Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka... zasekávání a zpomalení

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
JoskaT
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 02 pro 2017 15:01

Preventivka... zasekávání a zpomalení

#1 Příspěvek od JoskaT »

Dobrý den, prosím o kontrolu... pomalu načítá některé webové stránky.. ve hrách se zasekává i když by neměl i při více jak 100fps

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pepa at 2017-12-03 10:01:58
Microsoft Windows 10 Pro
System drive C: has 139 GB (57%) free of 244 GB
Total RAM: 8147 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:01:59, on 3.12.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\Pepa\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Users\Pepa\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Games\World_of_Tanks\WargamingGameUpdater.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Pepa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445?gp=811013
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll
O2 - BHO: Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll
O3 - Toolbar: Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Pepa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\Pepa\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [XperiaCompanionAgent] C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
O4 - HKCU\..\Run: [XperiaCompanion] "C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Pepa\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Pepa\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [World of Tanks] "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\WINDOWS\system32\srvany.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe

--
End of file - 12183 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s CscService
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
c:\windows\system32\svchost.exe -k iissvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
"C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe"
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe" --
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
"C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe"
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks

"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe"
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
dashost.exe {941cf7a5-c70d-4a1e-bddf05d2e8f445f1}
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s

c:\windows\system32\svchost.exe -k netsvcs -s NetSetupSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs -s Browser
"c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe" -netmsmqactivator
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s HomeGroupListener
c:\windows\system32\svchost.exe -k localservicepeernet -s p2pimsvc
c:\windows\system32\svchost.exe -k localservicepeernet -s PNRPsvc
c:\windows\system32\svchost.exe -k localservicepeernet -s p2psvc
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\WINDOWS\system32\AUDIODG.EXE 0x4a4
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s upnphost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"fontdrvhost.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Users\Pepa\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe"
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe" -Embedding
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
szndesktop.exe default start
"C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
"C:\Users\Pepa\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --primordial-pipe-token=3A0B998B5D2BC08B1135EE2034293547 --lang=en-US --lang=en-US --log-file="C:\Users\Pepa\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=3A0B998B5D2BC08B1135EE2034293547 --renderer-client-id=2 --mojo-platform-channel-handle=1880 /prefetch:1
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe" --ran-launcher --started-from-shortcut
"C:\Program Files (x86)\Opera\49.0.2725.47\opera_crashreporter.exe" --ran-launcher --started-from-shortcut --crash-reporter-parent-id=5748
"C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe" --type=gpu-process --field-trial-handle=1568,5993603822357259976,11053953978603667523,131072 --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11248 --gpu-vendor-id=0x10de --gpu-device-id=0x11c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.8813 --gpu-driver-date=10-27-2017 --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11248 --service-request-channel-token=5A8DA37FBD118A9C3518B430EBB7668C --mojo-platform-channel-handle=1600 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1568,5993603822357259976,11053953978603667523,131072 --service-pipe-token=06EE672DFE7CCDFA8880BB8E91326E04 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11248 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=06EE672DFE7CCDFA8880BB8E91326E04 --renderer-client-id=3 --mojo-platform-channel-handle=2572 /prefetch:1
"C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1568,5993603822357259976,11053953978603667523,131072 --service-pipe-token=F5427158ED61DD7C7B1A3FD671C19C74 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11248 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=F5427158ED61DD7C7B1A3FD671C19C74 --renderer-client-id=5 --mojo-platform-channel-handle=2784 /prefetch:1
"C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1568,5993603822357259976,11053953978603667523,131072 --service-pipe-token=F9C8B5405B5971D81508BC92C6D268EC --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11248 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=F9C8B5405B5971D81508BC92C6D268EC --renderer-client-id=6 --mojo-platform-channel-handle=2804 /prefetch:1
"C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1568,5993603822357259976,11053953978603667523,131072 --service-pipe-token=F7F0564A94AD4CA184AE546D4D1697F5 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11248 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=F7F0564A94AD4CA184AE546D4D1697F5 --renderer-client-id=8 --mojo-platform-channel-handle=4804 /prefetch:1
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled
"C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1568,5993603822357259976,11053953978603667523,131072 --service-pipe-token=8F47A1D5219E6B7A1B65ACCAE05B4BC9 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11248 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=8F47A1D5219E6B7A1B65ACCAE05B4BC9 --renderer-client-id=11 --mojo-platform-channel-handle=2820 /prefetch:1
"C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe" --type=renderer --field-trial-handle=1568,5993603822357259976,11053953978603667523,131072 --service-pipe-token=744B718149168C6A6388A3CB97762624 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-download-sfx-package=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11248 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=744B718149168C6A6388A3CB97762624 --renderer-client-id=14 --mojo-platform-channel-handle=3904 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 688 692 700 8192 696
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Downloads\scoped_dir5748_14406\RSITx64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost

=========Mozilla firefox=========

ProfilePath - C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://go.mail.ru/distib/ep/?product_id ... &gp=811014"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-22 571968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
Panda Safe Web - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2016-07-27 131064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-22 235584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-22 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
Panda Safe Web - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2016-07-27 115192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-22 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Safe Web - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2016-07-27 131064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Safe Web - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2016-07-27 115192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-09-19 1923008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Pepa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-11-08 1685704]
"BingSvc"=C:\Users\Pepa\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2016-01-22 144008]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-04-04 4289728]
"XperiaCompanionAgent"=C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2016-04-11 2033536]
"XperiaCompanion"=C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2016-04-11 2033536]
"cz.seznam.software.autoupdate"=C:\Users\Pepa\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Pepa\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe [2017-02-28 3135752]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-11-03 27226072]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-10-31 3102496]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-02-08 9363672]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-06-28 75048]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12 587288]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2017-06-29 5885352]
"PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2016-08-05 109824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-12-02 15:05:09 ----D---- C:\rsit
2017-12-02 15:05:09 ----D---- C:\Program Files\trend micro
2017-12-02 14:41:32 ----A---- C:\WINDOWS\system32\drivers\PSKMAD.sys
2017-12-02 14:41:14 ----A---- C:\WINDOWS\system32\drivers\PSINReg.sys
2017-12-02 14:41:14 ----A---- C:\WINDOWS\system32\drivers\PSINProt.sys
2017-12-02 14:41:14 ----A---- C:\WINDOWS\system32\drivers\PSINAflt.sys
2017-12-02 14:41:11 ----A---- C:\WINDOWS\system32\drivers\PSINProc.sys
2017-12-02 14:41:11 ----A---- C:\WINDOWS\system32\drivers\PSINFile.sys
2017-12-02 14:41:10 ----A---- C:\WINDOWS\system32\drivers\PSINKNC.sys
2017-12-01 15:27:18 ----AD---- C:\Program Files (x86)\Epic Games
2017-11-18 15:37:16 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2017-11-18 15:37:14 ----D---- C:\Program Files (x86)\VulkanRT
2017-11-18 15:37:14 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2017-11-18 15:37:14 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2017-11-18 15:37:14 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2017-11-18 15:37:14 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2017-11-18 15:36:30 ----D---- C:\WINDOWS\LastGood.Tmp
2017-11-17 14:44:29 ----AD---- C:\Program Files (x86)\LogMeIn Hamachi
2017-11-16 16:01:33 ----D---- C:\Spidla
2017-11-16 15:59:40 ----D---- C:\Program Files (x86)\Emilka Holubová - Montezumův poklad
2017-11-15 07:41:17 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-11-15 07:41:17 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2017-11-15 07:41:16 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-11-15 07:41:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-15 07:41:15 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-11-15 07:41:15 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-11-15 07:41:15 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-11-15 07:41:14 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-11-15 07:41:14 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2017-11-15 07:41:14 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-11-15 07:41:14 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-11-15 07:41:14 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-11-15 07:41:14 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-11-15 07:41:13 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-11-15 07:41:13 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-11-15 07:41:13 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-11-15 07:41:13 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-11-15 07:41:13 ----A---- C:\WINDOWS\system32\tquery.dll
2017-11-15 07:41:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-11-15 07:41:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-11-15 07:41:12 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-11-15 07:41:12 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-11-15 07:41:12 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\CertPKICmdlet.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-11-15 07:41:11 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2017-11-15 07:41:10 ----A---- C:\WINDOWS\system32\utcutil.dll
2017-11-15 07:41:10 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-11-15 07:41:10 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-11-15 07:41:10 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-11-15 07:41:09 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-11-15 07:41:08 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2017-11-15 07:41:08 ----A---- C:\WINDOWS\system32\wpdshext.dll
2017-11-15 07:41:08 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-15 07:41:08 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-11-15 07:41:07 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-11-15 07:41:07 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-15 07:41:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-11-15 07:41:06 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-11-15 07:41:06 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-11-15 07:41:05 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-11-15 07:41:05 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-11-15 07:41:05 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-11-15 07:41:05 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-11-15 07:41:05 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-11-15 07:41:05 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-11-15 07:41:04 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-11-15 07:41:04 ----A---- C:\WINDOWS\system32\jscript.dll
2017-11-15 07:41:04 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-11-15 07:41:04 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-11-15 07:41:03 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 07:41:03 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-11-15 07:41:03 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-11-15 07:41:03 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-11-15 07:41:02 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-11-15 07:41:02 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-11-15 07:41:01 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-11-15 07:41:01 ----A---- C:\WINDOWS\system32\SEMgrPS.dll
2017-11-15 07:41:00 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2017-11-15 07:41:00 ----A---- C:\WINDOWS\system32\wmp.dll
2017-11-15 07:40:59 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-11-15 07:40:59 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-11-15 07:40:59 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-11-15 07:40:59 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-11-15 07:40:59 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-11-15 07:40:59 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-11-15 07:40:59 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-11-15 07:40:59 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\wer.dll
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-11-15 07:40:58 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-15 07:40:57 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-11-15 07:40:57 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-11-15 07:40:57 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-15 07:40:56 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-11-15 07:40:55 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-15 07:40:55 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-15 07:40:54 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-15 07:40:54 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2017-11-15 07:40:54 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-11-15 07:40:54 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-15 07:40:54 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-11-15 07:40:53 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-11-15 07:40:53 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-15 07:40:53 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-11-15 07:40:52 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-11-15 07:40:52 ----A---- C:\WINDOWS\system32\wininet.dll
2017-11-15 07:40:52 ----A---- C:\WINDOWS\system32\usocore.dll
2017-11-15 07:40:52 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-11-15 07:40:52 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-15 07:40:52 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-15 07:40:52 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-15 07:40:52 ----A---- C:\WINDOWS\system32\msIso.dll
2017-11-15 07:40:52 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-15 07:40:52 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-15 07:40:52 ----A---- C:\WINDOWS\system32\aitstatic.exe
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\dsreg.dll
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-15 07:40:51 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\werui.dll
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\ci.dll
2017-11-15 07:40:50 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-15 07:40:49 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-11-15 07:40:49 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-11-15 07:40:49 ----A---- C:\WINDOWS\system32\user32.dll
2017-11-15 07:40:49 ----A---- C:\WINDOWS\system32\shell32.dll
2017-11-15 07:40:49 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-11-15 07:40:49 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-11-15 07:40:48 ----A---- C:\WINDOWS\system32\wups.dll
2017-11-15 07:40:48 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\invagent.dll
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\devinv.dll
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\dcntel.dll
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\aepic.dll
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-11-15 07:40:47 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-11-15 07:40:46 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-15 07:40:46 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-15 07:40:46 ----A---- C:\WINDOWS\system32\profsvc.dll
2017-11-15 07:40:46 ----A---- C:\WINDOWS\system32\pcasvc.dll
2017-11-15 07:40:46 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-11-15 07:40:46 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\wow64win.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\ubpm.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\schedsvc.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\RMapi.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\drivers\Diskdump.sys
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-11-15 07:40:45 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-11-15 07:40:44 ----A---- C:\WINDOWS\system32\tzres.dll
2017-11-15 07:40:44 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-15 07:40:44 ----A---- C:\WINDOWS\system32\drivers\luafv.sys
2017-11-15 07:40:44 ----A---- C:\WINDOWS\system32\drivers\Dumpstorport.sys
2017-11-15 07:40:44 ----A---- C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-15 07:40:44 ----A---- C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-15 07:40:44 ----A---- C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-14 18:44:08 ----D---- C:\Users\Pepa\AppData\Roaming\ERS G-Studio
2017-11-14 18:43:35 ----AD---- C:\Program Files (x86)\Sara Maribu a ztraceny svet
2017-11-14 18:38:52 ----D---- C:\Users\Pepa\AppData\Roaming\Špidla Data Processing, s.r.o
2017-11-14 18:38:52 ----D---- C:\ProgramData\Špidla Data Processing, s.r.o
2017-11-14 18:38:45 ----AD---- C:\Program Files (x86)\Poklady starověké sluje
2017-11-09 04:40:56 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2017-11-09 04:40:48 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2017-11-09 04:40:00 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2017-11-09 04:39:56 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2017-11-09 04:39:52 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2017-11-09 04:39:48 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2017-11-09 04:39:04 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2017-11-09 04:38:30 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2017-11-09 04:38:26 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2017-11-09 04:38:16 ----A---- C:\WINDOWS\system32\nvdispgenco6438813.dll
2017-11-09 04:38:16 ----A---- C:\WINDOWS\system32\nvdispco6438813.dll
2017-11-09 04:38:08 ----A---- C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-11-09 04:38:02 ----A---- C:\WINDOWS\SYSWOW64\nvDecMFTMjpeg.dll
2017-11-09 04:37:48 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2017-11-09 04:37:44 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2017-11-09 04:37:32 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2017-11-09 04:37:26 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2017-11-09 04:30:56 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-11-09 04:30:54 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2017-11-09 04:30:48 ----A---- C:\WINDOWS\system32\nvopencl.dll
2017-11-09 04:30:44 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2017-11-09 04:26:12 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-11-09 04:26:08 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2017-11-09 04:26:02 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-11-09 04:25:58 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2017-11-09 04:25:50 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2017-11-09 04:25:48 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2017-11-09 04:25:28 ----A---- C:\WINDOWS\system32\nvcuda.dll
2017-11-09 04:25:26 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll

======List of files/folders modified in the last 1 month======

2017-12-03 09:58:03 ----D---- C:\WINDOWS\Temp
2017-12-03 09:44:00 ----D---- C:\WINDOWS\system32\sru
2017-12-03 08:48:54 ----D---- C:\Users\Pepa\AppData\Roaming\Seznam.cz
2017-12-03 08:48:45 ----HD---- C:\Program Files\WindowsApps
2017-12-03 08:48:44 ----D---- C:\WINDOWS\AppReadiness
2017-12-03 08:43:17 ----D---- C:\ProgramData\NVIDIA
2017-12-03 08:43:14 ----D---- C:\ProgramData\panda_url_filtering
2017-12-02 23:03:27 ----D---- C:\WINDOWS\system32\SleepStudy
2017-12-02 21:37:10 ----D---- C:\WINDOWS\Prefetch
2017-12-02 21:30:54 ----D---- C:\WINDOWS\System32
2017-12-02 21:30:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-02 21:27:09 ----AD---- C:\Program Files (x86)\Hi-Rez Studios
2017-12-02 21:25:00 ----D---- C:\WINDOWS\system32\drivers
2017-12-02 21:21:57 ----D---- C:\WINDOWS\system32\catroot2
2017-12-02 21:21:57 ----D---- C:\WINDOWS\system32\CatRoot
2017-12-02 21:21:55 ----D---- C:\Program Files (x86)\Steam
2017-12-02 15:24:41 ----D---- C:\Windows
2017-12-02 15:05:09 ----RD---- C:\Program Files
2017-12-02 14:54:03 ----D---- C:\Users\Pepa\AppData\Roaming\uTorrent
2017-12-02 14:51:23 ----D---- C:\WINDOWS\INF
2017-12-02 14:51:22 ----D---- C:\WINDOWS\Logs
2017-12-02 14:51:22 ----D---- C:\WINDOWS\debug
2017-12-02 14:41:55 ----SHD---- C:\WINDOWS\Installer
2017-12-02 14:41:54 ----D---- C:\WINDOWS\system32\DriverStore
2017-12-02 14:41:39 ----D---- C:\WINDOWS\system32\Tasks
2017-12-02 14:41:35 ----D---- C:\ProgramData\Panda Security
2017-12-02 14:41:35 ----D---- C:\Program Files (x86)\Panda Security
2017-12-02 14:41:17 ----D---- C:\Users\Pepa\AppData\Roaming\Panda Security
2017-12-02 14:41:14 ----DC---- C:\WINDOWS\system32\DRVSTORE
2017-12-02 14:41:07 ----RSD---- C:\WINDOWS\Fonts
2017-12-02 12:02:06 ----D---- C:\Users\Pepa\AppData\Roaming\.minecraft
2017-12-02 10:46:22 ----RD---- C:\WINDOWS\Microsoft.NET
2017-12-01 16:18:19 ----D---- C:\Program Files (x86)\Common Files
2017-12-01 15:27:30 ----SHD---- C:\System Volume Information
2017-12-01 15:27:18 ----RD---- C:\Program Files (x86)
2017-11-29 16:06:24 ----D---- C:\WINDOWS\system32\MRT
2017-11-29 16:03:43 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-29 16:03:39 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-11-24 15:29:12 ----D---- C:\WINDOWS\SysWOW64
2017-11-24 15:29:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-24 14:42:49 ----AD---- C:\Program Files (x86)\Opera
2017-11-22 16:12:08 ----D---- C:\WINDOWS\system32\config
2017-11-21 15:00:31 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-11-18 15:37:36 ----D---- C:\ProgramData\NVIDIA Corporation
2017-11-18 15:36:30 ----D---- C:\Program Files\NVIDIA Corporation
2017-11-18 15:36:30 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-11-18 11:58:34 ----D---- C:\Users\Pepa\AppData\Roaming\Mozilla
2017-11-18 11:58:32 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-11-17 15:21:02 ----D---- C:\Users\Pepa\AppData\Roaming\EasyAntiCheat
2017-11-16 19:03:00 ----RSD---- C:\WINDOWS\assembly
2017-11-16 16:03:05 ----AHD---- C:\ProgramData
2017-11-16 09:05:07 ----D---- C:\WINDOWS\WinSxS
2017-11-16 09:02:37 ----D---- C:\WINDOWS\rescache
2017-11-15 17:34:07 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-11-15 17:34:07 ----D---- C:\WINDOWS\system32\wbem
2017-11-15 17:34:07 ----D---- C:\WINDOWS\system32\cs-CZ
2017-11-15 17:34:07 ----D---- C:\WINDOWS\system32\appraiser
2017-11-15 17:34:07 ----D---- C:\WINDOWS\ShellExperiences
2017-11-15 17:34:07 ----D---- C:\WINDOWS\Provisioning
2017-11-15 17:34:07 ----D---- C:\WINDOWS\AppPatch
2017-11-15 17:34:07 ----D---- C:\Program Files\Windows Photo Viewer
2017-11-15 17:34:07 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 07:43:44 ----D---- C:\WINDOWS\CbsTemp
2017-11-14 18:37:31 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-11-14 18:37:31 ----D---- C:\WINDOWS\system32\Macromed
2017-11-09 04:38:58 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-11-09 04:25:22 ----A---- C:\WINDOWS\system32\nvapi64.dll
2017-11-09 04:25:16 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2017-11-05 02:40:50 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 NNSALPC;NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [2015-12-10 103856]
R1 NNSHTTP;NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [2015-12-10 210864]
R1 NNSHTTPS;NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [2015-12-10 120240]
R1 NNSIDS;NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [2015-12-10 120240]
R1 NNSNAHSL;@oem112.inf,%NNSNAHSL_Desc%;Network Activity Hook Server LightWeight Filter Driver; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [2015-06-19 58616]
R1 NNSPICC;NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [2015-12-10 112560]
R1 NNSPIHSW;NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [2016-03-17 82864]
R1 NNSPOP3;NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [2015-12-10 133552]
R1 NNSPROT;NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [2015-12-10 309680]
R1 NNSPRV;NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [2016-02-18 179632]
R1 NNSSMTP;NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [2015-12-10 122800]
R1 NNSSTRM;NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [2016-02-18 267184]
R1 NNSTLSC;NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [2015-12-10 115632]
R1 PSINKNC;PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [2016-08-09 207272]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 PSINAflt;PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [2016-08-09 174000]
R2 PSINFile;PSINFile; C:\WINDOWS\system32\DRIVERS\PSINFile.sys [2016-08-09 129456]
R2 PSINProc;PSINProc; C:\WINDOWS\system32\DRIVERS\PSINProc.sys [2016-08-09 133544]
R2 PSINProt;PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [2016-08-09 146864]
R2 PSINReg;PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [2016-08-09 117168]
R3 dtlitescsibus;@oem43.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-03-16 30264]
R3 dtliteusbbus;@oem60.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-03-16 47672]
R3 Hamachi;@oem54.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\System32\drivers\Hamdrv.sys [2016-04-05 45680]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 MEIx64;@oem77.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2017-04-17 177664]
R3 NVHDA;@oem84.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2017-11-09 233904]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [2017-11-09 16936048]
R3 nvvad_WaveExtensible;@oem96.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-07-26 48064]
R3 nvvhci;@oem11.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-09-19 57792]
R3 panda_url_filteringd;panda_url_filteringd driver; \??\C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [2014-03-19 51288]
R3 PSKMAD;PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [2016-08-10 72112]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-03-18 604160]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2017-04-14 303616]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2017-04-14 35328]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 AndnetBus;@oem57.inf,%LGSI.Service.Desc%;LGE Mobile USB Composite Device; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [2015-01-21 20992]
S3 AndNetDiag;@oem49.inf,%Lgsi.Service.Name%;LGE AndroidNet USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [2015-01-26 30720]
S3 ANDNetModem;@oem24.inf,%LGSI.Service.Name%;LGE AndroidNet USB Modem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [2015-01-26 37376]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2017-03-20 127904]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2017-03-20 161696]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2017-03-20 143776]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 dg_ssudbus;@oem99.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-06-20 110336]
S3 DroidCam;@oem31.inf,%DroidCam.SvcDesc%;DroidCam Virtual Audio; C:\WINDOWS\system32\DRIVERS\droidcam.sys [2015-05-24 33592]
S3 DroidCamVideo;@oem5.inf,%DroidCamVideo.DeviceDesc%;DroidCam Source 3; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [2015-05-24 230712]
S3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [2016-03-16 30264]
S3 dtultrausbbus;DAEMON Tools Ultra Virtual USB Bus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [2016-03-16 47672]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2016-10-13 22704]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-03-10 27008]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-03-10 65408]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2017-03-20 230816]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-09-19 30144]
S3 phantomtap;@oem98.inf,%DeviceDescription%;Phantom TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\phantomtap.sys [2017-07-13 45056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_391a60a;Uživatelská služba platformy připojených zařízení_391a60a; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2017-06-29 3418024]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2017-09-20 9728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-05-27 419248]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2017-04-17 26112]
R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2016-08-05 153096]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19 512960]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-27 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-09-19 449984]
R2 OneSyncSvc_391a60a;Hostitel synchronizace_391a60a; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 panda_url_filtering;panda_url_filtering Service; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [2015-11-06 287752]
R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2016-07-19 86104]
R2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2017-04-26 47096]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-04-04 1443520]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_391a60a;Data kontaktů_391a60a; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27 154440]
S2 KMService;KMService; C:\WINDOWS\syswow64\srvany.exe [2016-01-18 8192]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-18 52920]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-12-01 6971400]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2017-03-03 67224]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_391a60a;Tok zařízení_391a60a; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2016-12-28 395536]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_391a60a;Služba zasílání zpráv_391a60a; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-18 194000]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\syswow64\GameMon.des [2016-01-17 3780544]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19 512960]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-03-20 3913064]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2017-09-30 849816]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka... zasekávání a zpomalení

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JoskaT
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 02 pro 2017 15:01

Re: Preventivka... zasekávání a zpomalení

#3 Příspěvek od JoskaT »

# AdwCleaner 7.0.5.0 - Logfile created on Fri Dec 08 16:06:11 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: panda_url_filtering


***** [ Folders ] *****

Deleted: C:\Program Files (x86)\pandasecuritytb
Deleted: C:\Users\Pepa\AppData\LocalLow\pandasecuritytb
Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\Users\Pepa\AppData\Local\Поиcк в Интeрнете
Deleted: C:\Program Files (x86)\Enigma Software Group
Deleted: C:\ProgramData\Mail.Ru
Deleted: C:\Users\All Users\Mail.Ru
Deleted: C:\Users\Pepa\AppData\Local\Mail.Ru
Deleted: C:\Program Files\Panda Security URL Filtering
Deleted: C:\Users\Pepa\AppData\Roaming\DriverAgentPlus
Deleted: C:\Users\Pepa\AppData\Roaming\DriverAgentPlus
Deleted: C:\Users\Pepa\AppData\Local\FileSystemDriver


***** [ Files ] *****

Deleted: C:\END
Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll
Deleted: C:\Users\Pepa\Favorites\Mail.Ru.url
Deleted: C:\Users\Pepa\Favorites\Mail.Ru Агент - используй для общения!.url
Deleted: C:\Windows\SysNative\drivers\EsgScanner.sys
Deleted: C:\Windows\SysNative\drivers\EsgScanner.sys
Deleted: C:\Users\Pepa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
Deleted: C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default\pandasecuritytb\geodata.xml
Deleted: C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default\pandasecuritytb\guid.dat
Deleted: C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default\pandasecuritytb\setupCfg.xml


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Cleaned: C:\Users\Pepa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk[url,FileProtocolHandler "http:\\www.mail.ru\cnt\20775012?gp=811008"]
Cleaned: C:\Users\Pepa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk[url,FileProtocolHandler "http:\\www.mail.ru\cnt\20775012?gp=811008"]


***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [http:\\mail.ru\cnt\10445?gp=811013]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [http:\\mail.ru\cnt\10445?gp=811013]
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{39EE8082-EC53-4791-8675-5CFBC7860C85}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{39EE8082-EC53-4791-8675-5CFBC7860C85}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B5C4182D-50CB-491C-97B3-11A2FD704A84}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B5C4182D-50CB-491C-97B3-11A2FD704A84}
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\amigo.exe
Deleted: [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
Deleted: [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
Deleted: [Key] - HKLM\SOFTWARE\Mail.Ru
Deleted: [Key] - HKU\.DEFAULT\Software\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\Software\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKU\S-1-5-18\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}


***** [ Firefox (and derivatives) ] *****

Plugin deleted: __MSG_extName__ -


***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [5547 B] - [2017/12/8 16:4:39]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka... zasekávání a zpomalení

#4 Příspěvek od Rudy »

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JoskaT
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 02 pro 2017 15:01

Re: Preventivka... zasekávání a zpomalení

#5 Příspěvek od JoskaT »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-12-2017
Ran by Pepa (administrator) on PEPA (08-12-2017 20:58:24)
Running from C:\Users\Pepa\Desktop
Loaded Profiles: Pepa (Available Profiles: Pepa & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 15063.726 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(© 2015 Microsoft Corporation) C:\Users\Pepa\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Sony) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Users\Pepa\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
() C:\Users\Pepa\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\49.0.2725.47\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Opera Software) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Pepa\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-06-28] (cyberlink)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [109824 2016-08-05] (Panda Security, S.L.)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\Run: [BingSvc] => C:\Users\Pepa\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-01-22] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-04] (Disc Soft Ltd)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2033536 2016-04-11] (Sony)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\Run: [XperiaCompanion] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2033536 2016-04-11] (Sony)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Pepa\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Pepa\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-03] (Skype Technologies S.A.)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\MountPoints2: {3457ad24-3c79-11e7-a60f-d8cb8ac805fa} - "F:\Startme.exe"
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fdb631cf-afe9-476e-94e3-d753da14d533}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B52C2E70B-1AF3-4D9D-81E5-6A5C5E56BA3C%7D&gp=811014
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {2AD5F746-3220-4095-A1EA-299B809FA65F} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {4EBE90B6-635F-4A10-B7A1-71059D4C2C6C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {4FF66E2B-D9EB-43F6-AD62-1FD269746D8A} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={71713670-902B-4E44-AF7B-72223214FD79}&mid=befbaabff3ed47cc87ff0982cc2cec09-22a31b7e13f9b2fe8299179e6da13fe5d92a7949&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516avz&pr=fr&d=2016-04-26 06:35:03&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {A3356398-74DE-44CD-A9AC-E66A6CAF93A0} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {BADD0B71-3460-48AB-ADC4-963EA00F58AC} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {C013B396-599C-45AF-8E91-266BD5167760} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {CE692FAC-9CA2-4490-AA3D-1DDEAD56AE3D} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {EB117631-D3B6-4569-87FB-E4C2E8B2113E} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {FEC73C9D-22C5-47AA-AD19-7025391ACF21} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B52C2E70B-1AF3-4D9D-81E5-6A5C5E56BA3C%7D&gp=811014
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-22] (Oracle Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-22] (Oracle Corporation)
BHO-x32: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-22] (Oracle Corporation)
Toolbar: HKLM - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
Toolbar: HKLM-x32 - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll No File

FireFox:
========
FF DefaultProfile: rx06cwsv.default
FF ProfilePath: C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default [2017-12-08]
FF Homepage: Mozilla\Firefox\Profiles\rx06cwsv.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\rx06cwsv.default -> about:home
FF Extension: (Avira Browser Safety) - C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default\Extensions\abs@avira.com.xpi [2017-12-05]
FF Extension: (Bing Search) - C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-01-22] [Lagacy]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-28]
FF Extension: (Adblock Plus) - C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-08]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-12-05]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default\features\{37873dfb-1717-448c-9123-f4967000cb48}\disable-media-wmf-nv12@mozilla.org.xpi [2017-12-06] [Lagacy]
FF Extension: (No Name) - C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\rx06cwsv.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-22] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
FF Plugin HKU\S-1-5-21-3813167602-1507074412-1510675809-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pepa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default [2017-12-08]
CHR Profile: C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-02]
CHR Profile: C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-12-03]
CHR Extension: (No Name) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-02]
CHR Extension: (Disk Google) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-02]
CHR Extension: (YouTube) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-02]
CHR Extension: (Panda Safe Web) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fagakgcelolinfnkfgekcnedpaklfcok [2017-10-25]
CHR Extension: (No Name) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (No Name) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fnakppaljlplipddalicdemlhlanffdf [2017-11-25]
CHR Extension: (No Name) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-14]
CHR Extension: (No Name) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2017-06-09]
CHR Extension: (Bakaláři - přihlášení) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jdcbaedekbnalbhadpboggcpfppokaid [2017-10-06]
CHR Extension: (No Name) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lgfehfbnofiffladdncogfobimealokp [2017-11-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-09-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-02]
CHR Extension: (Chrome Media Router) - C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-18]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Pepa\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Pepa\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-10-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-01] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395536 2016-12-28] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-20] (Hi-Rez Studios) [File not signed]
S2 KMService; C:\WINDOWS\SysWOW64\srvany.exe [8192 2016-01-18] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [153096 2016-08-05] (Panda Security, S.L.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3780544 2016-01-17] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [47096 2017-04-26] (Panda Security, S.L.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
S2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [303616 2017-04-14] () [File not signed]
S3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [33592 2015-05-24] (Dev47Apps)
S3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [230712 2015-05-24] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-16] (Disc Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2016-03-16] (Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2016-03-16] (Disc Soft Ltd)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
S2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [35328 2017-04-14] () [File not signed]
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103856 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [210864 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112560 2015-12-10] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [82864 2016-03-17] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133552 2015-12-10] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309680 2015-12-10] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179632 2016-02-18] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122800 2015-12-10] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267184 2016-02-18] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115632 2015-12-10] (Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-09-19] (NVIDIA Corporation)
S3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2017-07-13] (The OpenVPN Project)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [174000 2016-08-09] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [129456 2016-08-09] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207272 2016-08-09] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133544 2016-08-09] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [146864 2016-08-09] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117168 2016-08-09] (Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72112 2016-08-10] (Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-09-23] (Wellbia.com Co., Ltd.)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2010-06-28] (CyberLink Corp.)
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-08 20:58 - 2017-12-08 20:58 - 000028627 _____ C:\Users\Pepa\Desktop\FRST.txt
2017-12-08 20:57 - 2017-12-08 20:58 - 000000000 ____D C:\FRST
2017-12-08 20:57 - 2017-12-08 20:57 - 000029696 _____ C:\Users\Pepa\AppData\Local\MSGBOX.EXE
2017-12-08 20:57 - 2017-12-08 20:57 - 000015327 _____ C:\Users\Pepa\Desktop\LM.bat
2017-12-08 20:56 - 2017-12-08 20:55 - 000112640 _____ (forum.viry.cz) C:\Users\Pepa\Desktop\FRSTLauncher.exe
2017-12-08 20:54 - 2017-12-08 20:54 - 002390528 _____ (Farbar) C:\Users\Pepa\Desktop\FRST64.exe
2017-12-08 17:02 - 2017-12-08 17:06 - 000000000 ____D C:\AdwCleaner
2017-12-07 12:13 - 2017-12-07 12:13 - 000001359 _____ C:\Users\Public\Desktop\Loutkové divadlo - Nevinné duše.lnk
2017-12-07 12:13 - 2017-12-07 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loutkové divadlo - Nevinné duše
2017-12-07 12:12 - 2017-12-07 12:13 - 000000000 ____D C:\Program Files (x86)\Loutkove divadlo - Nevinne duse
2017-12-06 18:48 - 2017-12-07 12:13 - 000002159 _____ C:\Users\Public\Desktop\České pohádky zdarma ke stažení.lnk
2017-12-06 18:48 - 2017-12-07 12:13 - 000002127 _____ C:\Users\Public\Desktop\Hry zdarma ke stažení.lnk
2017-12-06 18:48 - 2017-12-06 18:48 - 000001419 _____ C:\Users\Public\Desktop\Loutkové divadlo - Záhada Štěstíkova.lnk
2017-12-06 18:48 - 2017-12-06 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loutkové divadlo - Záhada Štěstíkova
2017-12-06 18:48 - 2017-12-06 18:48 - 000000000 ____D C:\Program Files (x86)\Loutkove divadlo - Zahada Stestikova
2017-12-03 17:08 - 2017-12-03 17:08 - 000000317 _____ C:\Users\Public\Desktop\Mafia.lnk
2017-12-03 17:08 - 2017-12-03 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2017-12-03 16:53 - 2002-08-29 18:33 - 000319488 ____R () C:\WINDOWS\SysWOW64\MafiaSetup.exe
2017-12-03 13:00 - 2017-12-03 13:01 - 000000000 ____D C:\Program Files\Mafia
2017-12-03 13:00 - 2002-08-29 18:33 - 000319488 ____N () C:\Users\Pepa\AppData\Roaming\MafiaSetup.exe
2017-12-02 17:24 - 2017-12-02 17:24 - 000000000 ____D C:\Users\Pepa\AppData\Local\BFH_Test_Launcher
2017-12-02 15:05 - 2017-12-03 10:01 - 000000000 ____D C:\Program Files\trend micro
2017-12-02 15:05 - 2017-12-02 15:05 - 000000000 ____D C:\rsit
2017-12-02 14:56 - 2017-12-02 14:56 - 000000751 _____ C:\Users\Pepa\Desktop\KEJKRT hudba – zástupce.lnk
2017-12-02 14:56 - 2017-12-02 14:56 - 000000723 _____ C:\Users\Pepa\Desktop\Juta2017 – zástupce.lnk
2017-12-02 14:41 - 2017-12-02 14:41 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Global Protection.lnk
2017-12-02 14:41 - 2017-12-02 14:41 - 000002269 _____ C:\Users\Public\Desktop\Panda Global Protection.lnk
2017-12-02 14:41 - 2017-12-02 14:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Global Protection
2017-12-02 14:41 - 2016-08-10 03:10 - 000072112 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2017-12-02 14:41 - 2016-08-09 21:17 - 000207272 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2017-12-02 14:41 - 2016-08-09 21:17 - 000174000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2017-12-02 14:41 - 2016-08-09 21:17 - 000146864 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2017-12-02 14:41 - 2016-08-09 21:17 - 000133544 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProc.sys
2017-12-02 14:41 - 2016-08-09 21:17 - 000129456 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINFile.sys
2017-12-02 14:41 - 2016-08-09 21:17 - 000117168 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
2017-12-01 16:18 - 2017-12-01 16:18 - 000000000 ____D C:\Users\Pepa\AppData\Local\FortniteGame
2017-12-01 15:27 - 2017-12-01 15:27 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2017-12-01 15:27 - 2017-12-01 15:27 - 000001258 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2017-12-01 15:27 - 2017-12-01 15:27 - 000000000 ____D C:\Program Files (x86)\Epic Games
2017-11-18 15:37 - 2017-11-18 15:37 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-11-18 15:37 - 2017-10-27 17:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-11-18 15:37 - 2017-09-14 00:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-11-18 15:37 - 2017-09-14 00:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-11-18 15:37 - 2017-09-14 00:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-11-18 15:37 - 2017-09-14 00:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-11-18 15:36 - 2017-11-18 15:37 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-11-17 18:18 - 2017-11-17 18:18 - 000001426 _____ C:\Users\Pepa\Desktop\MKXLauncher – zástupce.lnk
2017-11-17 14:44 - 2017-11-17 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-11-17 14:44 - 2017-11-17 14:44 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-11-17 14:41 - 2017-12-08 17:08 - 000000000 ____D C:\Users\Pepa\AppData\Local\LogMeIn Hamachi
2017-11-16 17:42 - 2017-11-16 17:42 - 000000219 _____ C:\Users\Pepa\Desktop\Counter-Strike Global Offensive.url
2017-11-16 16:03 - 2017-11-16 16:03 - 000000000 ____D C:\Users\Pepa\AppData\LocalLow\Whalebox Studio
2017-11-16 16:03 - 2017-11-16 16:03 - 000000000 ____D C:\Users\Pepa\AppData\Local\WhaleboxStudio
2017-11-16 16:01 - 2017-11-16 16:01 - 000001343 _____ C:\Users\Public\Desktop\Emilka Holubová - Rodinná záležitost - Sběratelská edice.lnk
2017-11-16 16:01 - 2017-11-16 16:01 - 000000000 ____D C:\Spidla
2017-11-16 16:01 - 2017-11-16 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emilka Holubová - Rodinná záležitost - Sběratelská edice
2017-11-16 15:59 - 2017-11-16 15:59 - 000001314 _____ C:\Users\Pepa\Desktop\Emilka Holubová - Montezumův poklad.lnk
2017-11-16 15:59 - 2017-11-16 15:59 - 000000000 ____D C:\Program Files (x86)\Emilka Holubová - Montezumův poklad
2017-11-15 07:41 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-15 07:41 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-15 07:41 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-15 07:41 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-15 07:41 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 07:41 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-15 07:41 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-15 07:41 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-15 07:41 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-15 07:41 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-15 07:41 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-15 07:41 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-15 07:41 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-15 07:41 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-15 07:41 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-15 07:41 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-15 07:41 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-15 07:41 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-15 07:41 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-15 07:41 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-15 07:41 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-15 07:41 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-15 07:41 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-15 07:41 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-15 07:41 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-15 07:41 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-15 07:41 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-15 07:41 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-15 07:41 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-15 07:41 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-15 07:41 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-15 07:41 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-15 07:41 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-15 07:41 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-15 07:41 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-15 07:41 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-15 07:41 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-15 07:41 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-15 07:41 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-15 07:41 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-15 07:41 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-15 07:41 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-15 07:41 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-15 07:41 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-15 07:41 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-15 07:41 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-15 07:41 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-15 07:41 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-15 07:41 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-15 07:41 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-15 07:41 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-15 07:41 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-15 07:41 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-15 07:41 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-15 07:41 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-15 07:41 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-15 07:41 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-15 07:41 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-15 07:41 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-15 07:41 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-15 07:41 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-15 07:41 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-15 07:41 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-15 07:41 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-15 07:41 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-15 07:41 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-15 07:41 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-15 07:41 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-15 07:41 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-15 07:41 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-15 07:41 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-15 07:41 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-15 07:41 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-15 07:41 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-15 07:41 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-15 07:41 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-15 07:41 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-15 07:41 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-15 07:41 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-15 07:41 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-15 07:41 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-15 07:41 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-15 07:41 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-15 07:41 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-15 07:41 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-15 07:41 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-15 07:41 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-15 07:41 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-15 07:40 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-15 07:40 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-15 07:40 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-15 07:40 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-15 07:40 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-15 07:40 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-15 07:40 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-15 07:40 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-15 07:40 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-15 07:40 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-15 07:40 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-15 07:40 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-15 07:40 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-15 07:40 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-15 07:40 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-15 07:40 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-15 07:40 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-15 07:40 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-15 07:40 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-15 07:40 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-15 07:40 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-15 07:40 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-15 07:40 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-15 07:40 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-15 07:40 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-15 07:40 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-15 07:40 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-15 07:40 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-15 07:40 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-15 07:40 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-15 07:40 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-15 07:40 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-15 07:40 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-15 07:40 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-15 07:40 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-15 07:40 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-15 07:40 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-15 07:40 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-15 07:40 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-15 07:40 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-15 07:40 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-15 07:40 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-15 07:40 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-15 07:40 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-15 07:40 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-15 07:40 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-15 07:40 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-15 07:40 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-15 07:40 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-15 07:40 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-15 07:40 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-15 07:40 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-15 07:40 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-15 07:40 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-15 07:40 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-15 07:40 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-15 07:40 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-15 07:40 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-15 07:40 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-15 07:40 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-15 07:40 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-15 07:40 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-15 07:40 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-15 07:40 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-15 07:40 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-15 07:40 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-15 07:40 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-15 07:40 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-15 07:40 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-15 07:40 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-15 07:40 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-15 07:40 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-15 07:40 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-15 07:40 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-15 07:40 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-15 07:40 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-15 07:40 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-15 07:40 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-15 07:40 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-15 07:40 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-15 07:40 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-15 07:40 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-15 07:40 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-15 07:40 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-15 07:40 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-15 07:40 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-15 07:40 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-15 07:40 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-15 07:40 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-15 07:40 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-15 07:40 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-15 07:40 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-15 07:40 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-15 07:40 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-15 07:40 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-15 07:40 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-15 07:40 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-15 07:40 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-15 07:40 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-15 07:40 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-15 07:40 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-15 07:40 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-15 07:40 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-15 07:40 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-15 07:40 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-15 07:40 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-15 07:40 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-15 07:40 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-15 07:40 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-15 07:40 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-15 07:40 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-15 07:40 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-15 07:40 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-15 07:40 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-15 07:40 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-15 07:40 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-15 07:40 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-15 07:40 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-15 07:40 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-14 18:44 - 2017-12-07 12:13 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\ERS G-Studio
2017-11-14 18:44 - 2017-11-14 18:44 - 000001313 _____ C:\Users\Public\Desktop\Sára Maribu a ztracený svět.lnk
2017-11-14 18:44 - 2017-11-14 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sára Maribu a ztracený svět
2017-11-14 18:43 - 2017-11-14 18:44 - 000000000 ____D C:\Program Files (x86)\Sara Maribu a ztraceny svet
2017-11-14 18:38 - 2017-11-14 18:38 - 000001265 _____ C:\Users\Public\Desktop\Poklady starověké sluje.lnk
2017-11-14 18:38 - 2017-11-14 18:38 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\Špidla Data Processing, s.r.o
2017-11-14 18:38 - 2017-11-14 18:38 - 000000000 ____D C:\ProgramData\Špidla Data Processing, s.r.o
2017-11-14 18:38 - 2017-11-14 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Poklady starověké sluje
2017-11-14 18:38 - 2017-11-14 18:38 - 000000000 ____D C:\Program Files (x86)\Poklady starověké sluje
2017-11-09 04:40 - 2017-11-09 04:40 - 036248176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-11-09 04:40 - 2017-11-09 04:40 - 029279672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-11-09 04:40 - 2017-11-09 04:40 - 000624240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-11-09 04:39 - 2017-11-09 04:39 - 000989808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-11-09 04:39 - 2017-11-09 04:39 - 000940984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-11-09 04:39 - 2017-11-09 04:39 - 000514672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-11-09 04:39 - 2017-11-09 04:39 - 000054192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 001997752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438813.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 001682544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438813.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 001108408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 001039800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 000748144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-11-09 04:38 - 2017-11-09 04:38 - 000607160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-11-09 04:37 - 2017-11-09 04:37 - 040246384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-11-09 04:37 - 2017-11-09 04:37 - 035165624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-11-09 04:37 - 2017-11-09 04:37 - 004210288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-11-09 04:37 - 2017-11-09 04:37 - 003623024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-11-09 04:30 - 2017-11-09 04:30 - 023474480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-11-09 04:30 - 2017-11-09 04:30 - 019212720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-11-09 04:30 - 2017-11-09 04:30 - 013379352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-11-09 04:30 - 2017-11-09 04:30 - 010986768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-11-09 04:26 - 2017-11-09 04:26 - 001154296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-11-09 04:26 - 2017-11-09 04:26 - 000902312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-11-09 04:26 - 2017-11-09 04:26 - 000810304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 013994136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 011891200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 001342008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 001056720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-11-09 04:25 - 2017-11-09 04:25 - 000648728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-11-09 03:57 - 2017-11-09 03:57 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-11-09 03:57 - 2017-11-09 03:57 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-08 20:51 - 2017-04-17 22:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-08 20:34 - 2017-10-27 19:03 - 000001267 _____ C:\Users\Pepa\Desktop\nativelog.txt
2017-12-08 20:16 - 2017-10-28 15:33 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\.minecraft
2017-12-08 20:16 - 2017-04-17 22:31 - 000000000 ____D C:\Users\Pepa
2017-12-08 20:08 - 2016-11-21 12:26 - 000000000 ____D C:\Users\Pepa\AppData\LocalLow\Mozilla
2017-12-08 19:44 - 2016-08-15 13:17 - 000000000 ____D C:\Users\Pepa\AppData\Local\CrashDumps
2017-12-08 17:13 - 2017-04-17 22:31 - 004622600 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-08 17:13 - 2017-03-20 05:39 - 002150932 _____ C:\WINDOWS\system32\perfh005.dat
2017-12-08 17:13 - 2017-03-20 05:39 - 000596426 _____ C:\WINDOWS\system32\perfc005.dat
2017-12-08 17:12 - 2016-05-29 13:44 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\Seznam.cz
2017-12-08 17:09 - 2016-10-19 18:13 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-12-08 17:09 - 2016-08-10 06:04 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-08 17:06 - 2017-04-17 22:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-08 17:06 - 2017-03-18 12:40 - 002359296 _____ C:\WINDOWS\system32\config\BBI
2017-12-08 17:05 - 2017-08-22 17:46 - 000000000 ____D C:\Program Files\Panda Security URL Filtering
2017-12-08 15:45 - 2016-12-23 20:23 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-08 15:27 - 2017-08-22 17:46 - 000000000 ____D C:\ProgramData\panda_url_filtering
2017-12-08 14:29 - 2017-04-17 22:36 - 000004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9F480FC1-ED05-479D-8F53-1FB1A6777AF9}
2017-12-08 06:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-07 07:16 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-12-06 14:27 - 2016-10-14 14:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-06 07:12 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-05 10:40 - 2016-10-22 08:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-05 10:40 - 2016-10-14 14:55 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-03 16:54 - 2016-01-20 16:18 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\uTorrent
2017-12-02 21:22 - 2017-04-17 22:30 - 000455168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-02 17:24 - 2017-07-14 01:32 - 000086016 ___SH C:\Users\Pepa\Desktop\Thumbs.db
2017-12-02 14:52 - 2016-01-18 11:42 - 000000000 ____D C:\Users\Pepa\AppData\Local\Packages
2017-12-02 14:41 - 2017-08-22 17:46 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\Panda Security
2017-12-02 14:41 - 2017-08-22 17:46 - 000000000 ____D C:\Program Files (x86)\Panda Security
2017-12-02 14:41 - 2017-08-22 17:44 - 000000000 ____D C:\ProgramData\Panda Security
2017-12-01 15:27 - 2016-12-16 15:48 - 000000000 ____D C:\Users\Pepa\AppData\Local\UnrealEngine
2017-11-29 16:06 - 2016-01-18 02:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-29 16:03 - 2017-10-11 14:29 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-29 16:03 - 2016-01-18 02:15 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-26 16:08 - 2016-12-16 15:48 - 000788008 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-11-24 15:28 - 2016-08-10 06:07 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-11-24 15:28 - 2016-08-10 06:07 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-11-24 14:42 - 2017-04-17 22:36 - 000003944 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1468522241
2017-11-24 14:42 - 2016-07-14 19:50 - 000000000 ____D C:\Program Files (x86)\Opera
2017-11-21 15:00 - 2016-01-18 00:08 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-18 16:40 - 2016-01-18 08:05 - 000000000 ____D C:\Users\Pepa\AppData\Local\NVIDIA
2017-11-18 15:37 - 2017-04-17 22:30 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-18 15:37 - 2017-02-08 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-11-18 15:36 - 2017-04-17 22:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-18 15:36 - 2017-04-17 22:30 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-18 11:58 - 2016-01-18 13:29 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\Mozilla
2017-11-17 15:21 - 2017-08-12 21:50 - 000000000 ____D C:\Users\Pepa\AppData\Roaming\EasyAntiCheat
2017-11-17 14:44 - 2017-07-13 07:32 - 000000153 _____ C:\Users\Default\BullseyeCoverageError.txt
2017-11-17 14:44 - 2017-06-04 18:47 - 000000165 _____ C:\Users\Pepa\BullseyeCoverageError.txt
2017-11-16 09:02 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-16 08:22 - 2016-02-27 20:26 - 000002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-16 08:22 - 2016-02-27 20:26 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-15 17:34 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 17:34 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-15 17:34 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-15 17:34 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-15 17:34 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 07:43 - 2017-06-14 13:21 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-14 18:37 - 2017-04-17 22:36 - 000004594 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-14 18:37 - 2017-04-17 22:36 - 000004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-11-14 18:37 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-14 18:37 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-14 07:35 - 2017-04-17 22:36 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 07:35 - 2017-04-17 22:36 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-09 04:38 - 2017-01-04 15:19 - 001624168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-11-09 04:38 - 2017-01-04 15:19 - 000233904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-11-09 04:25 - 2017-01-04 15:02 - 004533184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-11-09 04:25 - 2017-01-04 15:02 - 003859848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-11-09 03:57 - 2017-01-04 10:07 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
2017-11-08 06:52 - 2016-01-18 11:44 - 000002426 _____ C:\Users\Pepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-08 06:52 - 2016-01-18 11:44 - 000000000 ___RD C:\Users\Pepa\OneDrive

==================== Files in the root of some directories =======

2017-12-03 13:00 - 2002-08-29 18:33 - 000319488 ____N () C:\Users\Pepa\AppData\Roaming\MafiaSetup.exe
2017-10-28 15:23 - 2017-10-28 15:24 - 000009728 ___SH () C:\Users\Pepa\AppData\Roaming\Thumbs.db
2017-10-03 06:46 - 2017-10-03 06:46 - 000033193 _____ () C:\Users\Pepa\AppData\Roaming\UserTile.png
2017-12-08 20:57 - 2017-12-08 20:57 - 000029696 _____ () C:\Users\Pepa\AppData\Local\MSGBOX.EXE
2017-04-27 17:02 - 2017-04-27 17:02 - 000000017 _____ () C:\Users\Pepa\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2017-12-02 14:40 - 2017-12-02 14:40 - 070156168 _____ (Panda Security, S.L.) C:\Users\Pepa\AppData\Local\Temp\{A5E55516-302B-44C5-A257-6A746CFB2878}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-07 07:13

==================== End of FRST.txt ============================
Přílohy
Addition.rar
(13.71 KiB) Staženo 87 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka... zasekávání a zpomalení

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\MountPoints2: {3457ad24-3c79-11e7-a60f-d8cb8ac805fa} - "F:\Startme.exe"
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B52C2E70B-1AF3-4D9D-81E5-6A5C5E56BA3C%7D&gp=811014
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={71713670-902B-4E44-AF7B-72223214FD79}&mid=befbaabff3ed47cc87ff0982cc2cec09-22a31b7e13f9b2fe8299179e6da13fe5d92a7949&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516avz&pr=fr&d=2016-04-26 06:35:03&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B52C2E70B-1AF3-4D9D-81E5-6A5C5E56BA3C%7D&gp=811014
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File
BHO-x32: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll => No File
Toolbar: HKLM - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
Toolbar: HKLM-x32 - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
U3 idsvc; no ImagePath
C:\Users\Pepa\AppData\Local\Temp
Task: {215B67F6-BAD7-4F55-B972-D2D94B18AFB1} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {6D6A92B3-37F0-4F47-A6EA-062B05FAB0ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {ABDF384F-31D4-4D3E-A89C-8BF0F820AA20} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C67B646E-8669-4AB0-854C-3ADE0F16AA85} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DE548222-52E2-4DE7-ACC7-B7492A468C5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {F763A309-0B1A-4949-8545-3835FA6D473E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData:gs5sys [7170]
AlternateDataStreams: C:\Users\All Users:gs5sys [7170]
AlternateDataStreams: C:\Users\Pepa:gs5sys [3074]
AlternateDataStreams: C:\ProgramData\Data aplikací:gs5sys [7170]
AlternateDataStreams: C:\Users\Pepa\Data aplikací:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\Local Settings:gs5sys [1792]
AlternateDataStreams: C:\Users\Pepa\Soubory cookie:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\Šablony:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\AppData\Local:gs5sys [1792]
AlternateDataStreams: C:\Users\Pepa\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\AppData\Local\Data aplikací:gs5sys [1792]
AlternateDataStreams: C:\Users\Pepa\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\Documents\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [3074]

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JoskaT
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 02 pro 2017 15:01

Re: Preventivka... zasekávání a zpomalení

#7 Příspěvek od JoskaT »

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-12-2017
Ran by Pepa (08-12-2017 22:11:36) Run:1
Running from C:\Users\Pepa\Desktop
Loaded Profiles: Pepa (Available Profiles: Pepa & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\...\MountPoints2: {3457ad24-3c79-11e7-a60f-d8cb8ac805fa} - "F:\Startme.exe"
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B52C2E70B-1AF3-4D9D-81E5-6A5C5E56BA3C%7D&gp=811014
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={71713670-902B-4E44-AF7B-72223214FD79}&mid=befbaabff3ed47cc87ff0982cc2cec09-22a31b7e13f9b2fe8299179e6da13fe5d92a7949&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516avz&pr=fr&d=2016-04-26 06:35:03&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3813167602-1507074412-1510675809-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7B52C2E70B-1AF3-4D9D-81E5-6A5C5E56BA3C%7D&gp=811014
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File
BHO-x32: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll => No File
Toolbar: HKLM - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
Toolbar: HKLM-x32 - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
U3 idsvc; no ImagePath
C:\Users\Pepa\AppData\Local\Temp
Task: {215B67F6-BAD7-4F55-B972-D2D94B18AFB1} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {6D6A92B3-37F0-4F47-A6EA-062B05FAB0ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {ABDF384F-31D4-4D3E-A89C-8BF0F820AA20} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C67B646E-8669-4AB0-854C-3ADE0F16AA85} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DE548222-52E2-4DE7-ACC7-B7492A468C5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-27] (Google Inc.)
Task: {F763A309-0B1A-4949-8545-3835FA6D473E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData:gs5sys [7170]
AlternateDataStreams: C:\Users\All Users:gs5sys [7170]
AlternateDataStreams: C:\Users\Pepa:gs5sys [3074]
AlternateDataStreams: C:\ProgramData\Data aplikac�:gs5sys [7170]
AlternateDataStreams: C:\Users\Pepa\Data aplikac�:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\Local Settings:gs5sys [1792]
AlternateDataStreams: C:\Users\Pepa\Soubory cookie:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\�ablony:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\AppData\Local:gs5sys [1792]
AlternateDataStreams: C:\Users\Pepa\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\AppData\Local\Data aplikac�:gs5sys [1792]
AlternateDataStreams: C:\Users\Pepa\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Pepa\Documents\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [3074]

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3457ad24-3c79-11e7-a60f-d8cb8ac805fa}" => removed successfully
HKLM\Software\Classes\CLSID\{3457ad24-3c79-11e7-a60f-d8cb8ac805fa} => key not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found
"HKU\S-1-5-21-3813167602-1507074412-1510675809-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}" => removed successfully
HKLM\Software\Classes\CLSID\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} => key not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\Software\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => value removed successfully
HKLM\Software\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => key not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => value removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => key not found
"HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader" => removed successfully
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully

"C:\Users\Pepa\AppData\Local\Temp" folder move:

Could not move "C:\Users\Pepa\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{215B67F6-BAD7-4F55-B972-D2D94B18AFB1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{215B67F6-BAD7-4F55-B972-D2D94B18AFB1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D6A92B3-37F0-4F47-A6EA-062B05FAB0ED}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D6A92B3-37F0-4F47-A6EA-062B05FAB0ED}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ABDF384F-31D4-4D3E-A89C-8BF0F820AA20}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ABDF384F-31D4-4D3E-A89C-8BF0F820AA20}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C67B646E-8669-4AB0-854C-3ADE0F16AA85}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C67B646E-8669-4AB0-854C-3ADE0F16AA85}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE548222-52E2-4DE7-ACC7-B7492A468C5D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE548222-52E2-4DE7-ACC7-B7492A468C5D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F763A309-0B1A-4949-8545-3835FA6D473E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F763A309-0B1A-4949-8545-3835FA6D473E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
C:\ProgramData => ":gs5sys" ADS removed successfully
"C:\Users\All Users" => ":gs5sys" ADS not found.
C:\Users\Pepa => ":gs5sys" ADS removed successfully
"C:\ProgramData\Data aplikac�" => ":gs5sys" ADS not found.
"C:\Users\Pepa\Data aplikac�" => ":gs5sys" ADS not found.
C:\Users\Pepa\Local Settings => ":gs5sys" ADS removed successfully
C:\Users\Pepa\Soubory cookie => ":gs5sys" ADS removed successfully
"C:\Users\Pepa\�ablony" => ":gs5sys" ADS not found.
C:\Users\Pepa\Desktop\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\Pepa\AppData\Local" => ":gs5sys" ADS not found.
C:\Users\Pepa\AppData\Roaming => ":gs5sys" ADS removed successfully
"C:\Users\Pepa\AppData\Local\Data aplikac�" => ":gs5sys" ADS not found.
C:\Users\Pepa\AppData\Local\History => ":gs5sys" ADS removed successfully
C:\Users\Pepa\Documents\desktop.ini => ":gs5sys" ADS removed successfully
C:\Users\Public\Documents\desktop.ini => ":gs5sys" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49942968 B
Java, Flash, Steam htmlcache => 408789091 B
Windows/system/drivers => 1395880 B
Edge => 2454 B
Chrome => 12199249 B
Firefox => 57116362 B
Opera => 362341750 B

Temp, IE cache, history, cookies, recent:
Default => 22091 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 10550 B
NetworkService => 1766 B
Pepa => 736610453 B
DefaultAppPool => 0 B

RecycleBin => 602120711 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-12-2017 22:12:49)

C:\Users\Pepa\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:12:50 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka... zasekávání a zpomalení

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JoskaT
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 02 pro 2017 15:01

Re: Preventivka... zasekávání a zpomalení

#9 Příspěvek od JoskaT »

Ano, děkuji za ochotu a pomoc :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka... zasekávání a zpomalení

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět