E0: 00 00 00 00 00 00 F1 00 00 00 00 00 00 00 00 00
0F0: 00 00 F2 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6B
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2020/02/02 18:11:32
-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) Desktop/Workstation/Server Express Chipset SATA AHCI Controller [ATA]
- WDC WD20EARX-00PASB0
- INTEL SSDSA2BW160G3H
- HL-DT-ST DVDRAM GH22NS40
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Virtual CloneDrive [SCSI]
- ELBY CLONEDRIVE SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD20EARX-00PASB0 : 2000,3 GB [0/0/0, pd1] - wd
(2) INTEL SSDSA2BW160G3H : 160,0 GB [1/0/1, pd1] - il
----------------------------------------------------------------------------
(1) WDC WD20EARX-00PASB0
----------------------------------------------------------------------------
Model : WDC WD20EARX-00PASB0
Firmware : 51.0AB51
Serial Number : WD-WMAZA7301336
Disk Size : 2000,3 GB (8,4/137,4/2000,3/2000,3)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 25860 hod.
Power On Count : 2520 krát
Temperature : 30 C (86 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
Drive Letter : E: F:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 166 163 _21 000000001A13 Čas na roztočení ploten
04 _92 _92 __0 00000000227D Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _65 _65 __0 000000006504 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 0000000009D8 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000104 Počet vypnutí disku
C1 _45 _45 __0 0000000719AD Počet cyklů načítání/vymazání
C2 120 _99 __0 00000000001E Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 415A 4137 3330 3133 3336
020: 0000 0000 0032 3531 2E30 4142 3531 5744 4320 5744
030: 3230 4541 5258 2D30 3050 4153 4230 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0006 0044 0044
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 407F 00CC
090: 00CC 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 0000 6003 0000 5001 4EE2
110: 5C1C 740A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6EA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 A6 A3 13 1A 00 00 00 00 00 04 32 00 5C 5C 7D
020: 22 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 41 41 04 65 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 D8 09 00 00 00 00 00 C0 32
070: 00 C8 C8 04 01 00 00 00 00 00 C1 32 00 2D 2D AD
080: 19 07 00 00 00 00 C2 22 00 78 63 1E 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 18 9C 01 7B
170: 03 00 01 00 02 FF 05 81 01 00 00 00 00 00 00 00
180: 00 00 01 06 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 25
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 C8 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 C8 C8 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 C8 C8 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AD
----------------------------------------------------------------------------
(2) INTEL SSDSA2BW160G3H
----------------------------------------------------------------------------
Model : INTEL SSDSA2BW160G3H
Firmware : 4PC10365
Serial Number : CVPR140405ET160DGN
Disk Size : 160,0 GB (8,4/137,4/160,0/160,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : ---- | SATA/300
Power On Hours : 2995 hod.
Power On Count : 3216 krát
Host Reads : 31753 GB
Host Writes : 55986 GB
Temperature : Neznámy údaj
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM
APM Level : ----
AAM Level : ----
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 100 100 __0 000000000000 Čas na roztočení ploten
04 100 100 __0 000000000000 Počet spuštění/zastavení
05 100 100 __0 000000000000 Počet přemapovaných sektorů
09 100 100 __0 000000000BB3 Zapnuto hodin
0C 100 100 __0 000000000C90 Počet cyklů zapnutí zařízení
AA 100 100 _10 000000000000 Available Reserved Space
AB 100 100 __0 000000000000 Program Fail Count
AC 100 100 __0 000000000000 Erase Fail Count
B7 100 100 _10 000000000309 SATA Downshift Count
B8 100 100 _97 000000000000 End to End Error Detection Count
BB 100 100 __0 000000000000 Uncorrectable Error Count
C0 100 100 __0 000000000044 Unsafe Shutdown Count
C7 100 100 __0 00000000001D CRC Error Count
