Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivku, díky

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
pivli
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 08 čer 2009 19:38

Prosím o preventivku, díky

#1 Příspěvek od pivli »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel at 2018-03-11 12:45:50
Microsoft Windows 10 Home
System drive C: has 66 GB (28%) free of 237 GB
Total RAM: 3894 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:46:00, on 11.3.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 13723 bytes

======Listing Processes======









c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
winlogon.exe
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\Windows\system32\atiesrxx.exe
atieclxx
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc

C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p

c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\AUDIODG.EXE 0x414
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\mqsvc.exe
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc

C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\iPod\bin\iPodService.exe"
AvastUI.exe /nogui
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\System32\smartscreen.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7004.0.932136989\22680162" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\Pavel\AppData\LocalLow\Mozilla\Temp-{8b2938fc-3e5f-49c0-8f74-145876f68b26}" 7004 "\\.\pipe\gecko-crash-server-pipe.7004" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7004.1.395555630\1789816262" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{8b2938fc-3e5f-49c0-8f74-145876f68b26}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 7004 "\\.\pipe\gecko-crash-server-pipe.7004" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7004.13.576608267\1530343927" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{8b2938fc-3e5f-49c0-8f74-145876f68b26}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 7004 "\\.\pipe\gecko-crash-server-pipe.7004" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="7004.20.1013885717\537111632" -childID 3 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{8b2938fc-3e5f-49c0-8f74-145876f68b26}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 7004 "\\.\pipe\gecko-crash-server-pipe.7004" tab
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 736 740 748 8192 744
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Pavel\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-4043362240-3129076905-3645850022-1000Core.job - C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-4043362240-3129076905-3645850022-1000UA.job - C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\hlag1a4w.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.161 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files (x86)\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.161 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL


C:\Program Files (x86)\Mozilla Firefox\components\
npdevalvr.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdevalvr.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\hlag1a4w.default\extensions\
centrumpomocnik@centrum.cz
{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\hlag1a4w.default\searchplugins\
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-22 521272]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [2018-03-10 245608]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2012-11-27 168480]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2012-11-27 393760]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2012-11-27 418336]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2018-01-22 298296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-03-08 1559200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-02-07 10290608]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-01-10 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2018-01-10 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2018-01-10 356664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-04-19 136136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2016-10-08 2137744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2012-11-26 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\MICROS~4\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-03-11 12:45:51 ----D---- C:\Program Files\trend micro
2018-03-11 12:45:50 ----D---- C:\rsit
2018-03-11 12:18:12 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2018-03-11 11:45:15 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2018-03-11 11:45:15 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2018-03-11 11:45:14 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2018-03-11 11:45:08 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2018-03-11 11:44:54 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2018-03-11 11:44:44 ----D---- C:\Program Files\Malwarebytes
2018-03-11 11:44:32 ----D---- C:\ProgramData\MB2Migration
2018-03-10 16:49:55 ----A---- C:\WINDOWS\system32\aswBoot.exe
2018-02-15 22:22:20 ----D---- C:\ProgramData\SWCUTemp
2018-02-14 22:30:03 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-14 22:30:02 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2018-02-14 22:30:02 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-02-14 22:30:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-02-14 22:29:59 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-02-14 22:29:59 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-02-14 22:29:58 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-02-14 22:29:57 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-02-14 22:29:57 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-02-14 22:29:57 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-02-14 22:29:57 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-02-14 22:29:56 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-02-14 22:29:54 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-02-14 22:29:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-02-14 22:29:54 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2018-02-14 22:29:54 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-02-14 22:29:54 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-02-14 22:29:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-02-14 22:29:52 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-02-14 22:29:52 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-02-14 22:29:51 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-02-14 22:29:51 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2018-02-14 22:29:51 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-14 22:29:51 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-02-14 22:29:51 ----A---- C:\WINDOWS\system32\audiosrv.dll
2018-02-14 22:29:51 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-14 22:29:50 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-02-14 22:29:50 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-02-14 22:29:50 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-02-14 22:29:49 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-02-14 22:29:49 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2018-02-14 22:29:48 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-02-14 22:29:48 ----A---- C:\WINDOWS\system32\hal.dll
2018-02-14 22:29:47 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-02-14 22:29:47 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2018-02-14 22:29:46 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-02-14 22:29:45 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-02-14 22:29:45 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-02-14 22:29:44 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-02-14 22:29:42 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-02-14 22:29:42 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-02-14 22:29:42 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-02-14 22:29:42 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-02-14 22:29:41 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2018-02-14 22:29:41 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-02-14 22:29:41 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-02-14 22:29:41 ----A---- C:\WINDOWS\system32\evr.dll
2018-02-14 22:29:40 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2018-02-14 22:29:40 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2018-02-14 22:29:40 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2018-02-14 22:29:40 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2018-02-14 22:29:40 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-02-14 22:29:40 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-02-14 22:29:40 ----A---- C:\WINDOWS\system32\nshhttp.dll
2018-02-14 22:29:40 ----A---- C:\WINDOWS\system32\DbgModel.dll
2018-02-14 22:29:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-02-14 22:29:39 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2018-02-14 22:29:39 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2018-02-14 22:29:39 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-14 22:29:39 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-14 22:29:39 ----A---- C:\WINDOWS\system32\audiodg.exe
2018-02-14 22:29:38 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-02-14 22:29:38 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2018-02-14 22:29:37 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-02-14 22:29:37 ----A---- C:\WINDOWS\system32\InputService.dll
2018-02-14 22:29:37 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-02-14 22:29:37 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-02-14 22:29:36 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-14 22:29:36 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-02-14 22:29:36 ----A---- C:\WINDOWS\system32\d3d11.dll
2018-02-14 22:29:35 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-02-14 22:29:35 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-02-14 22:29:35 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-02-14 22:29:34 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-02-14 22:29:33 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-02-14 22:29:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-02-14 22:29:32 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-02-14 22:29:32 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-02-14 22:29:32 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-02-14 22:29:31 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-02-14 22:29:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-02-14 22:29:30 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-02-14 22:29:30 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-02-14 22:29:29 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-02-14 22:29:29 ----A---- C:\WINDOWS\system32\mfsvr.dll
2018-02-14 22:29:29 ----A---- C:\WINDOWS\system32\dnsapi.dll
2018-02-14 22:29:28 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-02-14 22:29:28 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-02-14 22:29:28 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-02-14 22:29:27 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-14 22:29:27 ----A---- C:\WINDOWS\system32\AudioSes.dll
2018-02-14 22:29:26 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-02-14 22:29:26 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-02-14 22:29:26 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-02-14 22:29:25 ----A---- C:\WINDOWS\system32\ncsi.dll
2018-02-14 22:29:25 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-02-14 22:29:24 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-02-14 22:29:24 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-02-14 22:29:23 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-02-14 22:29:22 ----A---- C:\WINDOWS\system32\wininet.dll
2018-02-14 22:29:22 ----A---- C:\WINDOWS\system32\msIso.dll
2018-02-14 22:29:20 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-02-14 22:29:20 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-02-14 22:29:19 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-14 22:29:17 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-02-14 22:29:17 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-02-14 22:29:16 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-02-14 22:29:15 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-02-14 22:29:15 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-14 22:29:14 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-02-14 22:29:13 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-02-14 22:29:11 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-14 22:29:10 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-14 22:29:10 ----A---- C:\WINDOWS\system32\ISM.dll
2018-02-14 22:29:09 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2018-02-14 22:29:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
2018-02-14 22:29:09 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-14 22:29:08 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-02-14 22:29:08 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2018-02-14 22:29:08 ----A---- C:\WINDOWS\system32\nlaapi.dll
2018-02-14 22:29:08 ----A---- C:\WINDOWS\system32\convertvhd.exe
2018-02-14 22:29:07 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-14 22:29:07 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-02-14 22:29:05 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2018-02-14 22:29:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2018-02-14 22:29:04 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-02-14 22:29:04 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2018-02-14 22:29:04 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-02-14 22:29:03 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-02-14 22:29:02 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-02-14 22:29:02 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-14 22:29:01 ----A---- C:\WINDOWS\system32\comdlg32.dll
2018-02-14 22:29:00 ----A---- C:\WINDOWS\system32\sppsvc.exe
2018-02-14 22:28:59 ----A---- C:\WINDOWS\system32\wow64.dll
2018-02-14 22:28:59 ----A---- C:\WINDOWS\system32\twinui.dll
2018-02-14 22:28:58 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-14 22:28:58 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-02-14 22:28:57 ----A---- C:\WINDOWS\explorer.exe
2018-02-14 22:28:56 ----A---- C:\WINDOWS\system32\shell32.dll
2018-02-14 22:28:54 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-02-14 22:28:52 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-02-14 22:28:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-14 22:28:49 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-14 22:28:49 ----A---- C:\WINDOWS\system32\mfps.dll
2018-02-14 22:28:33 ----A---- C:\WINDOWS\system32\usocore.dll
2018-02-14 22:28:33 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2018-02-14 22:28:33 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-02-14 22:28:22 ----A---- C:\WINDOWS\system32\vac.exe
2018-02-14 22:28:19 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2018-02-14 22:28:19 ----A---- C:\WINDOWS\system32\SRH.dll
2018-02-14 22:28:18 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2018-02-14 22:28:18 ----A---- C:\WINDOWS\system32\cldapi.dll
2018-02-14 22:28:18 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-14 22:28:18 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-14 22:28:17 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-14 22:28:16 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-14 22:28:15 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-14 22:28:09 ----A---- C:\WINDOWS\system32\winresume.exe
2018-02-14 22:28:09 ----A---- C:\WINDOWS\system32\winload.exe
2018-02-14 22:28:08 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-02-14 22:28:08 ----A---- C:\WINDOWS\system32\ci.dll
2018-02-14 22:28:07 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2018-02-14 22:28:07 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-02-14 22:28:06 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2018-02-14 22:28:06 ----A---- C:\WINDOWS\system32\AudioEng.dll
2018-02-14 22:28:05 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-02-14 22:28:05 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-14 22:28:05 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-02-14 22:28:05 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-14 22:28:02 ----A---- C:\WINDOWS\system32\devinv.dll
2018-02-14 22:28:02 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-14 22:28:02 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-02-14 22:28:02 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-02-14 22:27:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-14 22:27:57 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-02-14 22:27:57 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2018-02-14 22:27:57 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2018-02-14 22:27:57 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-14 22:27:56 ----A---- C:\WINDOWS\system32\sppobjs.dll
2018-02-14 22:27:56 ----A---- C:\WINDOWS\system32\InstallService.dll
2018-02-14 22:27:55 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-14 22:27:55 ----A---- C:\WINDOWS\system32\efscore.dll
2018-02-14 22:27:55 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-02-14 22:27:50 ----A---- C:\WINDOWS\system32\wimserv.exe
2018-02-14 22:27:50 ----A---- C:\WINDOWS\system32\wimgapi.dll
2018-02-14 22:27:50 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-02-14 22:27:49 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-14 22:27:48 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2018-02-14 22:27:48 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-14 22:27:47 ----A---- C:\WINDOWS\system32\rtmpltfm.dll
2018-02-14 22:27:46 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2018-02-14 22:27:46 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2018-02-14 22:27:46 ----A---- C:\WINDOWS\system32\usercpl.dll
2018-02-14 22:27:45 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-14 22:27:45 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2018-02-14 22:27:44 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-02-14 22:27:43 ----A---- C:\WINDOWS\system32\tquery.dll
2018-02-14 22:27:43 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-02-14 22:27:43 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-02-14 22:27:43 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-02-14 22:27:42 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2018-02-14 22:27:42 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-14 22:27:42 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-14 22:27:41 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-02-14 22:27:41 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2018-02-14 22:27:40 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-02-14 22:27:40 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2018-02-14 22:27:40 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-14 22:27:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-02-14 22:27:39 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2018-02-14 22:27:39 ----A---- C:\WINDOWS\SYSWOW64\rtmpltfm.dll
2018-02-14 22:27:38 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2018-02-14 22:27:38 ----A---- C:\WINDOWS\system32\sppwinob.dll
2018-02-14 22:27:37 ----A---- C:\WINDOWS\system32\Wpc.dll
2018-02-14 22:27:37 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-14 22:27:35 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2018-02-14 22:27:34 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2018-02-14 22:27:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2018-02-14 22:27:33 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-02-14 22:27:33 ----A---- C:\WINDOWS\system32\FSClient.dll
2018-02-14 22:27:32 ----A---- C:\WINDOWS\system32\wpncore.dll
2018-02-14 22:27:32 ----A---- C:\WINDOWS\system32\mmc.exe
2018-02-14 22:27:32 ----A---- C:\WINDOWS\system32\mf.dll
2018-02-14 22:27:32 ----A---- C:\WINDOWS\system32\D3D12.dll
2018-02-14 22:27:32 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2018-02-14 22:27:31 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-14 22:27:31 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-02-14 22:27:31 ----A---- C:\WINDOWS\system32\aepic.dll
2018-02-14 22:27:30 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2018-02-14 22:27:30 ----A---- C:\WINDOWS\system32\VSSVC.exe
2018-02-14 22:27:30 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-14 22:27:30 ----A---- C:\WINDOWS\system32\invagent.dll
2018-02-14 22:27:29 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-02-14 22:27:29 ----A---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2018-02-14 22:27:29 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-02-14 22:27:29 ----A---- C:\WINDOWS\system32\WpcMon.exe
2018-02-14 22:27:29 ----A---- C:\WINDOWS\system32\rtmpal.dll
2018-02-14 22:27:29 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-02-14 22:27:28 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-02-14 22:27:28 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2018-02-14 22:27:28 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-02-14 22:27:28 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-14 22:27:28 ----A---- C:\WINDOWS\system32\FntCache.dll
2018-02-14 22:27:27 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-14 22:27:27 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2018-02-14 22:27:27 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-02-14 22:27:26 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2018-02-14 22:27:26 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-02-14 22:27:26 ----A---- C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-14 22:27:26 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-02-14 22:27:25 ----A---- C:\WINDOWS\SYSWOW64\mmcndmgr.dll
2018-02-14 22:27:25 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-14 22:27:25 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2018-02-14 22:27:25 ----A---- C:\WINDOWS\system32\authui.dll
2018-02-14 22:27:25 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-02-14 22:27:24 ----A---- C:\WINDOWS\SYSWOW64\mmc.exe
2018-02-14 22:27:24 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2018-02-14 22:27:24 ----A---- C:\WINDOWS\system32\shutdownux.dll
2018-02-14 22:27:24 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-02-14 22:27:24 ----A---- C:\WINDOWS\system32\rtmcodecs.dll
2018-02-14 22:27:24 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-14 22:27:23 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2018-02-14 22:27:22 ----A---- C:\WINDOWS\SYSWOW64\rtmpal.dll
2018-02-14 22:27:22 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-02-14 22:27:22 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-14 22:27:22 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-02-14 22:27:22 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-14 22:27:22 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-02-14 22:27:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2018-02-14 22:27:21 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2018-02-14 22:27:21 ----A---- C:\WINDOWS\system32\Windows.Payments.dll
2018-02-14 22:27:21 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-14 22:27:21 ----A---- C:\WINDOWS\system32\efswrt.dll
2018-02-14 22:27:21 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-14 22:27:20 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2018-02-14 22:27:20 ----A---- C:\WINDOWS\system32\setupapi.dll
2018-02-14 22:27:19 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-02-14 22:27:19 ----A---- C:\WINDOWS\system32\policymanager.dll
2018-02-14 22:27:18 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2018-02-14 22:27:18 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-02-14 22:27:18 ----A---- C:\WINDOWS\system32\uDWM.dll
2018-02-14 22:27:18 ----A---- C:\WINDOWS\system32\rasdlg.dll
2018-02-14 22:27:18 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-02-14 22:27:18 ----A---- C:\WINDOWS\system32\lsm.dll
2018-02-14 22:27:18 ----A---- C:\WINDOWS\system32\localspl.dll
2018-02-14 22:27:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2018-02-14 22:27:17 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-02-14 22:27:17 ----A---- C:\WINDOWS\SYSWOW64\rtmcodecs.dll
2018-02-14 22:27:17 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2018-02-14 22:27:17 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeManagerObj.dll
2018-02-14 22:27:17 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-14 22:27:17 ----A---- C:\WINDOWS\system32\mspaint.exe
2018-02-14 22:27:17 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-14 22:27:17 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2018-02-14 22:27:16 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-02-14 22:27:16 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2018-02-14 22:27:16 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-02-14 22:27:15 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2018-02-14 22:27:15 ----A---- C:\WINDOWS\system32\winbrand.dll
2018-02-14 22:27:15 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-14 22:27:15 ----A---- C:\WINDOWS\system32\SettingSync.dll
2018-02-14 22:27:15 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-14 22:27:15 ----A---- C:\WINDOWS\system32\Magnify.exe
2018-02-14 22:27:15 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-02-14 22:27:14 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-14 22:27:14 ----A---- C:\WINDOWS\system32\webio.dll
2018-02-14 22:27:14 ----A---- C:\WINDOWS\system32\vssapi.dll
2018-02-14 22:27:14 ----A---- C:\WINDOWS\system32\FrameServer.dll
2018-02-14 22:27:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Payments.dll
2018-02-14 22:27:13 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 22:27:13 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2018-02-14 22:27:12 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2018-02-14 22:27:12 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2018-02-14 22:27:12 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-02-14 22:27:12 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 22:27:12 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2018-02-14 22:27:11 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2018-02-14 22:27:11 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2018-02-14 22:27:11 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-14 22:27:11 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-14 22:27:11 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-14 22:27:11 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-14 22:27:11 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-14 22:27:11 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-02-14 22:27:10 ----A---- C:\WINDOWS\system32\srcore.dll
2018-02-14 22:27:10 ----A---- C:\WINDOWS\system32\rastls.dll
2018-02-14 22:27:10 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-02-14 22:27:10 ----A---- C:\WINDOWS\system32\gameux.dll
2018-02-14 22:27:10 ----A---- C:\WINDOWS\system32\FsIso.exe
2018-02-14 22:27:10 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-02-14 22:27:10 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-02-14 22:27:09 ----A---- C:\WINDOWS\SYSWOW64\WMVXENCD.DLL
2018-02-14 22:27:09 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-02-14 22:27:09 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-14 22:27:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-14 22:27:09 ----A---- C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-14 22:27:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2018-02-14 22:27:08 ----A---- C:\WINDOWS\SYSWOW64\sppcomapi.dll
2018-02-14 22:27:08 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2018-02-14 22:27:08 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-14 22:27:08 ----A---- C:\WINDOWS\system32\wldp.dll
2018-02-14 22:27:08 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-14 22:27:08 ----A---- C:\WINDOWS\system32\rasgcw.dll
2018-02-14 22:27:08 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-02-14 22:27:07 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-02-14 22:27:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 22:27:07 ----A---- C:\WINDOWS\system32\aclui.dll
2018-02-14 22:27:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2018-02-14 22:27:06 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-02-14 22:27:06 ----A---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-14 22:27:06 ----A---- C:\WINDOWS\system32\ortcengine.dll
2018-02-14 22:27:06 ----A---- C:\WINDOWS\system32\edputil.dll
2018-02-14 22:27:05 ----A---- C:\WINDOWS\SYSWOW64\rtmmvrortc.dll
2018-02-14 22:27:05 ----A---- C:\WINDOWS\SYSWOW64\ortcengine.dll
2018-02-14 22:27:05 ----A---- C:\WINDOWS\SYSWOW64\Magnify.exe
2018-02-14 22:27:05 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2018-02-14 22:27:05 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2018-02-14 22:27:05 ----A---- C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-14 22:27:04 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2018-02-14 22:27:04 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2018-02-14 22:27:04 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-14 22:27:03 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2018-02-14 22:27:03 ----A---- C:\WINDOWS\SYSWOW64\vssapi.dll
2018-02-14 22:27:03 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2018-02-14 22:27:03 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2018-02-14 22:27:03 ----A---- C:\WINDOWS\SYSWOW64\edputil.dll
2018-02-14 22:27:03 ----A---- C:\WINDOWS\SYSWOW64\DeviceReactivation.dll
2018-02-14 22:27:03 ----A---- C:\WINDOWS\system32\twinapi.dll
2018-02-14 22:27:03 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-02-14 22:27:03 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2018-02-14 22:27:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 22:27:02 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2018-02-14 22:27:02 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2018-02-14 22:27:02 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 22:27:02 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-14 22:27:02 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2018-02-14 22:27:01 ----A---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2018-02-14 22:27:01 ----A---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2018-02-14 22:27:01 ----A---- C:\WINDOWS\system32\WebClnt.dll
2018-02-14 22:27:01 ----A---- C:\WINDOWS\system32\sud.dll
2018-02-14 22:27:01 ----A---- C:\WINDOWS\system32\netlogon.dll
2018-02-14 22:27:01 ----A---- C:\WINDOWS\system32\mmcbase.dll
2018-02-14 22:27:00 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2018-02-14 22:27:00 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2018-02-14 22:26:59 ----A---- C:\WINDOWS\SYSWOW64\WMVSENCD.DLL
2018-02-14 22:26:59 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2018-02-14 22:26:59 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-02-14 22:26:59 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2018-02-14 22:26:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 22:26:58 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2018-02-14 22:26:58 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-14 22:26:58 ----A---- C:\WINDOWS\system32\srchadmin.dll
2018-02-14 22:26:58 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-14 22:26:58 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-14 22:26:58 ----A---- C:\WINDOWS\system32\hgcpl.dll
2018-02-14 22:26:58 ----A---- C:\WINDOWS\system32\davclnt.dll
2018-02-14 22:26:57 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-02-14 22:26:57 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2018-02-14 22:26:57 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-02-14 22:26:57 ----A---- C:\WINDOWS\system32\themecpl.dll
2018-02-14 22:26:57 ----A---- C:\WINDOWS\system32\shsetup.dll
2018-02-14 22:26:56 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2018-02-14 22:26:56 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-02-14 22:26:56 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2018-02-14 22:26:55 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2018-02-14 22:26:55 ----A---- C:\WINDOWS\system32\ListSvc.dll
2018-02-14 22:26:55 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-02-14 22:26:55 ----A---- C:\WINDOWS\system32\authz.dll
2018-02-14 22:26:54 ----A---- C:\WINDOWS\SYSWOW64\shsetup.dll
2018-02-14 22:26:54 ----A---- C:\WINDOWS\system32\stobject.dll
2018-02-14 22:26:54 ----A---- C:\WINDOWS\system32\netplwiz.dll
2018-02-14 22:26:54 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-02-14 22:26:54 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2018-02-14 22:26:53 ----A---- C:\WINDOWS\SYSWOW64\setup16.exe
2018-02-14 22:26:53 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2018-02-14 22:26:53 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-14 22:26:53 ----A---- C:\WINDOWS\system32\FontProvider.dll
2018-02-14 22:26:50 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2018-02-14 22:26:49 ----A---- C:\WINDOWS\system32\themeui.dll
2018-02-14 22:26:48 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2018-02-14 22:26:48 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2018-02-14 22:26:48 ----A---- C:\WINDOWS\system32\bootux.dll
2018-02-14 22:26:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-02-14 22:26:47 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-14 22:26:47 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-02-14 22:26:47 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-14 22:26:47 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-14 22:26:46 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2018-02-14 22:26:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-14 22:26:46 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2018-02-14 22:26:46 ----A---- C:\WINDOWS\system32\regsvr32.exe
2018-02-14 22:26:46 ----A---- C:\WINDOWS\system32\ntshrui.dll
2018-02-14 22:26:45 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2018-02-14 22:26:44 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-14 22:26:43 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-14 22:26:43 ----A---- C:\WINDOWS\system32\fontext.dll
2018-02-14 22:26:42 ----A---- C:\WINDOWS\SYSWOW64\regsvr32.exe
2018-02-14 22:26:41 ----A---- C:\WINDOWS\SYSWOW64\sendmail.dll
2018-02-14 22:26:41 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2018-02-14 22:26:41 ----A---- C:\WINDOWS\system32\rshx32.dll
2018-02-14 22:26:41 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2018-02-14 22:26:40 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2018-02-14 22:26:40 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-02-14 22:26:40 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2018-02-14 22:26:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-14 22:26:39 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2018-02-14 22:26:39 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2018-02-14 22:26:39 ----A---- C:\WINDOWS\SYSWOW64\EnterpriseAppMgmtClient.dll
2018-02-14 22:26:39 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-14 22:26:39 ----A---- C:\WINDOWS\system32\LockScreenContent.dll
2018-02-14 22:26:38 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2018-02-14 22:26:38 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2018-02-14 22:26:38 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2018-02-14 22:26:38 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2018-02-14 22:26:38 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-02-14 22:26:38 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-14 22:26:37 ----A---- C:\WINDOWS\SYSWOW64\mmcbase.dll
2018-02-14 22:26:36 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-14 22:26:34 ----A---- C:\WINDOWS\system32\twext.dll
2018-02-14 22:26:34 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-02-14 22:26:33 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2018-02-14 22:26:33 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2018-02-14 22:26:33 ----A---- C:\WINDOWS\system32\dsreg.dll
2018-02-14 22:26:32 ----A---- C:\WINDOWS\system32\rstrui.exe
2018-02-14 22:26:32 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2018-02-14 22:26:29 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-02-14 22:26:29 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2018-02-14 22:26:28 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2018-02-14 22:26:28 ----A---- C:\WINDOWS\SYSWOW64\srchadmin.dll
2018-02-14 22:26:28 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2018-02-14 22:26:28 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2018-02-14 22:26:28 ----A---- C:\WINDOWS\system32\wups2.dll
2018-02-14 22:26:28 ----A---- C:\WINDOWS\system32\winsku.dll
2018-02-14 22:26:28 ----A---- C:\WINDOWS\system32\virtdisk.dll
2018-02-14 22:26:28 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2018-02-14 22:26:27 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-02-14 22:26:27 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeHelper.dll
2018-02-14 22:26:27 ----A---- C:\WINDOWS\system32\winsrv.dll
2018-02-14 22:26:27 ----A---- C:\WINDOWS\system32\tzres.dll
2018-02-14 22:26:26 ----A---- C:\WINDOWS\SYSWOW64\user.exe

======List of files/folders modified in the last 1 month======

2018-03-11 12:46:01 ----D---- C:\WINDOWS\Prefetch
2018-03-11 12:45:51 ----RD---- C:\Program Files
2018-03-11 12:45:42 ----D---- C:\WINDOWS\Temp
2018-03-11 12:39:55 ----D---- C:\Windows
2018-03-11 12:19:54 ----D---- C:\WINDOWS\system32\sru
2018-03-11 12:18:12 ----D---- C:\WINDOWS\system32\drivers
2018-03-11 12:17:43 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2018-03-11 12:01:05 ----D---- C:\Users\Pavel\AppData\Roaming\uTorrent
2018-03-11 11:54:04 ----AD---- C:\Program Files\CCleaner
2018-03-11 11:44:45 ----AD---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-03-11 11:44:44 ----D---- C:\ProgramData\Malwarebytes
2018-03-11 11:44:32 ----HD---- C:\ProgramData
2018-03-11 11:40:33 ----D---- C:\WINDOWS\INF
2018-03-11 11:33:57 ----D---- C:\WINDOWS\system32\Tasks
2018-03-10 20:55:36 ----D---- C:\WINDOWS\AppReadiness
2018-03-10 20:49:59 ----D---- C:\WINDOWS\system32\SleepStudy
2018-03-10 19:13:09 ----SHD---- C:\System Volume Information
2018-03-10 19:12:29 ----D---- C:\WINDOWS\Logs
2018-03-10 19:02:02 ----D---- C:\WINDOWS\DeliveryOptimization
2018-03-10 18:59:06 ----D---- C:\Program Files\WinRAR
2018-03-10 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2018-03-10 16:53:46 ----SHD---- C:\WINDOWS\Installer
2018-03-10 16:53:45 ----SHD---- C:\Config.Msi
2018-03-10 16:53:27 ----RD---- C:\Program Files (x86)\Skype
2018-03-10 16:53:27 ----D---- C:\Program Files (x86)\Common Files
2018-03-10 16:52:58 ----D---- C:\ProgramData\Skype
2018-03-10 16:52:38 ----D---- C:\WINDOWS\system32\config
2018-03-10 16:49:56 ----D---- C:\WINDOWS\System32
2018-03-10 16:47:47 ----D---- C:\Program Files (x86)\IrfanView
2018-03-10 14:17:33 ----RD---- C:\WINDOWS\Microsoft.NET
2018-03-09 19:01:16 ----HD---- C:\Program Files\WindowsApps
2018-03-04 21:59:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-02 16:23:18 ----DC---- C:\WINDOWS\Panther
2018-03-02 16:23:18 ----D---- C:\WINDOWS\LiveKernelReports
2018-03-02 16:23:18 ----D---- C:\WINDOWS\debug
2018-03-01 23:25:39 ----D---- C:\WINDOWS\system32\catroot2
2018-02-25 22:08:39 ----D---- C:\WINDOWS\SysWOW64
2018-02-22 22:20:16 ----D---- C:\WINDOWS\system32\DriverStore
2018-02-22 22:20:12 ----D---- C:\WINDOWS\WinSxS
2018-02-18 12:34:29 ----D---- C:\WINDOWS\rescache
2018-02-15 22:20:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-15 22:20:03 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-02-15 22:16:47 ----D---- C:\WINDOWS\TextInput
2018-02-15 22:16:47 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-02-15 22:16:47 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-02-15 22:16:32 ----D---- C:\WINDOWS\system32\wbem
2018-02-15 22:16:32 ----D---- C:\WINDOWS\system32\oobe
2018-02-15 22:16:32 ----D---- C:\WINDOWS\system32\migration
2018-02-15 22:16:32 ----D---- C:\WINDOWS\system32\Boot
2018-02-15 22:16:32 ----D---- C:\WINDOWS\system32\appraiser
2018-02-15 22:16:18 ----D---- C:\WINDOWS\ShellExperiences
2018-02-15 22:16:15 ----D---- C:\WINDOWS\bcastdvr
2018-02-15 22:16:15 ----D---- C:\WINDOWS\apppatch
2018-02-15 22:15:57 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-02-14 23:33:20 ----D---- C:\ProgramData\Microsoft Help
2018-02-14 23:04:16 ----D---- C:\WINDOWS\system32\MRT
2018-02-14 22:53:47 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 22:53:35 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-02-14 22:42:24 ----D---- C:\WINDOWS\CbsTemp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-03-10 199440]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-03-10 343752]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-03-10 57680]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-03-10 84368]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-03-10 380528]
R0 iaStor;@oem4.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\WINDOWS\System32\drivers\iaStor.sys [2010-01-15 538136]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2018-03-11 253664]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-03-10 196648]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-03-10 227504]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-03-10 215320]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-09-13 41832]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-03-10 110328]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-03-10 1026696]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-03-10 460520]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2018-01-18 76200]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-03-10 146656]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-03-10 205976]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2012-01-18 314016]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2012-01-18 43680]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2018-03-11 193248]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2017-09-29 7585280]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 FwLnk;@oem31.inf,%DiskServiceDesc%;FwLnk Driver; C:\WINDOWS\System32\drivers\FwLnk.sys [2009-07-07 9216]
R3 HECIx64;@oem23.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\WINDOWS\System32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-11-27 12311776]
R3 Impcd;Impcd; C:\WINDOWS\System32\drivers\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;@oem22.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2017-09-29 121344]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2018-03-11 109800]
R3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [2018-03-11 45960]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2018-03-11 101600]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2018-01-01 176128]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2010-04-26 195584]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-03-10 46968]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2018-02-10 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 PGEffect;Pangu effect driver; C:\WINDOWS\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2016-11-23 51392]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-26 202752]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-01-05 83768]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2018-03-10 303728]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_3d2b6;Uživatelská služba platformy připojených zařízení_3d2b6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-03-03 6440736]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2017-09-30 26112]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 OneSyncSvc_3d2b6;Hostitel synchronizace_3d2b6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-02-10 519144]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\x64\aswidsagenta.exe [2018-03-10 7556704]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-01-22 673080]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PimIndexMaintenanceSvc_3d2b6;Data kontaktů_3d2b6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
S2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_3d2b6;Tok zařízení_3d2b6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-12-21 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_3d2b6;Služba zasílání zpráv_3d2b6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-02-11 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_3d2b6;PrintWorkflow_3d2b6; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-09-29 52856]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku, díky

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

pivli
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 08 čer 2009 19:38

Re: Prosím o preventivku, díky

#3 Příspěvek od pivli »

Ahoj :) Tady je log z Adwcleaner:

# AdwCleaner 7.0.8.0 - Logfile created on Sun Mar 11 16:10:31 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\DAEMON Tools Toolbar


***** [ Files ] *****

Deleted: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\hlag1a4w.default\invalidprefs.js


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKU\S-1-5-21-4043362240-3129076905-3645850022-1000\Software\Video Player
Deleted: [Key] - HKCU\Software\Video Player
Deleted: [Key] - HKU\S-1-5-21-4043362240-3129076905-3645850022-1000\Software\Appscion
Deleted: [Key] - HKCU\Software\Appscion
Deleted: [Key] - HKU\S-1-5-21-4043362240-3129076905-3645850022-1000\Software\StartSearch
Deleted: [Key] - HKCU\Software\StartSearch
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Deleted: [Key] - HKU\S-1-5-21-4043362240-3129076905-3645850022-1000\Software\Softonic
Deleted: [Key] - HKCU\Software\Softonic
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-4043362240-3129076905-3645850022-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2402 B] - [2018/3/11 16:9:33]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku, díky

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

pivli
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 08 čer 2009 19:38

Re: Prosím o preventivku, díky

#5 Příspěvek od pivli »

Ahoj, FRSTLauncher nesel stahnout,posilam logy.
Přílohy
addition+FRST.rar
(28.2 KiB) Staženo 63 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku, díky

#6 Příspěvek od Conder »

:arrow: Odinstaluj zastaralu verziu Javy (Java(TM) 6 Update 17). Ak Javu potrebujes, nainstaluj aktualnu verziu (momentalne Java 8 Update 161) z https://java.com/en/download/

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\Users\Pavel\AppData\Roaming\inst.exe
    
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
    CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
    U3 idsvc; no ImagePath
    ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
    Task: {15C07ECC-2A1B-4EC3-9FD5-891B98F41564} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {173A0CDC-26E6-4A54-9990-957C4D7908D7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {1B7D7CB5-8FC5-475E-98BA-ED741E00E616} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
    Task: {2D3CCE21-94CC-4FDD-ADEF-4293941E0C13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {2DE3711A-A8CF-487C-AEED-326F06A7B8A1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {3C7ACF56-1A4B-443A-87E3-1C7C95A18607} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {678586B4-3154-4E8B-A545-CF7A074EA306} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {747E382D-CB95-41A2-B49B-C7836D192224} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {87789208-25D4-4BB1-A262-8BFDF2CED88E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {AACB1F16-497F-4D15-BC11-00D127D8ACD3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
    Task: {D0D721BF-7388-4DC9-A352-55B52668330D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {E4658DD1-140C-4475-949F-A6B5FD470E59} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {E7C637B5-C525-49E7-AEA8-6C400702991E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {E8D35C63-54F5-4721-B21D-3E633AA8E4E8} - \ConfigFree Startup Programs -> No File <==== ATTENTION
    Task: {F747AA60-0001-49FE-9817-0F559F098A4F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    
    DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
    DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startup
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

pivli
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 08 čer 2009 19:38

Re: Prosím o preventivku, díky

#7 Příspěvek od pivli »

Fix result of Farbar Recovery Scan Tool (x64) Version: 13.03.2018
Ran by Pavel (13-03-2018 16:06:48) Run:1
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available Profiles: Pavel & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\Pavel\AppData\Roaming\inst.exe

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
U3 idsvc; no ImagePath
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {15C07ECC-2A1B-4EC3-9FD5-891B98F41564} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {173A0CDC-26E6-4A54-9990-957C4D7908D7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {1B7D7CB5-8FC5-475E-98BA-ED741E00E616} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {2D3CCE21-94CC-4FDD-ADEF-4293941E0C13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2DE3711A-A8CF-487C-AEED-326F06A7B8A1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3C7ACF56-1A4B-443A-87E3-1C7C95A18607} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {678586B4-3154-4E8B-A545-CF7A074EA306} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {747E382D-CB95-41A2-B49B-C7836D192224} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {87789208-25D4-4BB1-A262-8BFDF2CED88E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {AACB1F16-497F-4D15-BC11-00D127D8ACD3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {D0D721BF-7388-4DC9-A352-55B52668330D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E4658DD1-140C-4475-949F-A6B5FD470E59} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E7C637B5-C525-49E7-AEA8-6C400702991E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E8D35C63-54F5-4721-B21D-3E633AA8E4E8} - \ConfigFree Startup Programs -> No File <==== ATTENTION
Task: {F747AA60-0001-49FE-9817-0F559F098A4F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startup

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Users\Pavel\AppData\Roaming\inst.exe ========================

C:\Users\Pavel\AppData\Roaming\inst.exe
File is digitally signed
MD5: 16E53BFC96CE14021C0E07EB1C198478
Creation and modification date: 2012-05-31 21:04 - 2012-05-31 21:04
Size: 000099384
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/124f371 ... 520235872/

====== End of File: ======

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
"HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => removed successfully
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15C07ECC-2A1B-4EC3-9FD5-891B98F41564}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15C07ECC-2A1B-4EC3-9FD5-891B98F41564}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{173A0CDC-26E6-4A54-9990-957C4D7908D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{173A0CDC-26E6-4A54-9990-957C4D7908D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{1B7D7CB5-8FC5-475E-98BA-ED741E00E616}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B7D7CB5-8FC5-475E-98BA-ED741E00E616}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D3CCE21-94CC-4FDD-ADEF-4293941E0C13}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D3CCE21-94CC-4FDD-ADEF-4293941E0C13}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DE3711A-A8CF-487C-AEED-326F06A7B8A1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DE3711A-A8CF-487C-AEED-326F06A7B8A1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C7ACF56-1A4B-443A-87E3-1C7C95A18607}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C7ACF56-1A4B-443A-87E3-1C7C95A18607}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{678586B4-3154-4E8B-A545-CF7A074EA306}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{678586B4-3154-4E8B-A545-CF7A074EA306}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{747E382D-CB95-41A2-B49B-C7836D192224}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{747E382D-CB95-41A2-B49B-C7836D192224}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{87789208-25D4-4BB1-A262-8BFDF2CED88E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87789208-25D4-4BB1-A262-8BFDF2CED88E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AACB1F16-497F-4D15-BC11-00D127D8ACD3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AACB1F16-497F-4D15-BC11-00D127D8ACD3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0D721BF-7388-4DC9-A352-55B52668330D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0D721BF-7388-4DC9-A352-55B52668330D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4658DD1-140C-4475-949F-A6B5FD470E59}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4658DD1-140C-4475-949F-A6B5FD470E59}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7C637B5-C525-49E7-AEA8-6C400702991E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7C637B5-C525-49E7-AEA8-6C400702991E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E8D35C63-54F5-4721-B21D-3E633AA8E4E8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8D35C63-54F5-4721-B21D-3E633AA8E4E8}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ConfigFree Startup Programs => could not remove. Access Denied.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F747AA60-0001-49FE-9817-0F559F098A4F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F747AA60-0001-49FE-9817-0F559F098A4F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startup => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 74192509 B
Java, Flash, Steam htmlcache => 1080 B
Windows/system/drivers => 128372768 B
Edge => 402 B
Chrome => 236242 B
Firefox => 321721852 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 78055826 B
NetworkService => 142065424 B
Pavel => 28698108 B
DefaultAppPool => 16674 B

RecycleBin => 108388 B
EmptyTemp: => 744.7 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-03-2018 16:14:19)


Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ConfigFree Startup Programs => could not remove. Access Denied.

==== End of Fixlog 16:14:19 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku, díky

#8 Příspěvek od Conder »

:arrow: Vyzera to uz OK. Su este s PC nejake problemy?

:arrow: Ak nie, tak este upraceme po pouzitych nastrojoch: :arrow: Skontroluj velkost plochy (C:\Users\Pavel\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

pivli
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 08 čer 2009 19:38

Re: Prosím o preventivku, díky

#9 Příspěvek od pivli »

Všechno v pohodě :) Moc děkuju za pomoc!!!! :)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivku, díky

#10 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno