Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu - podozrivé správanie

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
IVIarkI2I
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 20 črc 2008 15:56

Kontrola logu - podozrivé správanie

#1 Příspěvek od IVIarkI2I »

Zdravím,

už dlhšiu dobu mám podozrenie , že v notebooku je háveď antivír nič nenašiel ale napr google mi dáva niekedy na vypisovanie captcha a niekedy je naozaj nenormálne pomalý komp a hlavne firefox ,ktorý používam raz mi dokonca veľmi zaujímavo začala blikať obrazovka tak by som to rád poriadne preveril u Vás :thumbsup:

ďakujem za odpoveď

Logfile of random's system information tool 1.10 (written by random/random)
Run by Marek at 2017-02-10 22:15:30
Microsoft Windows 10 Home
System drive C: has 35 GB (12%) free of 300 GB
Total RAM: 16300 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:15:33, on 10.02.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\TimeDoctorLite\timedoctorlite.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe
C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
C:\Program Files\trend micro\Marek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [ACDSeeCommanderUltimate9] C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_76888AFBA486CCF068F690F0F6295975] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [TimeDoctorLite] C:\Program Files (x86)\TimeDoctorLite\timedoctorlite.exe -autostarted
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Slack.lnk = C:\Users\Marek\AppData\Local\slack\slack.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files\Microsoft Office\Office16\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CCSDK - Lenovo - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @oem122.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2017 64-bit (mi-raysat_3dsmax2017_64) - Unknown owner - E:\3Ds MAX\3ds Max 2017\raysat_3dsmax2017_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - Unknown owner - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14185 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
"dwm.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7f2c7ab5-7a27-4922-b83f-9b92f065d075 -SystemEventPortName:HostProcess-004e946a-f790-4137-a819-e8ee3adb20d1 -IoCancelEventPortName:HostProcess-5d5816a2-8737-467b-8066-d280c60112af -NonStateChangingEventPortName:HostProcess-22d1cd85-e1fc-413b-9c63-fa10546a18a7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f00bdd15-2413-4bd7-a88b-78183b972c3d -DeviceGroupId:
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
dashost.exe {34d7a9db-7203-4f3d-95706f17dfd6364b}
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\WINDOWS\system32\ibtsiva
C:\WINDOWS\system32\WLANExt.exe 2529144839040
"C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADONISCE30\MSSQL\Binn\sqlservr.exe" -sADONISCE30
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"