E1 100 100 __0 0000001B5646 Host Writes
E2 100 100 __0 00000000FFFF Timed Workload Media Wear
E3 100 100 __0 00000000FFFF Timed Workload Host Read/Write Ratio
E4 100 100 __0 00000000FFFF Timed Workload Timer
E8 100 100 _10 000000000000 Dostupný vyhrazený prostor
E9 _93 _93 __0 000000000000 Mediální indikátor poruch
F1 100 100 __0 0000001B5646 Total LBAs Written
F2 100 100 __0 0000000F8123 Total LBAs Read
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 4356 5052 3134 3034 3035 4554 3136 3044 474E 2020
020: 0000 0000 0000 3450 4331 3033 3635 494E 5445 4C20
030: 5353 4453 4132 4257 3136 3047 3348 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4020
070: 0000 0000 0000 0000 0000 001F 0506 0000 0048 0048
080: 01FC 0029 706B 7C01 4123 7069 BC01 4123 407F 0001
090: 0001 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0008 4000 0000 5001 5179
110: 596E A742 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0001
130: 1770 0BB7 1770 1770 1770 0BB7 0FA0 0FA0 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 9DA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 05 00 03 20 00 64 64 00 00 00 00 00 00 00 04 30
010: 00 64 64 00 00 00 00 00 00 00 05 32 00 64 64 00
020: 00 00 00 00 00 00 09 32 00 64 64 B3 0B 00 00 00
030: 00 00 0C 32 00 64 64 90 0C 00 00 00 00 00 AA 33
040: 00 64 64 00 00 00 00 00 00 00 AB 32 00 64 64 00
050: 00 00 00 00 00 00 AC 32 00 64 64 00 00 00 00 00
060: 00 00 B7 32 00 64 64 09 03 00 00 00 00 00 B8 33
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 C0 32 00 64 64 44 00 00 00 00
090: 00 00 C7 36 00 64 64 1D 00 00 00 00 00 00 E1 32
0A0: 00 64 64 46 56 1B 00 00 00 00 E2 32 00 64 64 FF
0B0: FF 00 00 00 00 00 E3 32 00 64 64 FF FF 00 00 00
0C0: 00 00 E4 32 00 64 64 FF FF 00 00 00 00 00 E8 33
0D0: 00 64 64 00 00 00 00 00 00 00 E9 32 00 5D 5D 00
0E0: 00 00 00 00 00 00 F1 32 00 64 64 46 56 1B 00 00
0F0: 00 00 F2 32 00 64 64 23 81 0F 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 75
170: 03 00 01 00 01 16 01 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 05 00 03 00 00 00 00 00 00 00 00 00 00 00 04 00
010: 00 00 00 00 00 00 00 00 00 00 05 00 00 00 00 00
020: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
030: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 AA 0A
040: 00 00 00 00 00 00 00 00 00 00 AB 00 00 00 00 00
050: 00 00 00 00 00 00 AC 00 00 00 00 00 00 00 00 00
060: 00 00 B7 0A 00 00 00 00 00 00 00 00 00 00 B8 61
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 E1 00
0A0: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00
0B0: 00 00 00 00 00 00 E3 00 00 00 00 00 00 00 00 00
0C0: 00 00 E4 00 00 00 00 00 00 00 00 00 00 00 E8 0A
0D0: 00 00 00 00 00 00 00 00 00 00 E9 00 00 00 00 00
0E0: 00 00 00 00 00 00 F1 00 00 00 00 00 00 00 00 00
0F0: 00 00 F2 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6B
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola Rsit logu, laguje počítač
Disky jsou opravdu v pořádku. Zkuste ještě defragmentovat systémový disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kontrola Rsit logu, laguje počítač
Systém je na SSD. To by se defragmentovat nemělo, co vím. Ale zkoušel jsem jeho optimalizaci pomocí Defraggleru a nepomohlo to. Zítra zkusím jiný zdroj a uvidím, co dál.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola Rsit logu, laguje počítač
OK, nevěděl jsem, na kterém disku máte systém. Zdroj zkusit můžete, ale osobně o úspěchu pochybuji. Ještě můžete defragmentovat registry: https://www.instaluj.cz/winutilities-fr ... try-defrag .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
out_of_space
- Návštěvník
- Příspěvky: 110
- Registrován: 01 srp 2010 19:45
Re: kontrola Rsit logu, laguje počítač
Tak ani defrag registrů ani nový zdroj nepomohly. Tak už nevím.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola Rsit logu, laguje počítač
V tom případě zkuste obnovu systému k datu, kdy korektně fungoval, popř. opravu systému pomocí WindowsRepair: https://stahnu.cz/optimalizace-a-diagno ... ir#prehled . Před případnou opravou doporučuji udělat zálohu dat. Pokud by nepomohlo nic, pak už zbude jen reinstal systému..
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?