"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\LenovoUtility\utility.exe"
"C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\acdIDInTouch2.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe"
"C:\Program Files (x86)\TimeDoctorLite\timedoctorlite.exe" -autostarted
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
-a "--startup"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe --reporter-url=https://slack.com/apps/breakpad --application-name=Slack "--crashes-directory=C:\Users\Marek\AppData\Roaming\Slack\temp\Slack Crashes" --v=1
"C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe" --type=renderer --disable-pinch --enable-use-zoom-for-dsf=false --no-sandbox --primordial-pipe-token=DB2A434E2DC6BAFCFA91857EE6322BD2 --lang=sk --standard-schemes=slack-resources,slack-webapp-dev --app-user-model-id=com.squirrel.slack.slack --node-integration=true --preload="C:\Users\Marek\AppData\Local\slack\app-2.4.1\resources\app.asar\src\static\index.js" --hidden-page --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=545CEF8A5D71918AB6038A4B3AC2407A --mojo-application-channel-token=DB2A434E2DC6BAFCFA91857EE6322BD2 --channel="10656.2.147861050\782532691" --mojo-platform-channel-handle=1812 /prefetch:1
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe" --type=renderer --disable-pinch --enable-use-zoom-for-dsf=false --no-sandbox --primordial-pipe-token=9EF13A6D599EDD71772E65ACBBFD62B2 --lang=sk --standard-schemes=slack-resources,slack-webapp-dev --app-user-model-id=com.squirrel.slack.slack --node-integration=false --preload="C:\Users\Marek\AppData\Local\slack\app-2.4.1\resources\app.asar\src\static\ssb-interop" --guest-instance-id=1 --enable-blink-features --disable-blink-features --hidden-page --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=D46F4F29641B88AB46000BF5FC887441 --mojo-application-channel-token=9EF13A6D599EDD71772E65ACBBFD62B2 --channel="10656.4.1273071937\1862227624" --mojo-platform-channel-handle=3192 /prefetch:1
"C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe" --type=renderer --disable-pinch --enable-use-zoom-for-dsf=false --no-sandbox --primordial-pipe-token=8CBADD20BF906FF228A05E8EA6E309C7 --lang=sk --standard-schemes=slack-resources,slack-webapp-dev --app-user-model-id=com.squirrel.slack.slack --node-integration=false --preload="C:\Users\Marek\AppData\Local\slack\app-2.4.1\resources\app.asar\src\static\ssb-interop" --guest-instance-id=2 --enable-blink-features --disable-blink-features --hidden-page --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=3BD4A3A948CB5DBDF8E015FB0A7BF4DE --mojo-application-channel-token=8CBADD20BF906FF228A05E8EA6E309C7 --channel="10656.5.540317408\948895066" --mojo-platform-channel-handle=3284 /prefetch:1
"C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe" --type=renderer --disable-pinch --enable-use-zoom-for-dsf=false --no-sandbox --primordial-pipe-token=74673DB56A41CBCF39511B6AF22D8DC4 --lang=sk --standard-schemes=slack-resources,slack-webapp-dev --app-user-model-id=com.squirrel.slack.slack --node-integration=false --preload="C:\Users\Marek\AppData\Local\slack\app-2.4.1\resources\app.asar\src\static\ssb-interop" --guest-instance-id=3 --enable-blink-features --disable-blink-features --hidden-page --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=DC21F5934D1C131E2D88E917C5C46D95 --mojo-application-channel-token=74673DB56A41CBCF39511B6AF22D8DC4 --channel="10656.7.1291443165\1562146078" --mojo-platform-channel-handle=4208 /prefetch:1
"C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe" --type=renderer --disable-pinch --enable-use-zoom-for-dsf=false --no-sandbox --primordial-pipe-token=930BB34286FE681133EAF4216953AA49 --lang=sk --standard-schemes=slack-resources,slack-webapp-dev --app-user-model-id=com.squirrel.slack.slack --node-integration=false --preload="C:\Users\Marek\AppData\Local\slack\app-2.4.1\resources\app.asar\src\static\ssb-interop" --guest-instance-id=4 --enable-blink-features --disable-blink-features --hidden-page --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=A7CC69ADB2F3DDD6752A880F22FB85F1 --mojo-application-channel-token=930BB34286FE681133EAF4216953AA49 --channel="10656.9.1165755714\409937879" --mojo-platform-channel-handle=4172 /prefetch:1
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
C:\WINDOWS\system32\locator.exe
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Users\Marek\AppData\Local\Apps\2.0\0JL3ZTPT.ZP3\C9618YAY.CBO\lsb...tion_2d7b41b05b24775e_0001.0006_6c5982beb50abfca\LSB.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1701.10102.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Marek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=56.0.2924.87 --initial-client-data=0x1c0,0x1c4,0x1c8,0x1bc,0x1cc,0x7ffabe3d1160,0x7ffabe3d1140,0x7ffabe3d1118
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=12360 --on-initialized-event-handle=596 --parent-handle=604 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,*EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MetricsReporting<MetricsAndCrashSampling,*NegotiateTLS13<TLS13Negotiation,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Default/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Default/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_21/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsInterventionV2/Default/ --primordial-pipe-token=B3E99D3F2AF46A946DD11EE35CE96648 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=B3E99D3F2AF46A946DD11EE35CE96648 --renderer-client-id=5 --mojo-platform-channel-handle=2460 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,*EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MetricsReporting<MetricsAndCrashSampling,*NegotiateTLS13<TLS13Negotiation,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,*PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MediaFoundationH264Encoding<MediaFoundationH264Encoding,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20161208_Launch/EnableSyncClientToServerCompression/Default/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Default/*InstanceID/Enabled/*MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Control/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/*PluginPowerSaverTiny/Enabled2/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SignInPasswordPromo/Enable3/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/*TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_21/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,23,40,41,59,71,77 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4279 --gpu-driver-date=8-24-2015 --gpu-secondary-vendor-ids=0x0000;0x10de --gpu-secondary-device-ids=0x0000;0x139b --gpu-active-vendor-id=0x8086 --gpu-active-device-id=0x0416 --service-request-channel-token=38FFFC877B664B62CB3B2087314584F7 --mojo-platform-channel-handle=1492 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/10500"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-cachedir=C:\Users\Marek\AppData\Local\Steam\htmlcache" "-steampid=14548" "-buildid=1484790260" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --primordial-pipe-token=8AE710CB402020A768032C64B6A01EB2 --lang=en-US --lang=en-US --log-file="C:\Users\Marek\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=8AE710CB402020A768032C64B6A01EB2 --mojo-platform-channel-handle=1572 /prefetch:1
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
-name 96ae2a50-662f-477f-8aef-c59655b82bcc -runas -pluginName LenovoAudioPlugin -pluginVersion 1.2.163.0
C:\WINDOWS\system32\cmd.exe /c ""C:/Users/Marek/AppData/Local/Akamai/installer_no_upload_silent.exe" & "C:/Users/Marek/AppData/Local/Akamai/netsession_win.exe""
"C:/Users/Marek/AppData/Local/Akamai/netsession_win.exe"
"C:/Users/Marek/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroTray.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16122.10291.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\Illustrator.exe"
"C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe" "C:\Program Files\Adobe\Adobe Illustrator CC 2017\CEP\extensions\com.adobe.illustrator.OnBoarding\index.html" bc4d7811-7a2a-4731-8040-669c5c126c5f 17176 ILST 21.0.0 com.adobe.illustrator.OnBoarding 1 "C:\Program Files\Adobe\Adobe Illustrator CC 2017\CEP\extensions\com.adobe.illustrator.OnBoarding" "illustrator" 32 e30= en_US 4283650899 1
"C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe" "C:\Program Files\Adobe\Adobe Illustrator CC 2017\CEP\extensions\com.adobe.ccx.start\index.html" e51cdc19-4dc1-4b28-9c42-06fa0acd4e9c 17176 ILST 21.0.0 com.adobe.ccx.start 1 "C:\Program Files\Adobe\Adobe Illustrator CC 2017\CEP\extensions\com.adobe.ccx.start" "illustrator" 64 WyItLW5vZGVqcy1kaXNhYmxlZCIsIi0taGlnaC1kcGktc3VwcG9ydD0xIiwiLS1kaXNhYmxlLXBpbmNoIl0= en_US 4283650899 1
"C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe" --type=gpu-process --channel="17360.0.697149053\1899860458" --no-sandbox --lang=en --log-file="C:\Users\Marek\AppData\Local\Temp\CEPHtmlEngine7-ILST-21.0.0-com.adobe.illustrator.OnBoarding.log" --log-severity=error --params_ppid=ILST --params_serverid=17176 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4279 --lang=en --log-file="C:\Users\Marek\AppData\Local\Temp\CEPHtmlEngine7-ILST-21.0.0-com.adobe.illustrator.OnBoarding.log" --log-severity=error --params_ppid=ILST --params_serverid=17176 /prefetch:822062411
"C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe" --type=renderer --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en --log-file="C:\Users\Marek\AppData\Local\Temp\CEPHtmlEngine7-ILST-21.0.0-com.adobe.illustrator.OnBoarding.log" --log-severity=error --params_ppid=ILST --params_ppversion=21.0.0 --params_extensionid=com.adobe.illustrator.OnBoarding --params_loglevel=1 --params_serverid=17176 --params_extensionuuid=bc4d7811-7a2a-4731-8040-669c5c126c5f --params_windowid=264046 --params_commandline=e30= --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=17360 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="17360.1.826193919\860469151" /prefetch:673131151
"C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe" --type=gpu-process --channel="11976.0.1274266170\819629303" --no-sandbox --lang=en --log-file="C:\Users\Marek\AppData\Local\Temp\CEPHtmlEngine7-ILST-21.0.0-com.adobe.ccx.start.log" --log-severity=error --params_ppid=ILST --params_serverid=17176 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4279 --lang=en --log-file="C:\Users\Marek\AppData\Local\Temp\CEPHtmlEngine7-ILST-21.0.0-com.adobe.ccx.start.log" --log-severity=error --params_ppid=ILST --params_serverid=17176 /prefetch:822062411
"C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe" --type=renderer --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en --log-file="C:\Users\Marek\AppData\Local\Temp\CEPHtmlEngine7-ILST-21.0.0-com.adobe.ccx.start.log" --log-severity=error --params_ppid=ILST --params_ppversion=21.0.0 --params_extensionid=com.adobe.ccx.start --params_loglevel=1 --params_serverid=17176 --params_extensionuuid=e51cdc19-4dc1-4b28-9c42-06fa0acd4e9c --params_windowid=920830 --params_commandline=WyItLW5vZGVqcy1kaXNhYmxlZCIsIi0taGlnaC1kcGktc3VwcG9ydD0xIiwiLS1kaXNhYmxlLXBpbmNoIl0= --device-scale-factor=1 --font-cache-shared-mem-suffix=11976 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="11976.1.988602585\1210132520" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\server.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe" "C:\Program Files\Adobe\Adobe Illustrator CC 2017\CEP\extensions\com.adobe.svgwriter\index.html" c6d30d6f-b7c4-45a1-9101-c7b1b1b55272 17176 ILST 21.0.0 com.adobe.svgwriter.extension 1 "C:\Program Files\Adobe\Adobe Illustrator CC 2017\CEP\extensions\com.adobe.svgwriter" "illustrator" 16 WyItLWVuYWJsZS1ub2RlanMiXQ== en_US 4283650899 1
"C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe" --type=gpu-process --channel="1804.0.1296647273\891289460" --no-sandbox --lang=en --log-file="C:\Users\Marek\AppData\Local\Temp\CEPHtmlEngine7-ILST-21.0.0-com.adobe.svgwriter.extension.log" --log-severity=error --params_ppid=ILST --params_serverid=17176 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4279 --lang=en --log-file="C:\Users\Marek\AppData\Local\Temp\CEPHtmlEngine7-ILST-21.0.0-com.adobe.svgwriter.extension.log" --log-severity=error --params_ppid=ILST --params_serverid=17176 /prefetch:822062411
"C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe" --type=renderer --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en --log-file="C:\Users\Marek\AppData\Local\Temp\CEPHtmlEngine7-ILST-21.0.0-com.adobe.svgwriter.extension.log" --log-severity=error --params_ppid=ILST --params_ppversion=21.0.0 --params_extensionid=com.adobe.svgwriter.extension --params_loglevel=1 --params_serverid=17176 --params_extensionuuid=c6d30d6f-b7c4-45a1-9101-c7b1b1b55272 --params_windowid=397404 --params_commandline=WyItLWVuYWJsZS1ub2RlanMiXQ== --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=1804 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="1804.1.1427793953\148120507" /prefetch:673131151
taskhostw.exe
"C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe" --type=gpu-process --channel="10656.13.2077304934\1943924739" --mojo-application-channel-token=BB2143CB010BE82363B8FE338A011D9A --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,14,18,31,32,56,62,70 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4279 --gpu-driver-date=8-24-2015 --gpu-secondary-vendor-ids=0x0000;0x10de --gpu-secondary-device-ids=0x0000;0x139b --gpu-active-vendor-id=0x10de --gpu-active-device-id=0x139b --mojo-platform-channel-handle=3952 /prefetch:2
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe53_ Global\UsGthrCtrlFltPipeMssGthrPipe53 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 648 652 660 8192 656
"" "--START" "--REGISTER_PORT" "--ADDRESS" "127.0.0.1" "--PORT" "49331" "--PAUSE_ON_USER_SWITCHING" "--DEPEND_ON_KEY" "SYSTEM\CurrentControlSet\Services\ESRV_SVC_WILLAMETTE" "--DEPEND_ON_VALUE" "run" "--TIME_IN_MS" "--PAUSE" "5000" "--LIBRARY" "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll" "--NO_PL" "--WATCHDOG" "10" "--WATCHDOG_CPU_USAGE_LIMIT" "50" "--END_ON_ERROR" "--KERNEL_PRIORITY_BOOST" "--SHUTDOWN_PRIORITY_BOOST" "--DEVICE_OPTIONS" " time=no output=no output_folder='C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData\userlogs' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll'"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\AUDIODG.EXE 0x67c
"C:\Users\Marek\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2015-07-31 1512152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03 141496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-04 1402624]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-04 1402624]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-04 1402624]
"RtsFT"=C:\Windows\RTFTrack.exe [2015-08-30 5062384]
"LenovoUtility"=C:\Program Files\Lenovo\LenovoUtility\utility.exe [2016-07-11 791848]
"ACUW09EN"=C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\acdIDInTouch2.exe [2016-05-09 2090952]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-29 3947704]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-01-06 1855544]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2015-06-15 57928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-01-19 2881824]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"ACDSeeCommanderUltimate9"=C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe [2016-05-09 3146936]
"GoogleChromeAutoLaunch_76888AFBA486CCF068F690F0F6295975"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-02-01 1116504]
"Akamai NetSession Interface"=C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]
"TimeDoctorLite"=C:\Program Files (x86)\TimeDoctorLite\timedoctorlite.exe [2016-11-23 6152080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-10-25 2383040]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-11-11 5565960]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
Slack.lnk - C:\Users\Marek\AppData\Local\slack\slack.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-02-10 22:15:31 ----D---- C:\Program Files\trend micro
2017-02-10 22:15:30 ----D---- C:\rsit
2017-02-10 17:15:51 ----D---- C:\Program Files (x86)\VulkanRT
2017-02-10 17:15:51 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2017-02-10 17:15:51 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2017-02-10 17:15:51 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2017-02-10 17:15:51 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2017-02-10 17:15:51 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2017-02-10 17:14:29 ----D---- C:\WINDOWS\LastGood
2017-02-02 17:28:10 ----D---- C:\WINDOWS\LastGood.Tmp
2017-01-25 17:19:52 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2017-01-25 17:19:52 ----A---- C:\WINDOWS\system32\poqexec.exe
2017-01-24 18:22:09 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2017-01-24 18:22:09 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2017-01-24 18:22:09 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2017-01-23 18:14:08 ----A---- C:\WINDOWS\system32\iMDriverHelper.dll
2017-01-21 22:39:36 ----AD---- C:\Program Files (x86)\LogMeIn Ignition
2017-01-21 22:39:27 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
2017-01-21 22:39:27 ----A---- C:\WINDOWS\system32\LMIport.dll
2017-01-21 22:39:27 ----A---- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys.000.bak
2017-01-21 22:39:27 ----A---- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
2017-01-21 22:39:26 ----A---- C:\WINDOWS\system32\LMIinit.dll.000.bak
2017-01-21 22:39:26 ----A---- C:\WINDOWS\system32\LMIinit.dll
2017-01-21 22:39:22 ----AD---- C:\Program Files (x86)\LogMeIn
2017-01-20 22:35:30 ----D---- C:\ProgramData\GOG.com
2017-01-20 22:33:31 ----D---- C:\GOG Games
2017-01-20 10:17:24 ----AD---- C:\Program Files (x86)\Apple Software Update
2017-01-17 05:54:04 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2017-01-17 05:53:58 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2017-01-17 05:53:40 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2017-01-17 05:53:36 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2017-01-17 05:53:36 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2017-01-17 05:53:34 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2017-01-17 05:52:40 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2017-01-17 05:52:40 ----A---- C:\WINDOWS\system32\nvdispgenco6437654.dll
2017-01-17 05:52:36 ----A---- C:\WINDOWS\system32\nvdispco6437654.dll
2017-01-17 05:52:20 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2017-01-17 05:52:16 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2017-01-17 05:52:02 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2017-01-17 05:51:52 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2017-01-17 05:51:26 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-01-17 05:51:22 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2017-01-17 05:51:20 ----A---- C:\WINDOWS\system32\nvopencl.dll
2017-01-17 05:51:10 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-01-17 05:51:08 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2017-01-17 05:51:08 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-01-17 05:51:00 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2017-01-17 05:50:58 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2017-01-17 05:50:34 ----A---- C:\WINDOWS\system32\nvcuda.dll
2017-01-17 05:50:32 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2017-01-13 07:38:29 ----D---- C:\Users\Marek\AppData\Roaming\Apple Computer
2017-01-12 22:02:43 ----D---- C:\ProgramData\Apple Computer
2017-01-12 22:02:43 ----AD---- C:\Program Files (x86)\QuickTime
2017-01-12 22:02:01 ----D---- C:\ProgramData\Apple
2017-01-12 21:53:16 ----D---- C:\Users\Marek\AppData\Roaming\Publish Providers
2017-01-12 21:39:53 ----D---- C:\ProgramData\Sony
2017-01-12 21:39:53 ----D---- C:\Program Files\Sony
2017-01-12 21:39:53 ----D---- C:\Program Files (x86)\Sony
2017-01-12 21:39:36 ----D---- C:\Users\Marek\AppData\Roaming\Sony
2017-01-11 14:35:52 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 14:35:51 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 14:35:50 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 14:35:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-01-11 14:35:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-01-11 14:35:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 14:35:48 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-11 14:35:48 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-11 14:35:48 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-11 14:35:48 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 14:35:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 14:35:48 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 14:35:48 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 14:35:48 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 14:35:48 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-11 14:35:48 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 14:35:47 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-11 14:35:46 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-11 14:35:46 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-01-11 14:35:45 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-01-11 14:35:45 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-11 14:35:45 ----A---- C:\WINDOWS\system32\shell32.dll
2017-01-11 14:35:44 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-01-11 14:35:44 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-01-11 14:35:44 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-01-11 14:35:44 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-11 14:35:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-01-11 14:35:44 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 14:35:44 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-11 14:35:44 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-11 14:35:44 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 14:35:44 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-01-11 14:35:43 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-11 14:35:43 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-11 14:35:43 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-11 14:35:43 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-11 14:35:43 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-11 14:35:43 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 14:35:43 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-11 14:35:43 ----A---- C:\WINDOWS\system32\certprop.dll
2017-01-11 14:35:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 14:35:42 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-01-11 14:35:42 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-01-11 14:35:42 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-01-11 14:35:42 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-01-11 14:35:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-01-11 14:35:39 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-01-11 14:35:39 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-01-11 14:35:39 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 14:35:38 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-01-11 14:35:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-01-11 14:35:38 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 14:35:37 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-01-11 14:35:37 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-01-11 14:35:37 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-01-11 14:35:36 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 14:35:35 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-01-11 14:35:35 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-01-11 14:35:35 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 14:35:35 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-01-11 14:35:35 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 14:35:34 ----A---- C:\WINDOWS\system32\winmde.dll
2017-01-11 14:35:34 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 14:35:34 ----A---- C:\WINDOWS\system32\twinui.dll
2017-01-11 14:35:33 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 14:35:32 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-01-11 14:35:32 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-01-11 14:35:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 14:35:31 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 14:35:31 ----A---- C:\WINDOWS\system32\usocore.dll
2017-01-11 14:35:31 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 14:35:31 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 14:35:30 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-11 14:35:30 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-01-11 14:35:30 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 14:35:30 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-01-11 14:35:29 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-11 14:35:29 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 14:35:29 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 14:35:28 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-11 14:35:27 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 14:35:27 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-11 14:35:26 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-01-11 14:35:26 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-11 14:35:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 14:35:26 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-01-11 14:35:26 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-11 14:35:21 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 14:35:20 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 14:35:19 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-01-11 14:35:19 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-11 14:35:19 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-01-11 14:35:19 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-01-11 14:35:19 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-11 14:35:19 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-01-11 14:35:19 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-11 14:35:19 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-01-11 14:35:19 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 14:35:19 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-01-11 14:35:19 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 14:35:19 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 14:35:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 14:35:18 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-11 14:35:18 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 14:35:18 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-11 14:35:18 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 14:35:18 ----A---- C:\WINDOWS\system32\KnobsCore.dll

======List of files/folders modified in the last 1 month======

2017-02-10 22:15:31 ----RD---- C:\Program Files
2017-02-10 22:15:13 ----D---- C:\WINDOWS\Temp
2017-02-10 21:42:08 ----D---- C:\WINDOWS\system32\config
2017-02-10 21:42:05 ----RD---- C:\WINDOWS\Microsoft.NET
2017-02-10 21:42:05 ----D---- C:\WINDOWS\Prefetch
2017-02-10 21:27:39 ----SHD---- C:\WINDOWS\Installer
2017-02-10 21:27:38 ----D---- C:\WINDOWS\system32\sru
2017-02-10 19:46:19 ----D---- C:\WINDOWS\system32\SleepStudy
2017-02-10 17:16:20 ----D---- C:\ProgramData\NVIDIA Corporation
2017-02-10 17:16:10 ----D---- C:\WINDOWS\INF
2017-02-10 17:16:10 ----D---- C:\ProgramData\NVIDIA
2017-02-10 17:16:01 ----D---- C:\WINDOWS\SysWOW64
2017-02-10 17:15:51 ----RD---- C:\Program Files (x86)
2017-02-10 17:15:51 ----D---- C:\WINDOWS\System32
2017-02-10 17:14:29 ----AD---- C:\Windows
2017-02-10 17:14:23 ----D---- C:\WINDOWS\system32\DriverStore
2017-02-10 17:14:23 ----D---- C:\WINDOWS\system32\CatRoot
2017-02-10 17:14:22 ----D---- C:\WINDOWS\system32\catroot2
2017-02-10 11:58:38 ----D---- C:\WINDOWS\AppReadiness
2017-02-10 10:52:03 ----HD---- C:\Program Files\WindowsApps
2017-02-10 10:48:38 ----D---- C:\Users\Marek\AppData\Roaming\vlc
2017-02-10 01:36:55 ----D---- C:\Program Files (x86)\Steam
2017-02-10 00:01:17 ----D---- C:\ProgramData\LogMeIn
2017-02-09 19:57:24 ----RSD---- C:\WINDOWS\assembly
2017-02-09 10:14:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-09 10:14:15 ----SHD---- C:\System Volume Information
2017-02-09 10:09:15 ----D---- C:\Users\Marek\AppData\Roaming\Slack
2017-02-09 10:08:47 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-09 10:08:42 ----D---- C:\WINDOWS\system32\drivers
2017-02-09 10:08:29 ----A---- C:\WINDOWS\system32\lmimirr2.dll
2017-02-09 10:08:29 ----A---- C:\WINDOWS\system32\lmimirr.dll
2017-02-09 10:08:13 ----D---- C:\WINDOWS\Minidump
2017-02-07 08:23:57 ----D---- C:\WINDOWS\LiveKernelReports
2017-02-07 01:03:07 ----D---- C:\Users\Marek\AppData\Roaming\The Creative Assembly
2017-02-05 16:02:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-05 16:02:28 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-02-03 10:31:16 ----D---- C:\Program Files (x86)\Google
2017-02-01 06:29:54 ----D---- C:\ProgramData\Lenovo
2017-02-01 06:29:43 ----D---- C:\Program Files (x86)\Lenovo
2017-02-01 06:29:30 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-01-28 19:28:12 ----D---- C:\WINDOWS\system32\Tasks
2017-01-25 17:42:46 ----D---- C:\WINDOWS\CbsTemp
2017-01-25 17:42:44 ----D---- C:\WINDOWS\WinSxS
2017-01-24 23:40:39 ----RSD---- C:\WINDOWS\Fonts
2017-01-24 18:22:20 ----D---- C:\Program Files\NVIDIA Corporation
2017-01-24 18:22:20 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-01-24 01:18:04 ----HD---- C:\ProgramData
2017-01-22 01:59:36 ----D---- C:\Users\Marek\AppData\Roaming\uTorrent
2017-01-17 05:52:44 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2017-01-17 05:51:16 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2017-01-17 05:51:10 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2017-01-17 05:50:32 ----A---- C:\WINDOWS\system32\nvapi64.dll
2017-01-17 05:50:30 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2017-01-14 02:43:17 ----D---- C:\WINDOWS\rescache
2017-01-12 22:02:01 ----D---- C:\Program Files (x86)\Common Files
2017-01-11 17:36:37 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 17:36:37 ----D---- C:\WINDOWS\system32\wbem
2017-01-11 17:36:37 ----D---- C:\WINDOWS\system32\oobe
2017-01-11 17:36:36 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-01-11 17:36:36 ----D---- C:\WINDOWS\ShellExperiences
2017-01-11 17:36:36 ----D---- C:\WINDOWS\Provisioning
2017-01-11 17:36:36 ----D---- C:\Program Files\Internet Explorer
2017-01-11 17:36:36 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-11 14:43:09 ----D---- C:\WINDOWS\system32\MRT
2017-01-11 14:41:44 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-01-11 12:31:13 ----D---- C:\WINDOWS\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2016-11-20 199304]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-11-20 262792]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-11-20 197248]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2017-02-09 23232]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2016-11-20 181384]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2017-02-09 30448]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2017-02-09 81088]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 ACPIVPC;@oem3.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-04 42328]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2016-09-15 168448]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-09-16 114176]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2016-07-16 37376]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-09-15 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-16 84992]
R3 dtlitescsibus;@oem13.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-07-11 30264]
R3 Hamachi;@oem1.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2016-08-31 45680]
R3 ibtusb;@oem122.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-12-12 230656]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-09-09 6415272]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-04 4486400]
R3 IntcDAud;@oem24.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-08 473864]
R3 MEIx64;@oem53.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-02-10 194624]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2016-05-03 3520264]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [2017-01-17 14190520]
R3 nvvad_WaveExtensible;@oem115.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-01-06 47672]
R3 nvvhci;@oem121.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-01-06 59448]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 rt640x64;@oem25.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSPER;@oem44.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-08-12 759552]
R3 rtsuvc;@oem20.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-08-30 3069680]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-08-29 42696]
R3 SynTP;@oem6.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-08-29 622264]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-10-31 15488]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem50.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 GemCCID;GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [2015-07-10 139632]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 ldiagio_uefi;ldiagio; \??\C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [2015-12-22 25248]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-01-06 29240]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;@oem55.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 ssudserd;@oem54.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2016-09-05 165504]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-10-25 744640]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-01-19 2227312]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2016-12-06 680288]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_e10a9;CDPUserSvc_e10a9; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-11-20 2771848]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-05-03 642464]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-11-11 2627080]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2016-08-26 192200]
R2 ibtsiva;@oem122.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-09-09 359848]
R2 ImControllerService;System Interface Foundation Service; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-01-23 61768]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-11-11 419248]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2017-02-09 509448]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2015-06-15 407424]
R2 MSSQL$ADONISCE30;SQL Server (ADONISCE30); C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADONISCE30\MSSQL\Binn\sqlservr.exe [2012-12-29 160768]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-06 464440]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-29 458176]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-01-06 427064]
R2 OneSyncSvc_e10a9;Sync Host_e10a9; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-05-03 157088]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2012-02-11 269912]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-10-20 130024]
R2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [2016-06-08 117400]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_e10a9;Kontaktné údaje_e10a9; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-01-19 1464096]
R3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2017-01-18 23416]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-06-08 416408]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-11 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe []
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10 270936]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-09-09 291752]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-11 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-08-24 273232]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_e10a9;MessagingService_e10a9; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 mi-raysat_3dsmax2017_64;mental ray Satellite for Autodesk 3ds Max 2017 64-bit; E:\3Ds MAX\3ds Max 2017\raysat_3dsmax2017_64server.exe [2011-09-15 86016]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-29 172488]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-05-03 268704]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-06 464440]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-07 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 SQLAgent$ADONISCE30;SQL Server Agent (ADONISCE30); C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADONISCE30\MSSQL\Binn\SQLAGENT.EXE [2012-12-29 448488]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu - podozrivé správanie

#2 Příspěvek od Rudy »

Zdravím!
To vypisování Captcha pro Google nemisí být způsobeno virem ve vašem PC. Google totiž vidí je router sítě, do níž jste připojen (síť vašeho providera). A pokud je z té sítě zaznamenán nějaký zvýšený přístup na Google, hodí tam captcha. Předchází tak DDoS útokům. Log nicméně zkontrolujeme. Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

IVIarkI2I
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 20 črc 2008 15:56

Re: Kontrola logu - podozrivé správanie

#3 Příspěvek od IVIarkI2I »

Zdravím,

hrozby našlo ale keď som dal clean tak zamrzol windows

mám log zo scanu aspoň,

# AdwCleaner v6.043 - *Logfile created 11/02/2017 *at 20:48:51
# *Updated on 27/01/2017 by Malwarebytes
# *Database : 2017-02-09.1 [*Local]
# *Operating System : Windows 10 Home (X64)
# *Username : Marek - MAREK-PC
# *Running from : C:\Users\Marek\Downloads\adwcleaner_6.043.exe
# *Mode: Scan
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****

*No malicious services found.


***** [ *Folders ] *****

*No malicious folders found.


***** [ *Files ] *****

*No malicious files found.


***** [ DLL ] *****

*No malicious DLLs found.


***** [ WMI ] *****

*No malicious keys found.


***** [ *Shortcuts ] *****

*No infected shortcut found.


***** [ *Scheduled tasks ] *****

*No malicious task found.


***** [ *Registry ] *****

*Key Found: HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
*Key Found: HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5}
*Key Found: HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72}
*Key Found: HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753}
*Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E727987-C8EA-44DA-8749-310C0FBE3C3E}
*Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [chromebrowser]


***** [ *Web browsers ] *****

*No malicious Firefox based browser items found.
*No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1705 *Bytes] - [11/02/2017 20:37:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [1620 *Bytes] - [11/02/2017 20:48:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1694 *Bytes] ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu - podozrivé správanie

#4 Příspěvek od Rudy »

Zkuste to spustit v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

IVIarkI2I
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 20 črc 2008 15:56

Re: Kontrola logu - podozrivé správanie

#5 Příspěvek od IVIarkI2I »

díky ;)

# AdwCleaner v6.043 - *Logfile created 12/02/2017 *at 13:55:16
# *Updated on 27/01/2017 by Malwarebytes
# *Database : 2017-02-09.1 [*Local]
# *Operating System : Windows 10 Home (X64)
# *Username : Marek - MAREK-PC
# *Running from : C:\Users\Marek\Downloads\adwcleaner_6.043.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753}
[-] *Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E727987-C8EA-44DA-8749-310C0FBE3C3E}
[-] *Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [chromebrowser]


***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1369 *Bytes] - [12/02/2017 13:55:16]
C:\AdwCleaner\AdwCleaner[S0].txt - [1705 *Bytes] - [11/02/2017 20:37:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [1778 *Bytes] - [11/02/2017 20:48:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [1852 *Bytes] - [11/02/2017 20:58:57]
C:\AdwCleaner\AdwCleaner[S3].txt - [1926 *Bytes] - [12/02/2017 13:55:12]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1739 *Bytes] ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu - podozrivé správanie

#6 Příspěvek od Rudy »

OK. Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 z normálního režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

IVIarkI2I
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 20 črc 2008 15:56

Re: Kontrola logu - podozrivé správanie

#7 Příspěvek od IVIarkI2I »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2017
Ran by Marek (administrator) on MAREK-PC (12-02-2017 16:58:48)
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADONISCE30\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\acdIDInTouch2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Akamai Technologies, Inc.) C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\TimeDoctorLite\timedoctorlite.exe
(Slack Technologies) C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Slack Technologies) C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe
(Slack Technologies) C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe
(Slack Technologies) C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Slack Technologies) C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe
(Slack Technologies) C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe
(Slack Technologies) C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe
(Slack Technologies) C:\Users\Marek\AppData\Local\slack\app-2.4.1\slack.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Lenovo) C:\Users\Marek\AppData\Local\Apps\2.0\0JL3ZTPT.ZP3\C9618YAY.CBO\lsb...tion_2d7b41b05b24775e_0001.0006_6c5982beb50abfca\LSB.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(InstallShield Software) C:\Users\Marek\AppData\Local\Tempzxpsignd0bb79e565bd5e78\ISSCH\issch.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(forum.viry.cz) C:\Users\Marek\Downloads\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5062384 2015-08-30] (Realtek semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-07-11] ()
HKLM\...\Run: [ACUW09EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\acdIDInTouch2.exe [2090952 2016-05-09] (ACD Systems)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3947704 2015-08-29] (Synaptics Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2015-06-15] (LogMeIn, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation)
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\Run: [ACDSeeCommanderUltimate9] => C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe [3146936 2016-05-09] ()
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\Run: [GoogleChromeAutoLaunch_76888AFBA486CCF068F690F0F6295975] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.)
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\Run: [TimeDoctorLite] => C:\Program Files (x86)\TimeDoctorLite\timedoctorlite.exe [6152080 2016-11-23] ()
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {222e3009-5ce5-11e6-85f3-104a7d525e99} - "J:\setup.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {3759a9f3-9af4-11e6-8613-104a7d525e99} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {8539c752-4dd0-11e6-85ed-104a7d525e99} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {999cfe7b-477d-11e6-85e6-f0761cb998c0} - "F:\setup.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {a315ee39-7e4d-11e6-8603-104a7d525e99} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {b995d645-a544-11e6-8618-f0761cb998c0} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {e11688b8-76ba-11e6-85fe-104a7d525e99} - "D:\Setup.exe"
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2016-11-14] ()
Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-10-23]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (No File)
Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Slack.lnk [2017-01-11]
ShortcutTarget: Slack.lnk -> C:\Users\Marek\AppData\Local\slack\slack.exe (Slack Technologies)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c38bcba9-3026-427e-8983-972a31d0aced}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e941371d-43e2-41e8-aedd-a7bd5dc71c64}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{ee95bfb9-0311-4fa1-bcc1-9b334d0925a1}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: q8g9x8yo.default
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default [2017-02-12]
FF Homepage: Mozilla\Firefox\Profiles\q8g9x8yo.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\q8g9x8yo.default -> is enabled.
FF Extension: (zBReviewBoard) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default\Extensions\@zbreviewboard.xpi [2017-01-26]
FF Extension: (Facebook Messenger Panel) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default\Extensions\fbmessengerpanel@alejandrobrizuela.com.ar.xpi [2016-07-11]
FF Extension: (Firefox Hotfix) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-04]
FF Extension: (MEGA) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default\Extensions\firefox@mega.co.nz.xpi [2017-02-10]
FF Extension: (QuickNote) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default\Extensions\{C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}.xpi [2016-07-11]
FF Extension: (Adblock Plus) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF ProfilePath: C:\Users\Marek\AppData\Roaming\KompoZer\Profiles\8506wknh.default [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default [2017-02-12]
CHR Extension: (Prezentácie Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-11]
CHR Extension: (Dokumenty Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-11]
CHR Extension: (Disk Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-11]
CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-11]
CHR Extension: (Odi) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbnbpbgmlciobnjmpopcdfkfdjjghdg [2016-10-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Tabuľky Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-11]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-08-16]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-11]
CHR Extension: (Chrome Media Router) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2771848 2016-11-20] (ESET)
S2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [359848 2015-09-09] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [61768 2017-01-23] (Lenovo Group Limited)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [509448 2017-02-09] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-06-15] (LogMeIn, Inc.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
S3 mi-raysat_3dsmax2017_64; E:\3Ds MAX\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-15] () [File not signed]
R2 MSSQL$ADONISCE30; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADONISCE30\MSSQL\Binn\sqlservr.exe [160768 2012-12-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-05-03] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-06] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-01-06] (NVIDIA Corporation)
S4 SQLAgent$ADONISCE30; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADONISCE30\MSSQL\Binn\SQLAGENT.EXE [448488 2012-12-29] (Microsoft Corporation)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-05-03] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-11] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [262792 2016-11-20] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [199304 2016-11-20] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-10-31] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [197248 2016-11-20] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [181384 2016-11-20] (ESET)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-07-10] (Gemalto)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2016-08-31] (LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
S3 ldiagio_uefi; C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [25248 2015-12-22] (Lenovo Group Limited (R))
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [30448 2017-02-09] (LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3520264 2016-05-03] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-01-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-01-06] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-08-12] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3069680 2015-08-30] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-29] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-12 16:58 - 2017-02-12 16:59 - 00028587 _____ C:\Users\Marek\Desktop\FRST.txt
2017-02-12 16:58 - 2017-02-12 16:58 - 00029696 _____ C:\Users\Marek\AppData\Local\MSGBOX.EXE
2017-02-12 16:58 - 2017-02-12 16:58 - 00015327 _____ C:\Users\Marek\Desktop\LM.bat
2017-02-12 16:58 - 2017-02-12 16:58 - 00000000 ____D C:\FRST
2017-02-12 16:57 - 2017-02-12 16:57 - 00112640 _____ (forum.viry.cz) C:\Users\Marek\Downloads\FRSTLauncher.exe
2017-02-12 16:56 - 2017-02-12 16:56 - 02421248 _____ (Farbar) C:\Users\Marek\Desktop\FRST64.exe
2017-02-12 14:02 - 2017-02-12 14:02 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignec5566eb878b153d
2017-02-12 14:02 - 2017-02-12 14:02 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignd1cee442f84b34e2
2017-02-12 14:02 - 2017-02-12 14:02 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign727681be0af92854
2017-02-12 13:54 - 2017-02-12 13:54 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-02-11 22:13 - 2017-02-11 22:25 - 00000000 ____D C:\Users\Marek\Documents\GTA San Andreas User Files
2017-02-11 20:49 - 2017-02-11 20:49 - 00001778 _____ C:\Users\Marek\Desktop\AdwCleaner[S1].txt
2017-02-11 20:35 - 2017-02-12 13:55 - 00000000 ____D C:\AdwCleaner
2017-02-11 20:35 - 2017-02-11 20:35 - 04015056 _____ C:\Users\Marek\Downloads\adwcleaner_6.043.exe
2017-02-11 12:46 - 2017-02-11 12:46 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignd5ea23d8af3e1479
2017-02-11 12:46 - 2017-02-11 12:46 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign247ebdbf0ae2ca84
2017-02-10 22:15 - 2017-02-10 22:15 - 01222144 _____ C:\Users\Marek\Downloads\RSITx64.exe
2017-02-10 22:15 - 2017-02-10 22:15 - 00000000 ____D C:\rsit
2017-02-10 22:15 - 2017-02-10 22:15 - 00000000 ____D C:\Program Files\trend micro
2017-02-10 21:58 - 2017-02-10 21:58 - 00092054 _____ C:\Users\Marek\Downloads\Honeywell-vector-logo-F4628F0B26-seeklogo.com.zip
2017-02-10 21:56 - 2017-02-10 21:56 - 00015948 _____ C:\Users\Marek\Downloads\Borg_Warner-vector-logo-FF70A826D6-seeklogo.com.zip
2017-02-10 21:50 - 2017-02-10 21:50 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign8293d81a224e3e1c
2017-02-10 21:50 - 2017-02-10 21:50 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign3c1e8b34dccf4318
2017-02-10 21:44 - 2017-02-10 21:44 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb708a2349fa9248d
2017-02-10 21:44 - 2017-02-10 21:44 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign5fa1c495af112426
2017-02-10 19:37 - 2017-02-10 19:37 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignfb8f92a1e02f9c16
2017-02-10 19:37 - 2017-02-10 19:37 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign83129dc1630e42aa
2017-02-10 19:37 - 2017-02-10 19:37 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign30988693d8eeb607
2017-02-10 18:59 - 2017-02-10 18:59 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignaf730f630b526a69
2017-02-10 18:59 - 2017-02-10 18:59 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigna2cea8a91ecf9648
2017-02-10 18:59 - 2017-02-10 18:59 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign71b68ccabeced3e7
2017-02-10 17:15 - 2017-02-10 17:15 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-10 17:15 - 2016-12-29 13:28 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-10 17:15 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-10 17:15 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-10 17:15 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-10 17:15 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-09 10:08 - 2017-02-09 10:08 - 00675212 _____ C:\WINDOWS\Minidump\020917-5109-01.dmp
2017-02-08 17:07 - 2017-02-08 17:07 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignf73c54226b032c0a
2017-02-08 17:07 - 2017-02-08 17:07 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigna6b1bb818d510c09
2017-02-08 17:07 - 2017-02-08 17:07 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign41e1bf011b6e6080
2017-02-08 10:28 - 2017-02-08 10:29 - 1073805375 _____ C:\Users\Marek\Desktop\Yrobot interview Bratislava.mp4
2017-02-08 10:22 - 2017-02-08 10:22 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignf98217bb85e5adee
2017-02-08 10:22 - 2017-02-08 10:22 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign99a45b37565f7268
2017-02-08 10:22 - 2017-02-08 10:22 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign2df3b6f73869fa14
2017-02-08 10:19 - 2017-02-08 10:19 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign916eb4016a7d9231
2017-02-08 10:18 - 2017-02-08 10:18 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigneb86bac51b188ac7
2017-02-08 10:18 - 2017-02-08 10:18 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign7588a20b5fc43722
2017-02-07 09:09 - 2017-02-07 09:09 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignd20e2cbea5e1e869
2017-02-07 09:08 - 2017-02-07 09:08 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign9fa4098e9d9992d3
2017-02-07 09:08 - 2017-02-07 09:08 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign836730a8fd9893fe
2017-02-07 08:57 - 2017-02-07 08:57 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignf24d1049e27a2a5e
2017-02-07 08:57 - 2017-02-07 08:57 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign81bda76a1f1e11a5
2017-02-07 08:57 - 2017-02-07 08:57 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign3b1930011cdec432
2017-02-07 01:26 - 2017-02-07 01:27 - 07284661 _____ C:\Users\Marek\Desktop\VW2.pdf
2017-02-07 01:06 - 2017-02-07 01:06 - 00340627 _____ C:\Users\Marek\Downloads\IS 2.2.1b Patch 2.7z
2017-02-07 01:02 - 2017-02-07 01:03 - 313096685 _____ C:\Users\Marek\Desktop\IS_221b_patch.7z
2017-02-07 00:59 - 2017-02-07 03:36 - 265758546 _____ C:\Users\Marek\Desktop\VW.psd
2017-02-07 00:59 - 2017-02-07 03:36 - 07241836 _____ C:\Users\Marek\Desktop\VW.pdf
2017-02-06 23:33 - 2017-02-06 23:33 - 00000221 _____ C:\Users\Marek\Desktop\Empire Total War.url
2017-02-06 23:21 - 2017-02-06 23:21 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb323ac81bec8f80c
2017-02-06 23:21 - 2017-02-06 23:21 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign9858d0f6acec2600
2017-02-06 23:21 - 2017-02-06 23:21 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign2f20e069fd2cc2c1
2017-02-06 20:13 - 2017-02-06 20:13 - 10739765 _____ C:\Users\Marek\Desktop\dadko goleso3.pdf
2017-02-06 19:29 - 2017-02-06 19:44 - 1048923621 _____ () C:\Users\Marek\Downloads\IS_Installer_221b.exe
2017-02-06 18:22 - 2017-02-06 18:22 - 11160516 _____ C:\Users\Marek\Downloads\IS_RotR_closed_beta_campaigns.7z
2017-02-06 18:21 - 2017-02-06 18:22 - 205273570 _____ C:\Users\Marek\Downloads\IS_RotR_open_beta_part3.7z
2017-02-06 18:20 - 2017-02-06 18:21 - 375891667 _____ C:\Users\Marek\Downloads\IS_RotR_open_beta_part2.7z
2017-02-06 18:19 - 2017-02-06 18:20 - 306539439 _____ C:\Users\Marek\Downloads\IS_RotR_open_beta_part1.7z
2017-02-06 04:38 - 2017-02-06 04:38 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb3e9d7468216f2c9
2017-02-06 04:38 - 2017-02-06 04:38 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign92db260d8034c0b0
2017-02-06 04:38 - 2017-02-06 04:38 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign02f899d747a5c020
2017-02-06 04:27 - 2017-02-06 04:27 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigncfd1bb65a3abedf3
2017-02-06 04:27 - 2017-02-06 04:27 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignc00d0a1e5ebe5236
2017-02-06 04:27 - 2017-02-06 04:27 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign8923b05f71de756c
2017-02-06 03:23 - 2017-02-06 03:23 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb93c319c61708d4c
2017-02-06 03:22 - 2017-02-06 03:22 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigndc9909d6d81bbfad
2017-02-06 03:22 - 2017-02-06 03:22 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign33acb66315e35ca3
2017-02-05 16:28 - 2017-02-05 16:28 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigneb3a0bef64c864a8
2017-02-05 16:28 - 2017-02-05 16:28 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign899b6c9ed42d881a
2017-02-05 16:28 - 2017-02-05 16:28 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign8376cb452367a379
2017-02-05 16:15 - 2017-02-05 16:15 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigncc43410b7089c7d0
2017-02-05 16:15 - 2017-02-05 16:15 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign96f37599989cf889
2017-02-05 16:15 - 2017-02-05 16:15 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign3112cceefc5fdf1c
2017-02-05 15:56 - 2017-02-05 16:18 - 717951302 _____ (Teytrie ) C:\Users\Marek\Downloads\teylogy.exe
2017-02-05 15:50 - 2017-02-05 15:50 - 00000221 _____ C:\Users\Marek\Desktop\Grand Theft Auto San Andreas.url
2017-02-04 19:56 - 2017-02-04 19:56 - 00001944 _____ C:\Users\Marek\Desktop\NTW3 v7.2.lnk
2017-02-04 18:41 - 2017-02-04 18:55 - 2042196012 _____ (The Lordz Collective ) C:\Users\Marek\Downloads\NTW3-7.2-setup(1).exe
2017-02-04 03:33 - 2017-02-04 03:33 - 190290253 _____ C:\Users\Marek\Downloads\102design_rollup_freebie.zip
2017-02-04 03:33 - 2017-02-04 03:33 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign3ec7c015d2b3fd37
2017-02-04 03:33 - 2017-02-04 03:33 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign0e1971e14c973d46
2017-02-04 03:33 - 2017-02-04 03:33 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign0bd1fc211087f554
2017-02-04 03:11 - 2017-02-04 03:11 - 00997394 _____ C:\Users\Marek\Downloads\Attachments_201724.zip
2017-02-04 02:19 - 2017-02-04 02:19 - 00006570 _____ C:\Users\Marek\Downloads\led-26354.svg
2017-02-03 10:57 - 2017-02-03 10:57 - 00030287 _____ C:\Users\Marek\Downloads\ik_playlist(1).xspf
2017-02-03 10:31 - 2017-02-03 10:31 - 00002227 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-03 10:31 - 2017-02-03 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-02 17:31 - 2017-02-02 17:31 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign981944f2329c78fe
2017-02-02 17:30 - 2017-02-02 17:30 - 05160823 _____ C:\Users\Marek\Downloads\Attachments_201722.zip
2017-02-02 17:30 - 2017-02-02 17:30 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignc7c435bee87bafde
2017-02-02 17:30 - 2017-02-02 17:30 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign82546808ed8a6e98
2017-02-02 17:30 - 2017-02-02 17:30 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign0867e9f8c85464e7
2017-02-02 17:30 - 2017-02-02 16:30 - 02988246 _____ C:\Users\Marek\Desktop\fri rollup_5 bleeds.pdf
2017-02-02 17:30 - 2017-02-02 16:30 - 02987210 _____ C:\Users\Marek\Desktop\fri rollup_5 .pdf
2017-02-02 02:39 - 2017-02-02 02:39 - 00000000 ____D C:\Users\Marek\AppData\Local\Tvsukernel
2017-02-01 10:06 - 2017-02-01 10:06 - 01918372 _____ C:\Users\Marek\Desktop\StMn 2016 POLIAČIK.pdf
2017-02-01 07:43 - 2017-02-01 07:43 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb2d378d16fbbc13c
2017-02-01 07:43 - 2017-02-01 07:43 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigna4a25c1f9178d391
2017-02-01 07:43 - 2017-02-01 07:43 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign16c89194eda1ff4c
2017-02-01 03:24 - 2017-02-01 03:25 - 227132787 _____ C:\Users\Marek\Downloads\MS-Visio-2007-PRO-CZ.rar
2017-02-01 02:51 - 2017-02-01 02:51 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign6db164cec0129b74
2017-02-01 02:50 - 2017-02-01 02:50 - 12042249 _____ C:\Users\Marek\Downloads\DP 2017.pdf
2017-02-01 02:48 - 2017-02-01 02:48 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign8beff9aada06d327
2017-02-01 02:48 - 2017-02-01 02:48 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign5eb5ed79288eccd9
2017-02-01 02:48 - 2017-02-01 02:48 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign3960177bf0acee52
2017-02-01 02:48 - 2017-02-01 02:48 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign369ac200f098bf4d
2017-02-01 00:51 - 2017-02-01 00:51 - 00859437 _____ C:\Users\Marek\Downloads\skripta_sm.pdf
2017-02-01 00:45 - 2017-02-01 09:51 - 02186873 _____ C:\Users\Marek\Desktop\analyzy.ai
2017-01-31 18:13 - 2017-01-31 18:13 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignd08d9e427ccdc298
2017-01-31 18:13 - 2017-01-31 18:13 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigncdc6b8878a5356c4
2017-01-31 18:13 - 2017-01-31 18:13 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb243f0148d767890
2017-01-31 18:13 - 2017-01-31 18:13 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign639eece8ca16835b
2017-01-31 18:12 - 2017-01-31 18:12 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignf925c7dd9793cbd5
2017-01-31 18:12 - 2017-01-31 18:12 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignf7bc63c0ab3b4948
2017-01-31 18:12 - 2017-01-31 18:12 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignedb7a931df2ddc5a
2017-01-31 18:12 - 2017-01-31 18:12 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign31dd164bf446ff14
2017-01-30 16:24 - 2017-01-30 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2017-01-30 16:24 - 2017-01-30 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-01-29 04:00 - 2017-02-01 03:11 - 83305994 _____ C:\Users\Marek\Desktop\kaiser.ai
2017-01-29 00:19 - 2017-01-29 00:19 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb6f1729783ec8096
2017-01-29 00:19 - 2017-01-29 00:19 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigna72e626ade5922a4
2017-01-29 00:19 - 2017-01-29 00:19 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign5577280110b768cf
2017-01-28 19:27 - 2017-01-28 19:28 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-28 17:10 - 2017-01-28 17:10 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigna7cbf1fb5692481c
2017-01-28 17:10 - 2017-01-28 17:10 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign39991f7988e2a427
2017-01-28 17:09 - 2017-01-28 17:09 - 00167105 _____ C:\Users\Marek\Downloads\mcdonald-s-vector-logo-BBC5DC88E0-seeklogo.com.zip
2017-01-26 04:37 - 2017-01-26 04:41 - 00300231 _____ C:\Users\Marek\Desktop\tahak.pdf
2017-01-25 22:23 - 2017-01-25 22:23 - 01333904 _____ C:\Users\Marek\Desktop\ref10_podnikatelske_strategie.pdf
2017-01-25 22:01 - 2017-01-25 22:01 - 00020670 _____ C:\Users\Marek\Downloads\Strategický-manažment-2hý-pokus.odt
2017-01-25 21:54 - 2017-01-25 21:54 - 00183230 _____ C:\Users\Marek\Desktop\vypracované-str-otázky.pdf
2017-01-25 17:24 - 2017-01-25 17:24 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign97ef092d2cec713d
2017-01-25 17:24 - 2017-01-25 17:24 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign75b235ec7496cc0e
2017-01-25 17:24 - 2017-01-25 17:24 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign6dd444720ec5281c
2017-01-25 17:23 - 2017-01-25 17:23 - 00160906 _____ C:\Users\Marek\Desktop\[Untitled].pdf
2017-01-25 17:19 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 17:19 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-25 00:25 - 2017-01-25 00:25 - 00120461 _____ C:\Users\Marek\Downloads\pistol_vector.zip
2017-01-24 23:40 - 2017-01-24 23:40 - 00020684 _____ C:\Users\Marek\Downloads\marlboro.zip
2017-01-24 23:40 - 2003-08-31 15:52 - 00039536 _____ C:\Users\Marek\Desktop\Marlboro.ttf
2017-01-24 22:12 - 2017-01-24 22:12 - 05152271 _____ C:\Users\Marek\Desktop\Training_day.ai
2017-01-24 22:12 - 2017-01-24 22:12 - 01856460 _____ C:\Users\Marek\Desktop\Training_day.pdf
2017-01-24 21:53 - 2017-01-24 21:53 - 05072705 _____ C:\Users\Marek\Downloads\Moj_navrh.ai
2017-01-24 19:08 - 2017-01-24 19:08 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignd619c7a945e5512d
2017-01-24 19:08 - 2017-01-24 19:08 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign5e316f158c0c89b6
2017-01-24 19:08 - 2017-01-24 19:08 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign54c4334c31a28730
2017-01-24 18:22 - 2017-01-06 02:10 - 00158264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-01-24 18:22 - 2017-01-06 02:10 - 00126008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-01-24 18:22 - 2017-01-06 02:10 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-01-24 18:21 - 2017-01-24 18:21 - 37572608 _____ C:\Users\Marek\Downloads\KJ2016.indd
2017-01-24 18:21 - 2017-01-24 18:21 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignf916ae7685deb10b
2017-01-24 18:21 - 2017-01-24 18:21 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigna406f23099179855
2017-01-24 18:21 - 2017-01-24 18:21 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign45f0ffbd9754bf8a
2017-01-24 02:30 - 2017-01-24 02:36 - 00000000 ____D C:\Users\Marek\Downloads\Fear and Loathing in Las Vegas
2017-01-24 01:18 - 2017-02-09 10:08 - 1005712881 _____ C:\WINDOWS\MEMORY.DMP
2017-01-24 01:18 - 2017-01-24 01:18 - 00544068 _____ C:\WINDOWS\Minidump\012417-4765-01.dmp
2017-01-23 18:47 - 2015-05-12 15:58 - 01845208 _____ C:\Users\Marek\Desktop\BP_komunikacnyMix_MPoliačik.pdf
2017-01-23 18:14 - 2017-01-23 18:14 - 00257864 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2017-01-23 00:15 - 2017-01-23 00:15 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Third Age - Total War 3.0 (Part 1of2)
2017-01-22 19:51 - 2017-01-22 19:51 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigncb35e5c7c172b867
2017-01-22 19:51 - 2017-01-22 19:51 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignc12e19af6ca473d0
2017-01-22 19:51 - 2017-01-22 19:51 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign283d23fd2198fb6a
2017-01-22 19:50 - 2017-01-22 19:50 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign39ed81293b49954c
2017-01-22 19:50 - 2017-01-22 19:50 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign3363f87e5365d63e
2017-01-22 19:50 - 2017-01-22 19:50 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign1fa6e955a18d3980
2017-01-22 17:02 - 2017-01-22 17:02 - 00000000 ____D C:\Users\Marek\AppData\Local\yo_cm_client
2017-01-22 17:02 - 2017-01-22 17:02 - 00000000 ____D C:\Users\Marek\.yo_cm_client
2017-01-22 04:27 - 2017-01-22 04:27 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignfc58b9e7f670994c
2017-01-22 04:10 - 2017-01-22 04:10 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign36df9626ff482e01
2017-01-22 04:10 - 2017-01-22 04:10 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign320267d6e26a7daa
2017-01-22 04:07 - 2017-01-22 04:07 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigne156a4c294165087
2017-01-22 04:07 - 2017-01-22 04:07 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignccef4d1c27dd0788
2017-01-22 04:07 - 2017-01-22 04:07 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign186e97c2aa0ede0a
2017-01-22 04:06 - 2017-01-22 04:06 - 00692463 _____ C:\Users\Marek\Downloads\shopping_bags.zip
2017-01-22 04:06 - 2011-04-02 18:41 - 02746988 _____ C:\Users\Marek\Desktop\shopping_bags.psd
2017-01-21 22:39 - 2017-02-12 13:55 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2017-01-21 22:39 - 2017-02-09 10:08 - 00122400 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIRfsClientNP.dll
2017-01-21 22:39 - 2017-02-09 10:08 - 00107520 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIinit.dll
2017-01-21 22:39 - 2017-02-09 10:08 - 00081088 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\LMIRfsDriver.sys
2017-01-21 22:39 - 2017-02-09 10:08 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2017-01-21 22:39 - 2017-01-21 22:39 - 00002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2017-01-21 22:39 - 2017-01-21 22:39 - 00001024 _____ C:\.rnd
2017-01-21 22:39 - 2017-01-21 22:39 - 00000000 ____D C:\Users\Default\AppData\Local\MicrosoftEdge
2017-01-21 22:39 - 2017-01-21 22:39 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeInIgnition
2017-01-21 22:39 - 2017-01-21 22:39 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn
2017-01-21 22:39 - 2017-01-21 22:39 - 00000000 ____D C:\Users\Default User\AppData\Local\MicrosoftEdge
2017-01-21 22:39 - 2017-01-21 22:39 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeInIgnition
2017-01-21 22:39 - 2017-01-21 22:39 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn
2017-01-21 22:39 - 2017-01-21 22:39 - 00000000 ____D C:\Program Files (x86)\LogMeIn Ignition
2017-01-21 22:39 - 2016-12-06 15:15 - 00107520 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIinit.dll.000.bak
2017-01-21 22:39 - 2016-01-29 10:53 - 00035328 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIport.dll
2017-01-21 22:39 - 2015-06-15 08:14 - 00072216 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\LMIRfsDriver.sys.000.bak
2017-01-21 22:22 - 2017-01-21 22:22 - 00000222 _____ C:\Users\Marek\Desktop\Life is Feudal Your Own.url
2017-01-21 11:27 - 2017-01-21 11:27 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign6531afa32708845f
2017-01-21 11:27 - 2017-01-21 11:27 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign164a93acd2d5e15c
2017-01-20 22:38 - 2017-01-20 22:38 - 00000000 ____D C:\Users\Marek\AppData\LocalLow\REBORN
2017-01-20 22:35 - 2017-01-20 22:35 - 00001753 _____ C:\Users\Public\Desktop\Urban Empire.lnk
2017-01-20 22:35 - 2017-01-20 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Urban Empire [GOG.com]
2017-01-20 22:35 - 2017-01-20 22:35 - 00000000 ____D C:\ProgramData\GOG.com
2017-01-20 22:33 - 2017-01-20 22:33 - 00000000 ____D C:\GOG Games
2017-01-20 22:28 - 2017-01-20 22:29 - 00000000 ____D C:\Users\Marek\Downloads\urban_empire
2017-01-20 21:43 - 2017-01-20 21:43 - 09312969 _____ C:\Users\Marek\Downloads\Hiťo-rar.rar
2017-01-20 18:02 - 2017-01-26 23:28 - 00000000 ____D C:\Users\Marek\Desktop\strategicky
2017-01-20 10:31 - 2017-01-20 10:31 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign7decbeba739477b1
2017-01-20 10:31 - 2017-01-20 10:31 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign70df63ed6f10fe59
2017-01-20 10:31 - 2017-01-20 10:31 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign164501e0de27eddf
2017-01-20 10:17 - 2017-01-20 10:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-01-20 10:17 - 2017-01-20 10:17 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-01-19 01:59 - 2017-01-19 01:59 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign92e5e23ab7358fd5
2017-01-19 01:58 - 2017-01-19 01:58 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb10187dc22240c73
2017-01-19 01:58 - 2017-01-19 01:58 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign72c1d2da15fc308a
2017-01-17 22:16 - 2017-01-17 22:16 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign493f4e99a57ad9dd
2017-01-17 22:16 - 2017-01-17 22:16 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign3b548df0dea6f2b7
2017-01-17 22:16 - 2017-01-17 22:16 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign055b5cc94532ec1f
2017-01-17 05:54 - 2017-01-17 05:54 - 34717624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-01-17 05:53 - 2017-01-17 05:53 - 28209080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-01-17 05:53 - 2017-01-17 05:53 - 00951224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-01-17 05:53 - 2017-01-17 05:53 - 00904752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-01-17 05:53 - 2017-01-17 05:53 - 00448568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-01-17 05:53 - 2017-01-17 05:53 - 00397240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-01-17 05:52 - 2017-01-17 05:52 - 40134192 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-01-17 05:52 - 2017-01-17 05:52 - 02961336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-01-17 05:52 - 2017-01-17 05:52 - 02594744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-01-17 05:52 - 2017-01-17 05:52 - 01964600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437654.dll
2017-01-17 05:52 - 2017-01-17 05:52 - 01598392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437654.dll
2017-01-17 05:52 - 2017-01-17 05:52 - 00985136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-01-17 05:51 - 2017-01-17 05:51 - 35233328 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-01-17 05:51 - 2017-01-17 05:51 - 11017016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-01-17 05:51 - 2017-01-17 05:51 - 10907368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-01-17 05:51 - 2017-01-17 05:51 - 09000336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-01-17 05:51 - 2017-01-17 05:51 - 00818680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-01-17 05:51 - 2017-01-17 05:51 - 00698544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-01-17 05:51 - 2017-01-17 05:51 - 00407240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-01-17 05:51 - 2017-01-17 05:51 - 00339144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-01-17 05:50 - 2017-01-17 05:50 - 10453152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-01-17 05:50 - 2017-01-17 05:50 - 08847016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-01-17 05:50 - 2017-01-17 05:50 - 00658584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-01-16 22:06 - 2017-01-16 22:06 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign11e3737080ee23aa
2017-01-16 22:05 - 2017-01-16 22:05 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignd79ab260a024d1f6
2017-01-16 22:05 - 2017-01-16 22:05 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignae89269a2e7e15a7
2017-01-16 20:48 - 2017-01-16 20:48 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb4dba953c5bcf7e7
2017-01-16 20:46 - 2017-01-16 20:46 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigned79e897784a9a4b
2017-01-16 20:38 - 2017-01-16 20:38 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign04bd2bad28891480
2017-01-16 20:37 - 2017-01-16 20:37 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsigne5bdf2b75e9280ca
2017-01-16 20:37 - 2017-01-16 20:37 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign2b22f8aa1be3bdee
2017-01-16 20:37 - 2017-01-16 20:37 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign105554643fb789c9
2017-01-16 20:36 - 2017-01-16 20:36 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignd086856acfe4bd3f
2017-01-16 20:36 - 2017-01-16 20:36 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign65b3bae863156cb9
2017-01-16 19:48 - 2017-01-16 19:48 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb84cc6f5cd68ff65
2017-01-16 19:48 - 2017-01-16 19:48 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsignb4ac8d19c8fe1ffd
2017-01-16 19:48 - 2017-01-16 19:48 - 00000000 ____D C:\Users\Marek\AppData\Local\Tempzxpsign3e1183fb3a04723f
2017-01-15 20:28 - 2017-01-15 20:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2017-01-15 19:19 - 2017-01-15 19:19 - 00520620 _____ C:\WINDOWS\Minidump\011517-5125-01.dmp
2017-01-13 17:43 - 2017-01-13 17:43 - 00178118 _____ C:\Users\Marek\Downloads\LM_hlavickoy7.pdf
2017-01-13 17:43 - 2017-01-13 17:43 - 00070523 _____ C:\Users\Marek\Downloads\LM_hlavickoy7.odt
2017-01-13 07:38 - 2017-01-13 07:38 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Apple Computer
2017-01-13 02:08 - 2017-01-13 02:19 - 00000060 _____ C:\Users\Marek\Desktop\Nový textový dokument (2).txt
2017-01-13 01:52 - 2017-01-13 01:52 - 00001330 _____ C:\Users\Marek\Documents\USA.m2t.sfl
2017-01-13 01:46 - 2017-01-13 01:52 - 651715536 _____ C:\Users\Marek\Documents\USA.m2t
2017-01-13 01:32 - 2017-01-13 01:32 - 02353018 _____ C:\Users\Marek\Documents\Track 9 - 1.wav
2017-01-13 01:32 - 2017-01-13 01:32 - 00009248 _____ C:\Users\Marek\Documents\Track 9 - 1.sfk
2017-01-13 01:31 - 2017-01-13 01:35 - 166533691 _____ C:\Users\Marek\Documents\USA.mp4
2017-01-13 01:29 - 2017-01-13 01:29 - 00038560 _____ C:\Users\Marek\Documents\WorkandTravel_Matej_Marek_2017.w64

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-12 16:58 - 2016-10-23 16:13 - 00000000 ____D C:\Users\Marek\AppData\Local\TimeDoctorLite
2017-02-12 16:33 - 2016-07-11 18:36 - 00000000 ____D C:\Users\Marek\Desktop\pics
2017-02-12 15:55 - 2016-07-11 17:08 - 00000000 ____D C:\Users\Marek\AppData\Local\CrashDumps
2017-02-12 15:55 - 2016-07-11 15:53 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-12 15:48 - 2016-09-16 21:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-12 14:04 - 2016-09-16 21:29 - 00000000 ____D C:\Users\Marek
2017-02-12 14:01 - 2016-07-11 21:39 - 00000033 _____ C:\Users\Marek\AppData\Roaming\AdobeWLCMCache.dat
2017-02-12 14:01 - 2016-07-11 13:59 - 02394282 _____ C:\WINDOWS\system32\perfh01B.dat
2017-02-12 14:01 - 2016-07-11 13:59 - 00722050 _____ C:\WINDOWS\system32\perfc01B.dat
2017-02-12 14:01 - 2016-07-11 12:53 - 05536682 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-12 14:00 - 2016-11-16 18:10 - 00109950 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-02-12 14:00 - 2016-09-16 21:29 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-12 13:56 - 2016-11-18 13:54 - 00000000 ____D C:\Users\Marek\AppData\LocalLow\Mozilla
2017-02-12 13:56 - 2016-10-16 09:43 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Slack
2017-02-12 13:56 - 2016-09-18 22:01 - 00000000 ____D C:\Users\Marek\AppData\Local\LogMeIn Hamachi
2017-02-12 13:55 - 2016-09-16 21:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-12 13:55 - 2016-09-16 21:28 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-12 13:55 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-12 13:55 - 2016-07-11 13:19 - 00000000 __SHD C:\Users\Marek\IntelGraphicsProfiles
2017-02-12 13:42 - 2016-08-24 01:48 - 00000000 ____D C:\Users\Marek\AppData\Local\Akamai
2017-02-12 03:04 - 2016-09-18 22:01 - 00000000 ____D C:\ProgramData\LogMeIn
2017-02-12 02:00 - 2016-07-11 18:08 - 00000000 ____D C:\Users\Marek\AppData\Local\Adobe
2017-02-11 22:14 - 2016-07-16 12:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-02-11 22:14 - 2016-07-16 12:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-02-11 22:14 - 2016-07-16 12:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-02-11 22:14 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-02-11 22:14 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-02-11 22:14 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-11 12:30 - 2016-07-22 12:21 - 00056931 _____ C:\Users\Marek\Desktop\hodiny.xlsx
2017-02-11 12:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-10 19:41 - 2016-07-12 01:48 - 00000000 ____D C:\Users\Marek\Desktop\export
2017-02-10 17:16 - 2016-09-16 21:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-10 17:16 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-10 10:52 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-10 10:48 - 2016-07-11 16:10 - 00000000 ____D C:\Users\Marek\AppData\Roaming\vlc
2017-02-09 10:08 - 2016-09-18 10:19 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-09 10:08 - 2015-10-13 07:29 - 00047296 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\lmimirr.dll
2017-02-09 10:08 - 2015-10-13 07:29 - 00026304 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\lmimirr2.dll
2017-02-09 10:08 - 2015-10-13 07:29 - 00023232 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\LMImirr.sys
2017-02-08 13:42 - 2016-09-25 13:05 - 00000000 ____D C:\Users\Marek\Desktop\Y-ROBOT
2017-02-07 08:24 - 2016-07-11 13:14 - 00002290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 08:24 - 2016-07-11 13:14 - 00002278 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-07 08:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-07 01:03 - 2016-07-21 10:49 - 00000000 ____D C:\Users\Marek\AppData\Roaming\The Creative Assembly
2017-02-06 23:33 - 2016-07-13 23:38 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-02-05 16:02 - 2016-11-18 04:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-05 16:02 - 2016-09-16 21:28 - 06792240 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-05 16:02 - 2016-07-11 13:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-03 10:31 - 2016-07-11 13:13 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-01 23:52 - 2016-09-26 11:44 - 00000867 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-02-01 06:29 - 2016-07-11 14:04 - 00000000 ____D C:\ProgramData\Lenovo
2017-02-01 06:29 - 2016-07-11 14:03 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-01-30 16:24 - 2016-09-16 21:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2017-01-28 19:28 - 2016-07-11 12:51 - 00002373 _____ C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-28 19:28 - 2016-07-11 12:51 - 00000000 ___RD C:\Users\Marek\OneDrive
2017-01-28 17:11 - 2016-09-25 13:05 - 00000000 ____D C:\Users\Marek\Desktop\Dáta, informácie, znalosti
2017-01-25 17:29 - 2016-11-21 19:48 - 00000000 ____D C:\Users\Marek\Desktop\CKM
2017-01-24 18:22 - 2017-01-07 00:57 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-24 18:22 - 2017-01-07 00:57 - 00001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-01-24 18:22 - 2016-11-10 16:35 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-24 18:22 - 2016-11-10 16:35 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-24 18:22 - 2016-11-10 16:35 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-24 18:22 - 2016-11-10 16:35 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-24 18:22 - 2016-11-10 16:35 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-24 18:22 - 2016-11-10 16:35 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-01-24 18:22 - 2016-09-16 21:28 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-24 18:22 - 2016-07-11 13:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-23 23:21 - 2016-07-11 12:49 - 00000000 ____D C:\Users\Marek\AppData\Local\Packages
2017-01-23 21:06 - 2016-09-16 21:34 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-23 20:54 - 2017-01-07 00:57 - 00005831 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2017-01-22 18:18 - 2016-07-11 18:43 - 00001805 _____ C:\Users\Marek\Desktop\TEXT.txt
2017-01-22 01:59 - 2016-07-11 15:44 - 00000000 ____D C:\Users\Marek\AppData\Roaming\uTorrent
2017-01-22 01:03 - 2016-09-08 02:50 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 22:28 - 2016-12-31 02:24 - 00000000 ____D C:\Users\Marek\AppData\LocalLow\uTorrent
2017-01-20 10:17 - 2017-01-12 22:02 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-01-17 05:52 - 2017-01-07 00:59 - 01047096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-01-17 05:51 - 2016-12-05 21:27 - 09246824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-01-17 05:51 - 2016-12-05 21:27 - 00586784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-01-17 05:50 - 2016-07-21 21:57 - 03972960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-01-17 05:50 - 2016-07-21 21:57 - 03509152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-01-17 01:37 - 2016-07-21 21:57 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2017-01-14 02:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-13 02:00 - 2017-01-10 16:10 - 00000000 ____D C:\Users\Marek\Desktop\video
2017-01-13 01:29 - 2017-01-12 21:39 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Sony

==================== Files in the root of some directories =======

2016-07-11 21:39 - 2017-02-12 14:01 - 0000033 _____ () C:\Users\Marek\AppData\Roaming\AdobeWLCMCache.dat
2017-02-12 16:58 - 2017-02-12 16:58 - 0029696 _____ () C:\Users\Marek\AppData\Local\MSGBOX.EXE
2016-09-16 21:29 - 2016-09-16 21:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-07 00:57 - 2017-01-24 18:22 - 0006776 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-07 00:57 - 2017-01-23 20:54 - 0005831 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2016-12-05 21:29 - 2016-12-01 18:05 - 0860960 _____ (NVIDIA Corporation) C:\Users\Marek\AppData\Local\Temp\nvSCPAPI64.dll
2017-01-07 00:59 - 2016-12-01 18:04 - 0353336 _____ (NVIDIA Corporation) C:\Users\Marek\AppData\Local\Temp\nvStInst.exe
2016-11-10 16:35 - 2016-11-17 14:45 - 1135552 _____ (NVIDIA Corporation) C:\Users\Marek\AppData\Local\Temp\NvTelemetry.dll
2016-11-10 16:35 - 2016-12-13 00:36 - 0253376 _____ (NVIDIA Corporation) C:\Users\Marek\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-11-10 16:35 - 2016-12-13 00:36 - 0334272 _____ (NVIDIA Corporation) C:\Users\Marek\AppData\Local\Temp\NvTelemetryAPI64.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-04 21:38

==================== End of FRST.txt ============================
Přílohy
Addition.rar
(18.91 KiB) Staženo 153 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu - podozrivé správanie

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
C:\Users\Marek\AppData\Local\Akamai
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {222e3009-5ce5-11e6-85f3-104a7d525e99} - "J:\setup.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {3759a9f3-9af4-11e6-8613-104a7d525e99} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {8539c752-4dd0-11e6-85ed-104a7d525e99} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {999cfe7b-477d-11e6-85e6-f0761cb998c0} - "F:\setup.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {a315ee39-7e4d-11e6-8603-104a7d525e99} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {b995d645-a544-11e6-8618-f0761cb998c0} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {e11688b8-76ba-11e6-85fe-104a7d525e99} - "D:\Setup.exe"
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
FF Extension: (Facebook Messenger Panel) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default\Extensions\fbmessengerpanel@alejandrobrizuela.com.ar.xpi [2016-07-11]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [No File]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl

EmptyTemp:
ResetHosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

IVIarkI2I
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 20 črc 2008 15:56

Re: Kontrola logu - podozrivé správanie

#9 Příspěvek od IVIarkI2I »

hotovo

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2017
Ran by Marek (12-02-2017 18:59:31) Run:1
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Marek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
C:\Users\Marek\AppData\Local\Akamai
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {222e3009-5ce5-11e6-85f3-104a7d525e99} - "J:\setup.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {3759a9f3-9af4-11e6-8613-104a7d525e99} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {8539c752-4dd0-11e6-85ed-104a7d525e99} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {999cfe7b-477d-11e6-85e6-f0761cb998c0} - "F:\setup.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {a315ee39-7e4d-11e6-8603-104a7d525e99} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {b995d645-a544-11e6-8618-f0761cb998c0} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\...\MountPoints2: {e11688b8-76ba-11e6-85fe-104a7d525e99} - "D:\Setup.exe"
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
FF Extension: (Facebook Messenger Panel) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default\Extensions\fbmessengerpanel@alejandrobrizuela.com.ar.xpi [2016-07-11]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [No File]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl

EmptyTemp:
ResetHosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully

"C:\Users\Marek\AppData\Local\Akamai" folder move:

Could not move "C:\Users\Marek\AppData\Local\Akamai" => Scheduled to move on reboot.

HKU\S-1-5-21-1502647843-958740988-4078077635-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{222e3009-5ce5-11e6-85f3-104a7d525e99} => key removed successfully
HKCR\CLSID\{222e3009-5ce5-11e6-85f3-104a7d525e99} => key not found.
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3759a9f3-9af4-11e6-8613-104a7d525e99} => key removed successfully
HKCR\CLSID\{3759a9f3-9af4-11e6-8613-104a7d525e99} => key not found.
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8539c752-4dd0-11e6-85ed-104a7d525e99} => key removed successfully
HKCR\CLSID\{8539c752-4dd0-11e6-85ed-104a7d525e99} => key not found.
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{999cfe7b-477d-11e6-85e6-f0761cb998c0} => key removed successfully
HKCR\CLSID\{999cfe7b-477d-11e6-85e6-f0761cb998c0} => key not found.
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a315ee39-7e4d-11e6-8603-104a7d525e99} => key removed successfully
HKCR\CLSID\{a315ee39-7e4d-11e6-8603-104a7d525e99} => key not found.
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b995d645-a544-11e6-8618-f0761cb998c0} => key removed successfully
HKCR\CLSID\{b995d645-a544-11e6-8618-f0761cb998c0} => key not found.
HKU\S-1-5-21-1502647843-958740988-4078077635-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e11688b8-76ba-11e6-85fe-104a7d525e99} => key removed successfully
HKCR\CLSID\{e11688b8-76ba-11e6-85fe-104a7d525e99} => key not found.
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe => not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default\Extensions\fbmessengerpanel@alejandrobrizuela.com.ar.xpi => moved successfully
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\q8g9x8yo.default\Extensions\fbmessengerpanel@alejandrobrizuela.com.ar.xpi => path removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Acrobat => key removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
ResetHosts: => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11640472 B
Java, Flash, Steam htmlcache => 124848785 B
Windows/system/drivers => 25577640 B
Edge => 402 B
Chrome => 177435262 B
Firefox => 403137005 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 38082 B
NetworkService => 9222 B
Marek => 381650688 B

RecycleBin => 298491113 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-02-2017 19:02:23)

C:\Users\Marek\AppData\Local\Akamai => Is moved successfully

==== End of Fixlog 19:02:23 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu - podozrivé správanie

#10 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

IVIarkI2I
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 38
Registrován: 20 črc 2008 15:56

Re: Kontrola logu - podozrivé správanie

#11 Příspěvek od IVIarkI2I »

Ďakujem za pomoc mierne zrýchlenie tu je aj firefox spotrebuje o niekoľko 100mb menej RAM tak to hádam vydrží :thumbsup:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu - podozrivé správanie

#12 Příspěvek od Rudy »

To jsem rád. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno