Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

RSIT Preventívka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
psychoSVK
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 08 čer 2007 17:47

RSIT Preventívka

#1 Příspěvek od psychoSVK »

Dobrý deň, poprosím o preventívnu kontrolu logu, v poslednej dobe som zaznamenal spomalenie systému a občasné mrznutie.


Logfile of random's system information tool 1.10 (written by random/random)
Run by Matúš Cehlár at 2018-01-26 11:29:34
Microsoft Windows 8.1
System drive C: has 14 GB (6%) free of 228 GB
Total RAM: 8053 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:35:04, on 26.1.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\ProgramData\Battle.net\Agent\Agent.6017\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files (x86)\Battle.net\Battle.net.9766\Battle.net Helper.exe
C:\Program Files (x86)\Battle.net\Battle.net.9766\Battle.net Helper.exe
C:\Program Files\trend micro\Matúš Cehlár.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart ... 0118__yaie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Spotify] C:\Users\Matúš Cehlár\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-205 207 Series"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Matúš Cehlár\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Bitdefender Product Agent Service (ProductAgentService) - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9036 bytes

======Listing Processes======





wininit.exe


C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe" /service
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {72b3b1d7-a7c5-4950-8fbcd1c728a0b18b}
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service
C:\WINDOWS\system32\EscSvc64.exe
taskhostex.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
"C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Matúš Cehlár\AppData\Local\Steam\htmlcache" "-steampid=5964" "-buildid=1513371133" "-steamid=0" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Matúš Cehlár\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\Matúš Cehlár\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x218,0x230,0x234,0x21c,0x238,0x6aa781a4,0x6aa781b4,0x6aa781c4
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --service-pipe-token=ADC02F6E2F5ADDD9FCA0AA11D673CC8C --enable-blink-features=ResizeObserver --lang=en-US --lang=sk-SK --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback.host/* --disable-spell-checking --buildid=1513371133 --steamid=0 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=ADC02F6E2F5ADDD9FCA0AA11D673CC8C --renderer-client-id=2 --mojo-platform-channel-handle=1604 /prefetch:1
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --service-pipe-token=90D5C30A36EB514FB0AD7960241D0195 --lang=en-US --lang=en-US --log-file="C:\Users\Matúš Cehlár\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=90D5C30A36EB514FB0AD7960241D0195 --renderer-client-id=2 --mojo-platform-channel-handle=1504 /prefetch:1
"C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe "
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{45BA127D-10A8-46EA-8AB7-56EA9078943C}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.18874_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca
"C:\ProgramData\Battle.net\Agent\Agent.6017\Agent.exe" --locale=enUS --session=9220769384644359799
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Battle.net\Battle.net.exe" "--gamepath=C:\Program Files (x86)\World of Warcraft" --game=wow_enus
"Battle.net Helper.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\Matúš Cehlár\AppData\Local\Battle.net\Logs\libcef-20180126T101821.436061.log" --log-severity=error --product-version="Battle.net/1.10.0.9766 Chrome/62.0.3202.94" --gpu-vendor-id=0x10de --gpu-device-id=0x13c2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.9065 --gpu-driver-date=1-3-2018 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0412 --lang=en-US --log-file="C:\Users\Matúš Cehlár\AppData\Local\Battle.net\Logs\libcef-20180126T101821.436061.log" --log-severity=error --product-version="Battle.net/1.10.0.9766 Chrome/62.0.3202.94" --service-request-channel-token=AC5B9F5000E91CD536B9C9592F66290F --mojo-platform-channel-handle=2404 /prefetch:2
"Battle.net Helper.exe" --type=renderer --no-sandbox --service-pipe-token=42113DDB3E4FF2841CE0F4C9FFB4DCD8 --lang=en-US --lang=en-US --log-file="C:\Users\Matúš Cehlár\AppData\Local\Battle.net\Logs\libcef-20180126T101821.436061.log" --log-severity=error --product-version="Battle.net/1.10.0.9766 Chrome/62.0.3202.94" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=42113DDB3E4FF2841CE0F4C9FFB4DCD8 --renderer-client-id=3 --mojo-platform-channel-handle=3520 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.132 --initial-client-data=0x118,0x11c,0x120,0x114,0x124,0x7ffe818f5720,0x7ffe818f5760,0x7ffe818f5738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5504 --on-initialized-event-handle=472 --parent-handle=484 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --gpu-vendor-id=0x10de --gpu-device-id=0x13c2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.9065 --gpu-driver-date=1-3-2018 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0412 --service-request-channel-token=C02EA7473E6CB8CCC8DE63CFF8FD19E9 --mojo-platform-channel-handle=1260 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=2235EF35293C278F10DEDF0E97775537 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=2235EF35293C278F10DEDF0E97775537 --renderer-client-id=4 --mojo-platform-channel-handle=2776 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=13926B04BCD009013401A2D1D0B9F03F --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=13926B04BCD009013401A2D1D0B9F03F --renderer-client-id=5 --mojo-platform-channel-handle=3068 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=74EC3DD1BB438BF2798952DB1A3F9371 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=74EC3DD1BB438BF2798952DB1A3F9371 --renderer-client-id=6 --mojo-platform-channel-handle=3128 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=FC36C8DE00836346CA341AC3DA7ADAA9 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=FC36C8DE00836346CA341AC3DA7ADAA9 --renderer-client-id=19 --mojo-platform-channel-handle=6044 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=1A76AB49318BAF8B664830E2F340F0C6 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=1A76AB49318BAF8B664830E2F340F0C6 --renderer-client-id=18 --mojo-platform-channel-handle=5992 /prefetch:1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=F9FFB09280FB26644F3138F55FF83705 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=F9FFB09280FB26644F3138F55FF83705 --renderer-client-id=17 --mojo-platform-channel-handle=6820 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=08C555B37F5E0D2F4192BF00F62C5550 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=08C555B37F5E0D2F4192BF00F62C5550 --renderer-client-id=11 --mojo-platform-channel-handle=7588 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=23A46845B3C717B1AAD26178A109C6D5 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=23A46845B3C717B1AAD26178A109C6D5 --renderer-client-id=12 --mojo-platform-channel-handle=7532 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=8557AA7EA1031454B9253F9178BAF351 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=8557AA7EA1031454B9253F9178BAF351 --renderer-client-id=13 --mojo-platform-channel-handle=9084 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=582413E62F90E1D82BB98C4D6ABD02BA --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=582413E62F90E1D82BB98C4D6ABD02BA --renderer-client-id=14 --mojo-platform-channel-handle=9364 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=F9BFCD5700B360115A08BA2E5B60D067 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=F9BFCD5700B360115A08BA2E5B60D067 --renderer-client-id=15 --mojo-platform-channel-handle=9944 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=682ABBE2FCEF16CA656A1CD19A135B40 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=682ABBE2FCEF16CA656A1CD19A135B40 --renderer-client-id=16 --mojo-platform-channel-handle=10368 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=862629CEB80F712F6360E4C42F9C1F6A --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=862629CEB80F712F6360E4C42F9C1F6A --renderer-client-id=22 --mojo-platform-channel-handle=8664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1240,12152406678589930186,11478151468865004233,131072 --service-pipe-token=5586E4B938D5E99C29778B37230DFF8C --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=5586E4B938D5E99C29778B37230DFF8C --renderer-client-id=27 --mojo-platform-channel-handle=10848 /prefetch:1
"C:\Users\Matúš Cehlár\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Matúš Cehlár\AppData\Roaming\Mozilla\Firefox\Profiles\l8g5exje.default-1516348789297

prefs.js - "browser.search.useDBForOrder" - true

"bdwtwe@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender Security\bdwteff\


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.161.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.161.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-01-22 654224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-01-22 588752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-19 474688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-19 188992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-01-22 654224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-01-22 588752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-01-22 441240]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-07-13 9230816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify"=C:\Users\Matúš Cehlár\AppData\Roaming\Spotify\Spotify.exe [2018-01-17 21099408]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-12-15 3111712]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [2014-12-12 283232]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-01-09 10257872]
"Spotify Web Helper"=C:\Users\Matúš Cehlár\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-01-17 780688]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-01-26 11:29:34 ----D---- C:\rsit
2018-01-26 11:29:34 ----D---- C:\Program Files\trend micro
2018-01-25 12:41:42 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\Hard Disk Sentinel
2018-01-25 12:40:57 ----SHD---- C:\Config.Msi
2018-01-25 12:36:51 ----D---- C:\ProgramData\Binarysense
2018-01-25 12:36:41 ----D---- C:\Program Files (x86)\BinarySense
2018-01-25 12:13:13 ----D---- C:\TCCARGO
2018-01-23 23:02:12 ----D---- C:\WINDOWS\Minidump
2018-01-19 14:20:55 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\GHISLER
2018-01-19 08:53:59 ----D---- C:\Program Files\CCleaner
2018-01-18 22:31:40 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\uTorrent
2018-01-17 23:12:24 ----D---- C:\Program Files (x86)\Warcraft Logs Uploader
2018-01-10 21:49:18 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\GSplit
2018-01-10 21:49:16 ----D---- C:\Program Files (x86)\GSplit
2018-01-09 10:30:31 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-01-09 10:30:31 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-01-09 10:30:30 ----A---- C:\WINDOWS\SYSWOW64\rascfg.dll
2018-01-09 10:30:30 ----A---- C:\WINDOWS\system32\rascfg.dll
2018-01-09 10:30:29 ----A---- C:\WINDOWS\system32\shell32.dll
2018-01-09 10:30:28 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-01-09 10:30:28 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-01-09 10:30:28 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2018-01-09 10:30:27 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-01-09 10:30:26 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-09 10:30:26 ----A---- C:\WINDOWS\system32\win32k.sys
2018-01-09 10:30:26 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-01-09 10:30:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-01-09 10:30:25 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2018-01-09 10:30:25 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-01-09 10:30:24 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-01-09 10:30:24 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-01-09 10:30:24 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-01-09 10:30:24 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-01-09 10:30:24 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-01-09 10:30:23 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-01-09 10:30:23 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-01-09 10:30:23 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2018-01-09 10:30:23 ----A---- C:\WINDOWS\system32\wininet.dll
2018-01-09 10:30:23 ----A---- C:\WINDOWS\system32\combase.dll
2018-01-09 10:30:22 ----A---- C:\WINDOWS\system32\winresume.exe
2018-01-09 10:30:22 ----A---- C:\WINDOWS\system32\winload.exe
2018-01-09 10:30:22 ----A---- C:\WINDOWS\system32\ole32.dll
2018-01-09 10:30:22 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-01-09 10:30:21 ----A---- C:\WINDOWS\system32\winhttp.dll
2018-01-09 10:30:21 ----A---- C:\WINDOWS\system32\rpcss.dll
2018-01-09 10:30:21 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-01-09 10:30:21 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2018-01-09 10:30:21 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-01-09 10:30:21 ----A---- C:\WINDOWS\system32\hal.dll
2018-01-09 10:30:21 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-01-09 10:30:20 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2018-01-09 10:30:20 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2018-01-09 10:30:20 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-01-09 10:30:20 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-01-09 10:30:20 ----A---- C:\WINDOWS\system32\ieui.dll
2018-01-09 10:30:20 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-01-09 10:30:19 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-01-09 10:30:19 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-01-09 10:30:19 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-01-09 10:30:19 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-01-09 10:30:18 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-01-09 10:30:18 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-01-09 10:30:18 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-01-09 10:30:18 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2018-01-09 10:30:18 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2018-01-09 10:30:18 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2018-01-09 10:30:17 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2018-01-09 10:30:17 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-01-09 10:30:17 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2018-01-09 10:30:17 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-01-09 10:30:17 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-01-09 10:30:17 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2018-01-09 10:30:17 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-01-09 10:30:16 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-01-09 10:30:16 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2018-01-09 10:30:16 ----A---- C:\WINDOWS\system32\spoolsv.exe
2018-01-09 10:30:16 ----A---- C:\WINDOWS\system32\BFE.DLL
2018-01-09 10:30:15 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-01-09 10:30:15 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-01-09 10:30:15 ----A---- C:\WINDOWS\system32\wow64.dll
2018-01-09 10:30:15 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-01-09 10:30:15 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-01-09 10:30:15 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-01-09 10:30:14 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-01-09 10:30:14 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2018-01-09 10:30:14 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2018-01-09 10:30:14 ----A---- C:\WINDOWS\system32\wcncsvc.dll
2018-01-09 10:30:14 ----A---- C:\WINDOWS\system32\nshwfp.dll
2018-01-09 10:30:14 ----A---- C:\WINDOWS\system32\ncsi.dll
2018-01-09 10:30:14 ----A---- C:\WINDOWS\system32\jscript.dll
2018-01-09 10:30:14 ----A---- C:\WINDOWS\system32\certcli.dll
2018-01-09 10:30:14 ----A---- C:\WINDOWS\system32\actxprxy.dll
2018-01-09 10:30:13 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-01-09 10:30:13 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-01-09 10:30:13 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-01-09 10:30:13 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-01-09 10:30:13 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-01-09 10:30:13 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2018-01-09 10:30:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-01-09 10:30:12 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-01-09 10:30:12 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-01-09 10:30:12 ----A---- C:\WINDOWS\system32\wlansvc.dll
2018-01-09 10:30:12 ----A---- C:\WINDOWS\system32\WinTypes.dll
2018-01-09 10:30:12 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-09 10:30:12 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-01-09 10:30:12 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2018-01-09 10:30:11 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2018-01-09 10:30:11 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-01-09 10:30:11 ----A---- C:\WINDOWS\system32\webcheck.dll
2018-01-09 10:30:11 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-01-09 10:30:11 ----A---- C:\WINDOWS\system32\msrating.dll
2018-01-09 10:30:11 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-01-09 10:30:11 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-01-09 10:30:11 ----A---- C:\WINDOWS\system32\drivers\pacer.sys
2018-01-09 10:30:09 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-01-09 10:30:09 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2018-01-09 10:30:09 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-01-09 10:30:09 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-01-09 10:30:09 ----A---- C:\WINDOWS\system32\WcnApi.dll
2018-01-09 10:30:09 ----A---- C:\WINDOWS\system32\p2psvc.dll
2018-01-09 10:30:09 ----A---- C:\WINDOWS\system32\fdWCN.dll
2018-01-09 10:30:09 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-01-09 10:30:09 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2018-01-09 10:30:08 ----A---- C:\WINDOWS\SYSWOW64\setup16.exe
2018-01-09 10:30:08 ----A---- C:\WINDOWS\SYSWOW64\P2P.dll
2018-01-09 10:30:08 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2018-01-09 10:30:08 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-01-09 10:30:08 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2018-01-09 10:30:08 ----A---- C:\WINDOWS\system32\P2P.dll
2018-01-09 10:30:08 ----A---- C:\WINDOWS\system32\nlaapi.dll
2018-01-09 10:30:08 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-01-09 10:30:08 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2018-01-09 10:30:07 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2018-01-09 10:30:07 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-01-09 10:30:07 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-01-09 10:30:07 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2018-01-09 10:30:07 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-01-09 10:30:07 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2018-01-09 10:30:07 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2018-01-09 10:30:07 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2018-01-09 10:30:06 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2018-01-09 10:30:06 ----A---- C:\WINDOWS\SYSWOW64\ntvdm64.dll
2018-01-09 10:30:06 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-01-09 10:30:06 ----A---- C:\WINDOWS\SYSWOW64\fdWCN.dll
2018-01-09 10:30:06 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-01-09 10:30:06 ----A---- C:\WINDOWS\system32\inseng.dll
2018-01-09 10:30:06 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2018-01-09 10:30:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-01-09 10:30:06 ----A---- C:\WINDOWS\system32\icfupgd.dll
2018-01-09 10:30:06 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2018-01-09 10:30:06 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-01-09 10:30:06 ----A---- C:\WINDOWS\system32\appinfo.dll
2018-01-09 10:30:05 ----A---- C:\WINDOWS\SYSWOW64\wow32.dll
2018-01-09 10:30:05 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2018-01-09 10:30:05 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2018-01-09 10:30:05 ----A---- C:\WINDOWS\system32\iepeers.dll
2018-01-09 10:30:05 ----A---- C:\WINDOWS\system32\atmlib.dll
2018-01-08 17:53:27 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2018-01-08 17:53:17 ----D---- C:\Program Files (x86)\VulkanRT
2018-01-08 17:53:17 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2018-01-08 17:53:17 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2018-01-08 17:53:17 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2018-01-08 17:53:17 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2018-01-08 17:52:20 ----D---- C:\WINDOWS\system32\drivers\NVIDIA Corporation
2018-01-08 17:51:00 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2018-01-08 17:51:00 ----A---- C:\WINDOWS\system32\drivers\nvhda64v.sys
2018-01-08 17:50:59 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2018-01-08 17:50:59 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2018-01-08 17:50:59 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-01-08 17:50:59 ----A---- C:\WINDOWS\system32\nvopencl.dll
2018-01-08 17:50:58 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2018-01-08 17:50:58 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2018-01-08 17:50:58 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2018-01-08 17:50:57 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2018-01-08 17:50:57 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2018-01-08 17:50:57 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2018-01-08 17:50:57 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2018-01-08 17:50:57 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2018-01-08 17:50:57 ----A---- C:\WINDOWS\system32\nvinitx.dll
2018-01-08 17:50:57 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2018-01-08 17:50:57 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2018-01-08 17:50:56 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2018-01-08 17:50:56 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2018-01-08 17:50:56 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2018-01-08 17:50:56 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2018-01-08 17:50:56 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2018-01-08 17:50:56 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2018-01-08 17:50:56 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-01-08 17:50:56 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-01-08 17:50:55 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2018-01-08 17:50:55 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2018-01-08 17:50:55 ----A---- C:\WINDOWS\system32\nvdispgenco6439065.dll
2018-01-08 17:50:55 ----A---- C:\WINDOWS\system32\nvdispco6439065.dll
2018-01-08 17:50:55 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2018-01-08 17:50:55 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2018-01-08 17:50:55 ----A---- C:\WINDOWS\system32\nvcuda.dll
2018-01-08 17:50:54 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2018-01-08 17:50:53 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2018-01-08 17:50:52 ----A---- C:\WINDOWS\system32\nvaudcaparm.dll
2018-01-08 17:50:52 ----A---- C:\WINDOWS\system32\drivers\nvvadarm.sys
2018-01-03 11:20:46 ----D---- C:\Simulationcraft(x64)
2018-01-03 10:54:08 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\SimulationCraft
2018-01-02 19:16:04 ----D---- C:\WINDOWS\system32\RTCOM
2018-01-02 19:15:51 ----D---- C:\Program Files\Realtek
2018-01-02 19:15:50 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2018-01-02 19:15:38 ----A---- C:\WINDOWS\system32\RtPgEx64.dll
2018-01-02 19:15:38 ----A---- C:\WINDOWS\system32\RtlCPAPI64.dll
2018-01-02 19:15:38 ----A---- C:\WINDOWS\system32\RtkCoLDR64.dll
2018-01-02 19:15:38 ----A---- C:\WINDOWS\system32\RtkCfg64.dll
2018-01-02 19:15:38 ----A---- C:\WINDOWS\system32\drivers\RTKVHD64.sys
2018-01-02 19:15:37 ----A---- C:\WINDOWS\system32\RtkApi64.dll
2018-01-02 19:15:37 ----A---- C:\WINDOWS\system32\RtDataProc64.dll
2018-01-02 19:15:37 ----A---- C:\WINDOWS\system32\RTCOM64.dll
2018-01-02 19:15:37 ----A---- C:\WINDOWS\system32\RltkAPO64.dll
2018-01-02 19:15:37 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT
2018-01-02 19:15:36 ----A---- C:\WINDOWS\system32\RCoRes64.dat
2018-01-02 19:15:36 ----A---- C:\WINDOWS\system32\RCoInstII64.dll
2018-01-02 19:15:36 ----A---- C:\WINDOWS\system32\R4EEP64A.dll
2018-01-02 19:15:36 ----A---- C:\WINDOWS\system32\R4EEL64A.dll
2018-01-02 19:15:36 ----A---- C:\WINDOWS\system32\R4EEG64A.dll
2018-01-02 19:15:36 ----A---- C:\WINDOWS\system32\R4EED64A.dll
2018-01-02 19:15:36 ----A---- C:\WINDOWS\system32\R4EEA64A.dll
2018-01-02 19:15:35 ----A---- C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2018-01-02 19:15:35 ----A---- C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2018-01-02 19:15:35 ----A---- C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2018-01-02 19:15:35 ----A---- C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2018-01-02 19:15:35 ----A---- C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2018-01-02 19:15:35 ----A---- C:\WINDOWS\system32\DTSLimiterDLL64.dll
2018-01-02 19:15:35 ----A---- C:\WINDOWS\system32\DTSLFXAPO64.dll
2018-01-02 19:15:35 ----A---- C:\WINDOWS\system32\DTSGFXAPONS64.dll
2018-01-02 19:15:35 ----A---- C:\WINDOWS\system32\DTSGFXAPO64.dll
2018-01-02 19:15:35 ----A---- C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2018-01-02 19:15:34 ----D---- C:\Program Files (x86)\Realtek
2018-01-02 19:15:34 ----A---- C:\WINDOWS\system32\DTSBoostDLL64.dll
2018-01-02 19:15:34 ----A---- C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2018-01-02 19:15:34 ----A---- C:\WINDOWS\system32\DDPP64A.dll
2018-01-02 19:15:34 ----A---- C:\WINDOWS\system32\DDPO64A.dll
2018-01-02 19:15:34 ----A---- C:\WINDOWS\system32\DDPD64A.dll
2018-01-02 19:15:34 ----A---- C:\WINDOWS\system32\DDPA64.dll
2018-01-02 19:15:34 ----A---- C:\WINDOWS\system32\audioLibVc.dll
2018-01-02 19:15:34 ----A---- C:\WINDOWS\system32\AcpiServiceVnA64.dll
2018-01-02 19:15:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2018-01-02 19:15:32 ----HD---- C:\Program Files (x86)\Temp
2018-01-02 19:15:32 ----A---- C:\WINDOWS\RtlExUpd.dll

======List of files/folders modified in the last 1 month======

2018-01-26 11:29:34 ----RD---- C:\Program Files
2018-01-26 11:21:53 ----D---- C:\WINDOWS\Temp
2018-01-26 11:21:11 ----D---- C:\Program Files (x86)\World of Warcraft
2018-01-26 11:18:21 ----D---- C:\Program Files (x86)\Battle.net
2018-01-26 11:00:00 ----D---- C:\WINDOWS\system32\sru
2018-01-26 10:48:39 ----D---- C:\WINDOWS\system32\drivers\etc
2018-01-26 10:27:49 ----D---- C:\WINDOWS\System32
2018-01-26 10:27:49 ----D---- C:\WINDOWS\Inf
2018-01-26 10:27:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-26 10:27:08 ----D---- C:\WINDOWS\Prefetch
2018-01-26 10:22:13 ----D---- C:\Program Files (x86)\Steam
2018-01-26 10:21:56 ----D---- C:\ProgramData\NVIDIA
2018-01-26 10:20:32 ----D---- C:\WINDOWS\LiveKernelReports
2018-01-26 09:56:03 ----D---- C:\WINDOWS\Microsoft.NET
2018-01-25 23:04:41 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\obs-studio
2018-01-25 20:48:41 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\Spotify
2018-01-25 20:26:27 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\Twitch
2018-01-25 12:40:57 ----SHD---- C:\WINDOWS\Installer
2018-01-25 12:36:51 ----HD---- C:\ProgramData
2018-01-25 12:36:41 ----RD---- C:\Program Files (x86)
2018-01-25 12:36:39 ----SHD---- C:\System Volume Information
2018-01-24 19:17:28 ----A---- C:\bdlog.txt
2018-01-24 13:55:11 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\vlc
2018-01-24 09:15:59 ----D---- C:\WINDOWS\system32\Tasks
2018-01-24 09:15:59 ----D---- C:\Program Files\Opera
2018-01-24 08:38:18 ----D---- C:\Windows
2018-01-23 23:02:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-23 22:14:46 ----D---- C:\Program Files (x86)\Overwatch
2018-01-23 20:10:29 ----D---- C:\Program Files\Mozilla Firefox
2018-01-23 19:29:14 ----RD---- C:\Users
2018-01-23 17:05:50 ----D---- C:\WINDOWS\system32\drivers
2018-01-22 00:07:24 ----D---- C:\WINDOWS\system32\DriverStore
2018-01-19 14:21:02 ----D---- C:\totalcmd
2018-01-19 14:19:12 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-01-19 14:19:11 ----SD---- C:\ProgramData\Microsoft
2018-01-19 09:18:22 ----D---- C:\WINDOWS\SoftwareDistribution
2018-01-19 09:05:38 ----D---- C:\ProgramData\Oracle
2018-01-19 09:03:30 ----D---- C:\WINDOWS\SysWOW64
2018-01-19 09:03:30 ----D---- C:\Program Files (x86)\Java
2018-01-19 09:03:27 ----D---- C:\Program Files (x86)\Common Files
2018-01-19 09:03:19 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2018-01-19 09:00:38 ----DC---- C:\WINDOWS\Panther
2018-01-19 09:00:38 ----D---- C:\WINDOWS\Logs
2018-01-19 09:00:38 ----D---- C:\WINDOWS\debug
2018-01-18 22:32:17 ----SD---- C:\Users\Matúš Cehlár\AppData\Roaming\Microsoft
2018-01-18 22:32:00 ----RSD---- C:\WINDOWS\assembly
2018-01-17 19:19:19 ----D---- C:\WINDOWS\system32\config
2018-01-16 18:39:38 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\Battle.net
2018-01-11 09:51:43 ----D---- C:\WINDOWS\rescache
2018-01-11 09:40:05 ----D---- C:\WINDOWS\WinSxS
2018-01-11 09:39:37 ----D---- C:\WINDOWS\system32\catroot2
2018-01-10 09:27:58 ----D---- C:\WINDOWS\CbsTemp
2018-01-10 09:27:57 ----D---- C:\WINDOWS\system32\MRT
2018-01-10 09:27:01 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 09:26:59 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-01-09 18:58:46 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\discord
2018-01-09 14:37:32 ----RD---- C:\WINDOWS\ToastData
2018-01-09 14:37:32 ----D---- C:\WINDOWS\system32\Boot
2018-01-09 14:37:32 ----D---- C:\WINDOWS\apppatch
2018-01-09 14:37:32 ----D---- C:\Program Files\Internet Explorer
2018-01-09 14:37:32 ----D---- C:\Program Files (x86)\Internet Explorer
2018-01-08 17:53:50 ----D---- C:\Program Files\NVIDIA Corporation
2018-01-08 17:53:41 ----D---- C:\ProgramData\NVIDIA Corporation
2018-01-08 17:52:20 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-01-05 09:37:32 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2018-01-04 02:39:57 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2018-01-04 02:39:57 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2018-01-04 02:39:57 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2018-01-04 02:39:57 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2018-01-04 02:39:57 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2018-01-04 02:39:57 ----A---- C:\WINDOWS\system32\nvmcvadgenco64.dll
2018-01-04 02:39:57 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-01-04 02:39:57 ----A---- C:\WINDOWS\system32\nvapi64.dll
2018-01-04 01:33:21 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2018-01-04 00:50:40 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2018-01-04 00:50:40 ----A---- C:\WINDOWS\system32\nvcpl.dll
2018-01-04 00:50:39 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2018-01-04 00:50:39 ----A---- C:\WINDOWS\system32\nvshext.dll
2018-01-04 00:50:38 ----A---- C:\WINDOWS\system32\nvmctray.dll
2018-01-04 00:50:38 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-04 00:50:38 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2018-01-02 11:55:03 ----D---- C:\Users\Matúš Cehlár\AppData\Roaming\Samsung
2018-01-01 16:22:46 ----D---- C:\WINDOWS\AppReadiness

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2018-01-22 1765336]
R0 bdprivmon;bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [2017-10-09 47376]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2017-05-11 187688]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2018-01-22 338744]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2017-04-11 439576]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-11-21 157016]
R1 atc;atc; C:\WINDOWS\system32\DRIVERS\atc.sys [2018-01-22 1058784]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2017-06-06 133088]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [2015-01-30 11576]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-09 4928256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2017-07-13 5863904]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-05-26 30512]
R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 NVHDA;@oem25.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2018-01-04 226760]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2018-01-04 17303112]
R3 nvvad_WaveExtensible;@oem9.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-11-16 50808]
R3 NVVADARM;@oem3.inf,%NVVADARM.SvcDesc%;NVIDIA Miracast Audio; C:\WINDOWS\system32\drivers\nvvadarm.sys [2018-01-04 47088]
R3 nvvhci;@oem11.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-11-16 57976]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-11-21 121088]
R3 VBAudioVMVAIOMME;@oem19.inf,%DeviceName% (WDM);VB-Audio VoiceMeeter VAIO (WDM); C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [2017-12-06 41192]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-05-26 42288]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-11-16 30328]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
S3 WinUsb;@wudfusbcciddriver.inf,%WinUsb_Service_DisplayName%;WinUSB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2015-10-10 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 bdredline;Bitdefender RedLine Service; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2017-09-26 2119184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2011-12-12 135824]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-09 355232]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16 519288]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-01-04 464744]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-11-16 460920]
R2 ProductAgentService;Bitdefender Product Agent Service; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-06-21 1269824]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [2017-12-01 143664]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [2018-01-22 118096]
R2 VSSERV;Bitdefender Virus Shield; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [2018-01-25 1170712]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-20 153168]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-12-12 6971400]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-20 153168]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-01-23 194512]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16 519288]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: RSIT Preventívka

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

psychoSVK
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 08 čer 2007 17:47

Re: RSIT Preventívka

#3 Příspěvek od psychoSVK »

Po reštarte sa nezobrazil žiaden log

Cez AdwCleaner som sa dopracoval len k tomuto logu

# AdwCleaner 7.0.7.0 - Logfile created on Sun Jan 28 11:15:41 2018
# Updated on 2018/18/01 by Malwarebytes
# Database: 01-16-2018.1
# Running on Windows 8.1 (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.WebCompanion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion


***** [ Files ] *****

PUP.Optional.WinBing, C:\Program Files\MOZILLA FIREFOX\DSENGINE.CFG
PUP.Optional.WinBing, C:\Program Files\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: RSIT Preventívka

#4 Příspěvek od Conder »

:arrow: Ak si klikol aj na Clean, skus log najst manualne, mal by byt v zlozke "C:\AdwCleaner" s nazvom "AdwCleaner[C0].txt" - jeho obsah sem skopiruj.

:arrow: Poprosim o log z FRST podla tohto navodu (vloz sem obidva logy): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

psychoSVK
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 08 čer 2007 17:47

Re: RSIT Preventívka

#5 Příspěvek od psychoSVK »

# AdwCleaner 7.0.7.0 - Logfile created on Sun Jan 28 11:16:06 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion


***** [ Files ] *****

Deleted: C:\Program Files\\MOZILLA FIREFOX\DSENGINE.CFG
Deleted: C:\Program Files\\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1482 B] - [2018/1/28 11:15:41]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########



FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Matúš Cehlár (administrator) on MATUS-PC (28-01-2018 17:12:02)
Running from C:\Users\Matúš Cehlár\Desktop
Loaded Profiles: Matúš Cehlár (Available Profiles: Matúš Cehlár)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Discord Inc.) C:\Users\Matúš Cehlár\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Matúš Cehlár\AppData\Local\Discord\app-0.0.300\Discord.exe
(Discord Inc.) C:\Users\Matúš Cehlár\AppData\Local\Discord\app-0.0.300\Discord.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6017\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.9766\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Battle.net\Battle.net.9766\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [441240 2018-01-22] (Bitdefender)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230816 2017-07-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM-x32\...\Run: [eID_klient] => C:\Program Files (x86)\eID klient\eID_klient.exe [6357560 2017-04-11] (Plaut Slovensko, s.r.o.)
HKLM-x32\...\Run: [eIDCertPropagator] => C:\Program Files (x86)\eID klient\eIDCertPropagator.exe [532032 2016-05-18] ()
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\Run: [Spotify] => C:\Users\Matúš Cehlár\AppData\Roaming\Spotify\Spotify.exe [21099408 2018-01-17] (Spotify Ltd)
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2014-12-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\Run: [Spotify Web Helper] => C:\Users\Matúš Cehlár\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-17] (Spotify Ltd)
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\MountPoints2: F - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\MountPoints2: {0bc1cb03-fcab-11e7-825f-fcaa145c5559} - "F:\Lenovo_Suite.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E3D9EA0E-7B05-40A9-A4F0-46D444064C96}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180118__yaie
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3036961284-2193080759-2993534940-1004 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180118__yaie&p={searchTerms}
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-01-22] (Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-01-22] (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-19] (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-01-22] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-01-22] (Bitdefender)

FireFox:
========
FF DefaultProfile: l8g5exje.default-1516348789297
FF ProfilePath: C:\Users\Matúš Cehlár\AppData\Roaming\Mozilla\Firefox\Profiles\l8g5exje.default-1516348789297 [2018-01-28]
FF Session Restore: Mozilla\Firefox\Profiles\l8g5exje.default-1516348789297 -> is enabled.
FF Extension: (Hoxx VPN Proxy) - C:\Users\Matúš Cehlár\AppData\Roaming\Mozilla\Firefox\Profiles\l8g5exje.default-1516348789297\Extensions\@hoxx-vpn.xpi [2018-01-19]
FF Extension: (WebRTC Leak Shield) - C:\Users\Matúš Cehlár\AppData\Roaming\Mozilla\Firefox\Profiles\l8g5exje.default-1516348789297\Extensions\@webrtc-leak-shield.xpi [2018-01-19]
FF Extension: (Tile Tabs WE) - C:\Users\Matúš Cehlár\AppData\Roaming\Mozilla\Firefox\Profiles\l8g5exje.default-1516348789297\Extensions\tiletabs-we@DW-dev.xpi [2018-01-19]
FF Extension: (Adblock Plus) - C:\Users\Matúš Cehlár\AppData\Roaming\Mozilla\Firefox\Profiles\l8g5exje.default-1516348789297\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-01-19]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff [2017-11-08]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2017-11-08] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-30] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-19] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default [2018-01-28]
CHR Extension: (Prezentácie) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-20]
CHR Extension: (Dokumenty) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-20]
CHR Extension: (Disk Google) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-20]
CHR Extension: (YouTube) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-20]
CHR Extension: (Adblock Plus) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-26]
CHR Extension: (Tabuľky) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-20]
CHR Extension: (Bitdefender Wallet) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2017-12-20]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-20]
CHR Extension: (AdBlock) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-01-27]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-01-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-20]
CHR Extension: (One Window) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\papnlnnbddhckngcblfljaelgceffobn [2017-12-20]
CHR Extension: (Gmail) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\Matúš Cehlár\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-20]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2119184 2017-09-26] (Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-12] ()
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519288 2017-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519288 2017-11-16] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1269824 2017-06-21] (Bitdefender)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2017-12-01] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [118096 2018-01-22] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [1170712 2018-01-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1058784 2018-01-22] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1765336 2018-01-22] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [133088 2017-06-06] (BitDefender LLC)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [47376 2017-10-09] (© Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [187688 2017-05-11] (BitDefender LLC)
R0 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [338744 2018-01-22] (Bitdefender)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-11-16] (NVIDIA Corporation)
R3 NVVADARM; C:\WINDOWS\system32\drivers\nvvadarm.sys [47088 2018-01-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-11-16] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-11-16] (NVIDIA Corporation)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [439576 2017-04-11] (BitDefender S.R.L.)
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-12-06] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-28 17:12 - 2018-01-28 17:12 - 000018814 _____ C:\Users\Matúš Cehlár\Desktop\FRST.txt
2018-01-28 17:11 - 2018-01-28 17:12 - 000000000 ____D C:\FRST
2018-01-28 17:11 - 2018-01-28 17:11 - 002393088 _____ (Farbar) C:\Users\Matúš Cehlár\Desktop\FRST64.exe
2018-01-28 12:14 - 2018-01-28 12:18 - 000000000 ____D C:\AdwCleaner
2018-01-27 14:33 - 2018-01-27 14:33 - 000326559 _____ C:\Users\Matúš Cehlár\Desktop\4752293300_45100873_VYK_NED.pdf
2018-01-27 14:30 - 2018-01-28 10:48 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-01-27 14:30 - 2018-01-27 14:30 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\Plaut Slovensko s.r.o
2018-01-27 14:29 - 2018-01-27 14:29 - 000002479 _____ C:\Users\Public\Desktop\eID Certificate Propagator.lnk
2018-01-27 14:29 - 2018-01-27 14:29 - 000002461 _____ C:\Users\Public\Desktop\eID klient manual.lnk
2018-01-27 14:29 - 2018-01-27 14:29 - 000002425 _____ C:\Users\Public\Desktop\eID klient.lnk
2018-01-27 14:29 - 2018-01-27 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eID klient
2018-01-27 14:29 - 2018-01-27 14:29 - 000000000 ____D C:\Program Files (x86)\eID klient
2018-01-27 14:11 - 2018-01-27 14:11 - 008206624 _____ (Malwarebytes) C:\Users\Matúš Cehlár\Desktop\adwcleaner_7.0.7.0.exe
2018-01-26 11:29 - 2018-01-26 11:35 - 000000000 ____D C:\rsit
2018-01-26 11:29 - 2018-01-26 11:35 - 000000000 ____D C:\Program Files\trend micro
2018-01-26 11:26 - 2018-01-26 11:26 - 001222144 _____ C:\Users\Matúš Cehlár\Desktop\RSITx64.exe
2018-01-25 12:41 - 2018-01-25 12:41 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\Hard Disk Sentinel
2018-01-25 12:36 - 2018-01-25 12:36 - 000000000 ____D C:\ProgramData\Binarysense
2018-01-25 12:36 - 2018-01-25 12:36 - 000000000 ____D C:\Program Files (x86)\BinarySense
2018-01-25 12:13 - 2018-01-25 12:13 - 000000435 _____ C:\Users\Matúš Cehlár\Desktop\TC Login.lnk
2018-01-25 12:13 - 2018-01-25 12:13 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TimoCom
2018-01-25 12:13 - 2018-01-25 12:13 - 000000000 ____D C:\TCCARGO
2018-01-25 11:54 - 2018-01-25 11:54 - 000067814 _____ C:\Users\Matúš Cehlár\Downloads\ebill_8200121046.pdf
2018-01-25 11:45 - 2018-01-25 11:45 - 000095112 _____ C:\Users\Matúš Cehlár\Downloads\img-125124617.pdf
2018-01-24 12:51 - 2018-01-24 12:51 - 000000000 ____D C:\Users\Matúš Cehlár\Desktop\DCIM
2018-01-23 23:02 - 2018-01-23 23:02 - 000424496 _____ C:\WINDOWS\Minidump\012318-7828-01.dmp
2018-01-23 23:02 - 2018-01-23 23:02 - 000000000 ____D C:\WINDOWS\Minidump
2018-01-23 19:29 - 2018-01-23 19:29 - 000000000 ____D C:\Users\Matᅢ챼ᄀ Cehlᅢᄀr\AppData\Roaming\obs-studio
2018-01-23 19:29 - 2018-01-23 19:29 - 000000000 ____D C:\Users\Matᅢ챼ᄀ Cehlᅢᄀr
2018-01-19 14:21 - 2018-01-19 14:21 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Local\GHISLER
2018-01-19 14:20 - 2018-01-19 14:20 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2018-01-19 14:20 - 2018-01-19 14:20 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\GHISLER
2018-01-19 14:19 - 2018-01-19 14:19 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-01-19 14:19 - 2018-01-19 14:19 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-01-19 08:54 - 2018-01-19 08:54 - 000003872 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-01-19 08:54 - 2018-01-19 08:54 - 000002804 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-01-19 08:54 - 2018-01-19 08:54 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-01-19 08:54 - 2018-01-19 08:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-01-19 08:53 - 2018-01-19 08:54 - 000000000 ____D C:\Program Files\CCleaner
2018-01-18 22:31 - 2018-01-28 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-01-18 22:31 - 2018-01-27 18:30 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\uTorrent
2018-01-18 22:31 - 2018-01-18 22:31 - 000000866 _____ C:\Users\Matúš Cehlár\Desktop\µTorrent.lnk
2018-01-18 22:30 - 2018-01-18 22:30 - 000015566 _____ C:\Users\Matúš Cehlár\Downloads\[CzT]Fantasticka_zvirata_a_kde_je_najit_Fantastic_Beasts_and_Where_to_Find_Them_2016_CZ_.torrent
2018-01-17 23:12 - 2018-01-17 23:12 - 000000000 ____D C:\Program Files (x86)\Warcraft Logs Uploader
2018-01-10 22:03 - 2018-01-10 22:03 - 367001600 _____ C:\Users\Matúš Cehlár\Documents\disk3.gsd
2018-01-10 22:03 - 2018-01-10 22:03 - 367001600 _____ C:\Users\Matúš Cehlár\Documents\disk2.gsd
2018-01-10 22:03 - 2018-01-10 22:03 - 366903296 _____ C:\Users\Matúš Cehlár\Documents\disk1.gsd
2018-01-10 22:03 - 2018-01-10 22:03 - 102440811 _____ C:\Users\Matúš Cehlár\Documents\disk4.gsd
2018-01-10 22:03 - 2018-01-10 22:03 - 000098304 _____ C:\Users\Matúš Cehlár\Documents\disk1.EXE
2018-01-10 21:49 - 2018-01-19 00:55 - 000000000 ____D C:\Program Files (x86)\GSplit
2018-01-10 21:49 - 2018-01-10 23:06 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\GSplit
2018-01-09 10:30 - 2018-01-02 09:00 - 000590680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-09 10:30 - 2018-01-02 09:00 - 000242520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2018-01-09 10:30 - 2018-01-02 09:00 - 000214392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-09 10:30 - 2018-01-02 08:56 - 002530400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-01-09 10:30 - 2018-01-02 08:56 - 000567656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-09 10:30 - 2018-01-02 08:56 - 000397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-01-09 10:30 - 2018-01-02 08:56 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-09 10:30 - 2018-01-02 07:39 - 022374248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-09 10:30 - 2018-01-02 07:39 - 007408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-09 10:30 - 2018-01-02 07:39 - 002013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-09 10:30 - 2018-01-02 07:39 - 000418648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-09 10:30 - 2018-01-02 07:39 - 000354648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-09 10:30 - 2018-01-02 07:38 - 002176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-01-09 10:30 - 2018-01-02 07:38 - 001662096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-09 10:30 - 2018-01-02 07:38 - 001063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-01-09 10:30 - 2018-01-02 07:37 - 001737600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-09 10:30 - 2018-01-02 07:37 - 001676056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-09 10:30 - 2018-01-02 07:37 - 001536120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-09 10:30 - 2018-01-02 07:37 - 001500432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-09 10:30 - 2018-01-02 07:37 - 001371352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-09 10:30 - 2018-01-02 07:37 - 001135280 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-01-09 10:30 - 2018-01-02 07:37 - 000685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-09 10:30 - 2018-01-02 07:35 - 001307840 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-09 10:30 - 2018-01-02 07:35 - 000989528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-09 10:30 - 2018-01-02 07:05 - 000164296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-09 10:30 - 2018-01-02 07:03 - 025739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-09 10:30 - 2018-01-02 07:03 - 000341384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-01-09 10:30 - 2018-01-02 07:01 - 001902328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-01-09 10:30 - 2018-01-02 07:00 - 019790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-09 10:30 - 2018-01-02 06:59 - 001565520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-01-09 10:30 - 2018-01-02 06:59 - 001213784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-09 10:30 - 2018-01-02 06:58 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-09 10:30 - 2018-01-02 06:48 - 000507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-09 10:30 - 2018-01-02 06:40 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-09 10:30 - 2018-01-02 06:39 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-09 10:30 - 2018-01-02 06:39 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-09 10:30 - 2018-01-02 06:39 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-09 10:30 - 2018-01-02 06:39 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-09 10:30 - 2018-01-02 06:38 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-09 10:30 - 2018-01-02 06:38 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-01-09 10:30 - 2018-01-02 06:38 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-09 10:30 - 2018-01-02 06:38 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-01-09 10:30 - 2018-01-02 06:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-01-09 10:30 - 2018-01-02 06:38 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2018-01-09 10:30 - 2018-01-02 06:38 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-01-09 10:30 - 2018-01-02 06:37 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-09 10:30 - 2018-01-02 06:37 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-09 10:30 - 2018-01-02 06:34 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-09 10:30 - 2018-01-02 06:31 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-01-09 10:30 - 2018-01-02 06:30 - 002900480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-09 10:30 - 2018-01-02 06:28 - 005796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-09 10:30 - 2018-01-02 06:28 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-09 10:30 - 2018-01-02 06:28 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-09 10:30 - 2018-01-02 06:28 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2018-01-09 10:30 - 2018-01-02 06:28 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-09 10:30 - 2018-01-02 06:20 - 020275200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-09 10:30 - 2018-01-02 06:19 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2018-01-09 10:30 - 2018-01-02 06:18 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-09 10:30 - 2018-01-02 06:17 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-09 10:30 - 2018-01-02 06:17 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2018-01-09 10:30 - 2018-01-02 06:16 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-09 10:30 - 2018-01-02 06:09 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-01-09 10:30 - 2018-01-02 06:06 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-09 10:30 - 2018-01-02 06:02 - 000862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-01-09 10:30 - 2018-01-02 05:59 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2018-01-09 10:30 - 2018-01-02 05:59 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2018-01-09 10:30 - 2018-01-02 05:57 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-01-09 10:30 - 2018-01-02 05:56 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2018-01-09 10:30 - 2018-01-02 05:54 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-09 10:30 - 2018-01-02 05:53 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-09 10:30 - 2018-01-02 05:52 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-09 10:30 - 2018-01-02 05:51 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-09 10:30 - 2018-01-02 05:49 - 002294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-09 10:30 - 2018-01-02 05:48 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-09 10:30 - 2018-01-02 05:45 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2018-01-09 10:30 - 2018-01-02 05:44 - 015284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-09 10:30 - 2018-01-02 05:44 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-09 10:30 - 2018-01-02 05:43 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-09 10:30 - 2018-01-02 05:42 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-09 10:30 - 2018-01-02 05:42 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-09 10:30 - 2018-01-02 05:41 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-09 10:30 - 2018-01-02 05:40 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-09 10:30 - 2018-01-02 05:40 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-09 10:30 - 2018-01-02 05:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-09 10:30 - 2018-01-02 05:38 - 002134528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-09 10:30 - 2018-01-02 05:37 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-01-09 10:30 - 2018-01-02 05:34 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-09 10:30 - 2018-01-02 05:34 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-09 10:30 - 2018-01-02 05:33 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-01-09 10:30 - 2018-01-02 05:33 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-01-09 10:30 - 2018-01-02 05:33 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-09 10:30 - 2018-01-02 05:32 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-09 10:30 - 2018-01-02 05:29 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-01-09 10:30 - 2018-01-02 05:29 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-09 10:30 - 2018-01-02 05:27 - 001696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-09 10:30 - 2018-01-02 05:27 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2018-01-09 10:30 - 2018-01-02 05:26 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-09 10:30 - 2018-01-02 05:25 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-09 10:30 - 2018-01-02 05:25 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-09 10:30 - 2018-01-02 05:25 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-09 10:30 - 2018-01-02 05:23 - 004508160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-09 10:30 - 2018-01-02 05:23 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-09 10:30 - 2018-01-02 05:22 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-09 10:30 - 2018-01-02 05:22 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-09 10:30 - 2018-01-02 05:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-09 10:30 - 2018-01-02 05:20 - 013680128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-09 10:30 - 2018-01-02 05:18 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-09 10:30 - 2018-01-02 05:18 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-09 10:30 - 2018-01-02 05:17 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-09 10:30 - 2018-01-02 05:17 - 000694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-09 10:30 - 2018-01-02 05:17 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-09 10:30 - 2018-01-02 05:17 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-09 10:30 - 2018-01-02 05:16 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-09 10:30 - 2018-01-02 05:16 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-09 10:30 - 2018-01-02 05:16 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-09 10:30 - 2018-01-02 05:16 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-09 10:30 - 2018-01-02 05:15 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-09 10:30 - 2018-01-02 05:13 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-09 10:30 - 2018-01-02 05:11 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2018-01-09 10:30 - 2018-01-02 05:11 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-09 10:30 - 2018-01-02 05:09 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-09 10:30 - 2018-01-02 05:09 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-01-09 10:30 - 2018-01-02 05:09 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-09 10:30 - 2018-01-02 05:08 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-09 10:30 - 2018-01-02 05:07 - 001265664 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-09 10:30 - 2018-01-02 05:07 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-09 10:30 - 2018-01-02 05:06 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-09 10:30 - 2018-01-02 05:05 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-09 10:30 - 2018-01-02 05:04 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-09 10:30 - 2018-01-02 04:59 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-09 10:30 - 2018-01-02 04:58 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-09 10:30 - 2018-01-02 04:57 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2018-01-09 10:30 - 2018-01-02 04:56 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-01-09 10:30 - 2018-01-02 04:55 - 003548160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-01-09 10:30 - 2018-01-02 04:54 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-09 10:30 - 2018-01-02 04:53 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-09 10:30 - 2017-12-29 09:21 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2018-01-09 10:30 - 2017-12-15 00:26 - 000374096 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-09 10:30 - 2017-12-14 22:39 - 000315736 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-09 10:30 - 2017-12-14 11:19 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-09 10:30 - 2017-12-14 11:17 - 000044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-09 10:30 - 2017-12-10 14:59 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-09 10:30 - 2017-12-10 14:58 - 000035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-09 10:30 - 2017-12-10 14:46 - 007079424 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2018-01-09 10:30 - 2017-12-10 14:24 - 005275136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2018-01-09 10:30 - 2017-12-10 14:06 - 007797760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-09 10:30 - 2017-12-10 13:59 - 005270528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-09 10:30 - 2017-12-06 05:42 - 002452816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-09 10:30 - 2017-12-05 17:58 - 004168192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-01-08 17:53 - 2018-01-08 17:53 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-01-08 17:53 - 2018-01-04 01:01 - 000137528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-01-08 17:53 - 2017-11-02 21:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-01-08 17:53 - 2017-11-02 21:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-01-08 17:53 - 2017-11-02 21:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-01-08 17:53 - 2017-11-02 21:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-01-08 17:52 - 2018-01-08 17:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-01-08 17:51 - 2018-01-04 02:39 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-01-08 17:51 - 2018-01-04 02:39 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 040269624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 035278136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 035179080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 027856456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 019796008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 018730328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 017303112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2018-01-08 17:50 - 2018-01-04 02:39 - 016450056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 013430632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 012842984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 011015584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 003902448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 003432944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 001975184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439065.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 001674544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439065.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 001134952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 001125688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 001054512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000988144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000939504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000895784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000528312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000506672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000447424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000407064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000171896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000154208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000149736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000132072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000125232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll
2018-01-08 17:50 - 2018-01-04 02:39 - 000047088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys
2018-01-08 17:50 - 2018-01-04 02:39 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2018-01-08 17:50 - 2018-01-04 02:39 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2018-01-05 10:03 - 2018-01-05 10:03 - 000000000 ____D C:\Users\Matúš Cehlár\Documents\Banished
2018-01-03 18:57 - 2018-01-09 18:58 - 000002207 _____ C:\Users\Matúš Cehlár\Desktop\Discord.lnk
2018-01-03 18:56 - 2018-01-09 18:58 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Local\Discord
2018-01-03 11:20 - 2018-01-03 11:20 - 000000852 _____ C:\Users\Public\Desktop\Simulationcraft(x64).lnk
2018-01-03 11:20 - 2018-01-03 11:20 - 000000000 ____D C:\Simulationcraft(x64)
2018-01-03 11:20 - 2018-01-03 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simulationcraft(x64)
2018-01-03 10:54 - 2018-01-28 14:33 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\SimulationCraft
2018-01-03 10:54 - 2018-01-03 10:54 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Local\SimulationCraft
2018-01-02 19:16 - 2018-01-02 19:16 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2018-01-02 19:15 - 2018-01-02 19:18 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-01-02 19:15 - 2018-01-02 19:16 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-01-02 19:15 - 2018-01-02 19:15 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-01-02 19:15 - 2018-01-02 19:15 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-01-02 19:15 - 2018-01-02 19:15 - 000000000 ____D C:\Program Files\Realtek
2018-01-02 19:15 - 2018-01-02 19:15 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-01-02 19:15 - 2017-07-13 00:20 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2018-01-02 19:15 - 2017-07-13 00:20 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 005863904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2018-01-02 19:15 - 2017-07-13 00:20 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2018-01-02 19:15 - 2017-07-13 00:20 - 003515416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 003509200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 002210784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2018-01-02 19:15 - 2017-07-13 00:20 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2018-01-02 19:15 - 2017-07-12 20:40 - 012921403 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2018-01-02 19:15 - 2016-09-22 07:55 - 002839520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-28 17:11 - 2017-11-30 15:03 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Local\Battle.net
2018-01-28 17:09 - 2017-11-30 15:04 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2018-01-28 15:17 - 2017-09-28 07:46 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\LocalLow\Mozilla
2018-01-28 14:34 - 2017-11-30 15:03 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-01-28 14:33 - 2017-11-30 16:46 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\Twitch
2018-01-28 12:29 - 2017-11-30 14:57 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3036961284-2193080759-2993534940-1004
2018-01-28 12:25 - 2017-11-30 14:56 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-28 12:22 - 2017-12-02 00:36 - 000048410 _____ C:\WINDOWS\system32\perfh01B.dat
2018-01-28 12:22 - 2017-12-02 00:36 - 000012138 _____ C:\WINDOWS\system32\perfc01B.dat
2018-01-28 12:22 - 2014-11-21 02:39 - 000909930 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-28 12:22 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2018-01-28 12:18 - 2017-11-30 15:16 - 000003648 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2018-01-28 12:17 - 2017-12-01 21:47 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-28 12:16 - 2017-11-30 14:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-01-28 12:16 - 2017-09-28 08:27 - 000022552 _____ C:\bdlog.txt
2018-01-28 12:16 - 2017-09-28 07:39 - 000000000 __SHD C:\Users\Matúš Cehlár\IntelGraphicsProfiles
2018-01-28 12:16 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-27 20:41 - 2017-12-02 09:20 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\vlc
2018-01-27 17:03 - 2017-11-30 14:59 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-27 11:59 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-01-27 00:15 - 2017-11-30 14:50 - 000000000 ____D C:\Users\Matúš Cehlár
2018-01-26 11:26 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2018-01-26 10:20 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-25 23:24 - 2017-12-06 23:50 - 000004693 _____ C:\Users\Matúš Cehlár\AppData\Roaming\VoiceMeeterDefault.xml
2018-01-25 23:04 - 2017-11-30 16:54 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\obs-studio
2018-01-25 21:15 - 2017-11-30 17:25 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Local\Spotify
2018-01-25 20:48 - 2017-11-30 17:23 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\Spotify
2018-01-25 11:46 - 2017-09-28 09:50 - 000000000 ____D C:\Users\Matúš Cehlár\Desktop\Firma
2018-01-24 09:15 - 2017-11-30 16:59 - 000003846 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1512057548
2018-01-24 09:15 - 2017-11-30 16:59 - 000001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-01-24 09:15 - 2017-11-30 16:58 - 000000000 ____D C:\Program Files\Opera
2018-01-23 23:02 - 2017-11-30 14:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-23 22:14 - 2017-11-30 17:21 - 000000000 ____D C:\Program Files (x86)\Overwatch
2018-01-23 20:10 - 2017-11-30 14:55 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-01-22 17:58 - 2017-11-30 15:30 - 001058784 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2018-01-22 17:57 - 2017-11-30 15:30 - 001765336 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2018-01-22 17:57 - 2017-11-30 15:30 - 000338744 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2018-01-19 14:21 - 2017-09-28 09:48 - 000000000 ____D C:\totalcmd
2018-01-19 09:05 - 2017-11-30 14:59 - 000000000 ____D C:\ProgramData\Oracle
2018-01-19 09:03 - 2017-11-30 14:59 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-01-19 09:03 - 2017-11-30 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-19 09:03 - 2017-11-30 14:59 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-19 09:00 - 2017-11-30 15:03 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Local\CrashDumps
2018-01-19 09:00 - 2017-11-30 14:49 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-17 23:12 - 2017-11-30 17:10 - 000001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft Logs Uploader.lnk
2018-01-17 23:12 - 2017-11-30 17:10 - 000001023 _____ C:\Users\Public\Desktop\Warcraft Logs Uploader.lnk
2018-01-16 18:59 - 2017-11-30 15:03 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Local\Blizzard Entertainment
2018-01-16 18:39 - 2017-11-30 15:03 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\Battle.net
2018-01-16 11:02 - 2017-09-28 09:50 - 000000000 ____D C:\Users\Matúš Cehlár\Desktop\Dovolenkoy listok
2018-01-11 09:51 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2018-01-10 09:27 - 2017-12-02 00:21 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 09:27 - 2017-12-02 00:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 09:27 - 2013-08-22 16:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-10 09:26 - 2017-12-02 00:21 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-09 18:58 - 2017-11-30 15:26 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2018-01-09 18:58 - 2017-11-30 15:26 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\discord
2018-01-09 14:38 - 2013-08-22 15:44 - 000411496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-09 14:37 - 2013-08-22 16:36 - 000000000 ___RD C:\WINDOWS\ToastData
2018-01-09 08:07 - 2017-12-20 19:18 - 000002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-08 17:53 - 2017-11-30 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-01-08 17:53 - 2017-11-30 14:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-01-08 17:53 - 2017-11-30 14:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-01-08 17:52 - 2017-11-30 14:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-05 09:37 - 2017-11-30 17:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-01-04 02:39 - 2017-12-10 17:28 - 015408072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2018-01-04 02:39 - 2017-11-30 15:03 - 022573984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2018-01-04 02:39 - 2017-11-30 15:03 - 019677112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2018-01-04 02:39 - 2017-11-30 15:03 - 004375648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-04 02:39 - 2017-11-30 15:03 - 003874728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-01-04 02:39 - 2017-11-30 15:03 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-01-04 02:39 - 2017-11-30 15:03 - 001674544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcvadgenco64.dll
2018-01-04 02:39 - 2017-11-30 15:03 - 000492048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2018-01-04 02:39 - 2017-10-11 03:10 - 000045386 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-04 01:33 - 2017-11-30 14:56 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-04 00:50 - 2017-11-30 14:56 - 005951336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-04 00:50 - 2017-11-30 14:56 - 002588232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-04 00:50 - 2017-11-30 14:56 - 001768480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-04 00:50 - 2017-11-30 14:56 - 000631880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-04 00:50 - 2017-11-30 14:56 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-04 00:50 - 2017-11-30 14:56 - 000123704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-04 00:50 - 2017-11-30 14:56 - 000081992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-03 18:57 - 2017-11-30 15:25 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Local\SquirrelTemp
2018-01-02 11:55 - 2017-12-01 22:50 - 000000000 ____D C:\Users\Matúš Cehlár\AppData\Roaming\Samsung
2018-01-01 16:22 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness

==================== Files in the root of some directories =======

2017-12-06 23:50 - 2018-01-25 23:24 - 000004693 _____ () C:\Users\Matúš Cehlár\AppData\Roaming\VoiceMeeterDefault.xml

Some files in TEMP:
====================
2018-01-19 09:02 - 2018-01-19 09:02 - 001864256 _____ (Oracle Corporation) C:\Users\Matúš Cehlár\AppData\Local\Temp\jre-8u161-windows-au.exe
2018-01-25 12:13 - 2018-01-25 12:13 - 000174592 _____ () C:\Users\Matúš Cehlár\AppData\Local\Temp\starter.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-22 00:07

==================== End of FRST.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: RSIT Preventívka

#6 Příspěvek od Conder »

:arrow: Poprosim este o log Addition.txt
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

psychoSVK
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 08 čer 2007 17:47

Re: RSIT Preventívka

#7 Příspěvek od psychoSVK »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Matúš Cehlár (28-01-2018 17:13:11)
Running from C:\Users\Matúš Cehlár\Desktop
Windows 8.1 (Update) (X64) (2017-11-30 13:51:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3036961284-2193080759-2993534940-500 - Administrator - Disabled)
Guest (S-1-5-21-3036961284-2193080759-2993534940-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3036961284-2193080759-2993534940-1003 - Limited - Enabled)
Matúš Cehlár (S-1-5-21-3036961284-2193080759-2993534940-1004 - Administrator - Enabled) => C:\Users\Matúš Cehlár

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 16 (HKLM-x32\...\{91B33C97-A730-69CE-7A4F-4ADF378BB993}_is1) (Version: 16.0.7 - Ashampoo GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.15.189 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
Discord (HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\Discord) (Version: 0.0.300 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.65 - NVIDIA Corporation) Hidden
eID klient (HKLM-x32\...\{445F2A31-7BA0-4C32-A653-F75D12E4D978}) (Version: 1.9.4 - MV SR, NASES)
Epic Games Launcher (HKLM-x32\...\{AAA3417F-FEAD-4AF7-9C01-9FAE1BB44E3D}) (Version: 1.1.134.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 5.4.3.2 (HKLM-x32\...\{CAE1C579-A42B-4A1E-9765-9D6648EFBD25}) (Version: 5.4.3.2 - The Document Foundation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 58.0 (x64 sk) (HKLM\...\Mozilla Firefox 58.0 (x64 sk)) (Version: 58.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.0.6592 - Mozilla)
Mozilla Thunderbird 52.5.2 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 52.5.2 (x86 sk)) (Version: 52.5.2 - Mozilla)
NVIDIA 3D Vision radič ovládača 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Grafický ovládač 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.65 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.65 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NVIDIA Virtuálny zvuk Miracast 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 390.65 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.65 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8210 - Realtek Semiconductor Corp.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.28 - Samsung Electronics Co., Ltd.)
Simulationcraft(x64) version 7.3.0.02 (HKLM-x32\...\{AC025546-B7C5-45A7-B16A-80AE482CBB01}_is1) (Version: 7.3.0.02 - Simulationcraft)
Spotify (HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\Spotify) (Version: 1.0.72.117.g6bd7cc73 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Tukui Client (HKLM-x32\...\{39ADE6E8-A7A7-41EE-973C-E8895EBD6EF7}) (Version: 3.1.3 - Tukui)
Twitch (HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Warcraft Logs Uploader (HKLM-x32\...\{E8865CDE-B816-BCE9-98D3-4E1E7D7EA52E}) (Version: 4.37 - UNKNOWN) Hidden
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 4.37 - UNKNOWN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3036961284-2193080759-2993534940-1004_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-08-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-04] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13F60EA9-7E8F-42B6-B576-DF2E581E510E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-16] (NVIDIA Corporation)
Task: {19F235FA-7D71-4EAF-9C0C-0E98FBDA47D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-20] (Google Inc.)
Task: {202CA2CF-94A8-4C6D-A1FA-6B0BC960D253} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-16] (NVIDIA Corporation)
Task: {3FA5B77A-BDB2-474E-B51A-987C47FA688A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-16] (NVIDIA Corporation)
Task: {4784C0BC-CBA1-4682-BA36-EBC97DFACA42} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-16] (NVIDIA Corporation)
Task: {47AC0531-4A07-48A5-9771-6CE83FBD1AE6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-16] (NVIDIA Corporation)
Task: {4E9B75F2-4B0C-452D-A594-578E080ADDC1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-16] (NVIDIA Corporation)
Task: {50D9B586-433A-4C98-8411-A2D5ACBEA55D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16] (NVIDIA Corporation)
Task: {53755869-B20E-4F26-9833-E00B61DDFF6E} - System32\Tasks\Opera scheduled Autoupdate 1512057548 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software)
Task: {67306158-FEFB-4116-8F15-F9C70DD06CB8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd)
Task: {6D81FD4C-DFBC-4B91-A932-2CA6D0096D7A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-16] (NVIDIA Corporation)
Task: {8478C51C-CE8B-48FA-A87E-881F1211127C} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender)
Task: {BD69F679-9055-47B2-975F-765485F0E0C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-20] (Google Inc.)
Task: {D87D0071-8C20-48FE-A172-651E31F755EB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Matúš Cehlár\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Google Keep – poznámky a zoznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki

==================== Loaded Modules (Whitelisted) ==============

2017-11-30 15:30 - 2017-02-07 12:34 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpbr.mdl
2017-11-30 15:30 - 2017-02-07 12:34 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpdsp.mdl
2017-11-30 15:30 - 2017-02-07 12:34 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpph.mdl
2017-11-30 15:30 - 2017-02-07 12:34 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttprbl.mdl
2018-01-08 17:53 - 2018-01-04 02:39 - 000544056 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2017-12-01 22:50 - 2017-06-14 12:08 - 000022528 _____ () C:\WINDOWS\System32\us005lm.dll
2017-11-30 14:59 - 2017-11-16 02:38 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-01 22:50 - 2017-12-01 22:50 - 000143664 ____N () C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
2018-01-18 13:14 - 2018-01-18 13:14 - 002420200 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9766\Battle.net Helper.exe
2018-01-09 08:07 - 2018-01-03 10:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-09 08:07 - 2018-01-03 10:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2017-11-30 14:59 - 2017-11-16 02:38 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-11-30 14:59 - 2017-11-16 02:37 - 066906744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-12-01 21:54 - 2017-11-29 06:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-12-01 21:54 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-12-01 21:54 - 2017-12-15 20:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-01 21:54 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-12-01 21:54 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-12-15 09:19 - 2017-11-04 02:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-15 09:19 - 2017-11-04 02:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-15 09:19 - 2017-11-04 02:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-15 09:19 - 2017-11-04 02:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-15 09:19 - 2017-11-04 02:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-01 21:54 - 2017-12-15 20:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-12-01 21:54 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-12-01 21:54 - 2017-09-07 03:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-12-01 21:54 - 2017-10-31 05:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-12-01 21:54 - 2015-09-25 00:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2018-01-09 18:58 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Matúš Cehlár\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-09 18:58 - 2018-01-09 18:58 - 001780216 _____ () \\?\C:\Users\Matúš Cehlár\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2018-01-09 18:58 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Matúš Cehlár\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-09 18:58 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Matúš Cehlár\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-01-09 18:58 - 2018-01-26 22:15 - 009817080 _____ () \\?\C:\Users\Matúš Cehlár\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-09 18:58 - 2018-01-09 18:58 - 001505784 _____ () \\?\C:\Users\Matúš Cehlár\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-09 18:58 - 2018-01-09 18:58 - 000513016 _____ () \\?\C:\Users\Matúš Cehlár\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-09 18:58 - 2018-01-09 18:58 - 002662904 _____ () \\?\C:\Users\Matúš Cehlár\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-09 18:58 - 2018-01-09 18:58 - 001517048 _____ () \\?\C:\Users\Matúš Cehlár\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2018-01-09 18:58 - 2018-01-09 18:58 - 002749944 _____ () \\?\C:\Users\Matúš Cehlár\AppData\Roaming\discord\0.0.300\modules\discord_contact_import\discord_contact_import.node
2018-01-18 13:14 - 2018-01-18 13:14 - 067967976 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9766\libcef.dll
2018-01-18 13:14 - 2018-01-18 13:14 - 000540336 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9766\ortp.dll
2018-01-18 13:14 - 2018-01-18 13:14 - 000133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9766\libEGL.dll
2018-01-18 13:14 - 2018-01-18 13:14 - 003384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9766\libGLESv2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-01-28 16:16 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Matúš Cehlár\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "eID_klient"
HKLM\...\StartupApproved\Run32: => "eIDCertPropagator"
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{01BD3C43-1F6E-48A1-B80E-633D44337B48}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4C356363-2816-4301-B1F3-3A2B760C084A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2AFD6EBC-309B-4504-9143-5AEB31AD5146}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D68535EB-481D-4343-8085-A05CBA48B7E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E7F521F8-B313-4B03-A24F-C14BC4EF4913}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B5E3F015-4961-4237-8503-0EA9086F2195}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{559A8763-D90F-4421-914C-620C86C34603}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0FA7B17A-9110-46BA-AE90-B211F1AF56B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3D2908AB-9642-4D01-9517-57EE5020A237}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{82476E6F-F4BD-4CE6-82E8-96AEE6DB391A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{871FEDC6-0B60-4D75-B8DB-78C394ED6F25}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F0B0A94F-B1FD-4873-B3FE-CD892FC9F6A2}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{F85A94DE-FA79-41CB-8DB5-68302E86E475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{BE542D06-16D0-4598-849D-9A192071D561}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{E97D54AF-E20E-4068-81B4-21DEFABFF8CF}] => (Allow) D:\steam\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{72A43269-A623-4DE3-94A3-83D835CAB27A}] => (Allow) D:\steam\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{64E7D7CD-DA8F-4E7C-9A08-8873D9755067}] => (Allow) D:\steam\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{3EAD761C-EC0F-4879-AFAD-F8CAE45FE313}] => (Allow) D:\steam\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{4705FE1D-61DE-417A-983C-ADF1C9DD61D7}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{FDE0F72A-986C-45E3-93C3-3008119BB291}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{07518D06-2BFD-4199-9812-2954F6912DDF}] => (Allow) D:\steam\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{2F489B0A-6CA3-4210-B322-6194E4776767}] => (Allow) D:\steam\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{E663ACF5-1C8F-4B8A-8C29-86F27D8A7277}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{3355FA21-365C-41C6-8D19-E556C3E703A6}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5D165FEF-A70F-4292-BE18-CA4CFB05D371}] => (Allow) D:\steam\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{5423D3D2-B28D-4565-BF51-5884102730CD}] => (Allow) D:\steam\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{6804C9E2-709F-43DF-9528-BC5F77D5EEF7}] => (Allow) D:\steam\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{D12C96A3-F861-4DC6-8240-4076BA27BD79}] => (Allow) D:\steam\SteamLibrary\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{0B2333C6-34D7-4C8D-A155-26A38B7EC421}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{F59E02FC-BEEF-43FE-B21E-4431F121F457}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{4F6E0B12-2110-4A14-87B5-819247B3EAD4}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{3C8A4A90-07B7-4F12-B8ED-C0BCE65BD9E0}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{237ECD4D-DDBE-4A77-A8C5-E1C1CD174E70}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{4839C839-DD47-46B2-875B-40E57E5DFF0A}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{A23A275C-8FFD-4F15-9567-1E9E15FA0E99}] => (Allow) C:\Program Files\Opera\49.0.2725.64\opera.exe
FirewallRules: [{D6D5AB55-7307-4894-9D3D-CEB5DA7C9967}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{7115B45E-ABDB-45F7-B872-7F5E57F2D301}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{5E6C8A1C-A987-4E96-B19A-01F12833CAF5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4EAC218A-7E90-4BBE-BD2E-7A4E5795AB9E}] => (Allow) C:\Users\Matúš Cehlár\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E28E12DF-6A0A-433C-9E98-2535D2E64C7E}] => (Allow) C:\Users\Matúš Cehlár\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7C4C2BDE-9E89-4EFB-9072-9247A183B4B4}] => (Allow) D:\steam\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{A08E23AA-4FBA-40A7-9B0F-A7BB22EDC6C9}] => (Allow) D:\steam\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{1AB3C783-6615-4443-A0CA-F54EE9990D89}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe
FirewallRules: [{836DB8AB-07C1-41EC-97AC-144803A0EDC1}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{3107D5E5-A0C6-48EA-B5A3-9084BCD932CB}] => (Allow) D:\steam\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe

==================== Restore Points =========================

09-01-2018 14:35:04 Windows Update
17-01-2018 15:38:27 Scheduled Checkpoint
25-01-2018 12:36:33 Installed SSDlife Free
27-01-2018 14:29:47 Nainštalované: eID klient

==================== Faulty Device Manager Devices =============

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2018 03:24:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Zväzok Obnovenie sa neoptimalizoval, pretože sa vyskytla chyba: Nesprávny parameter. (0x80070057)

Error: (01/26/2018 09:56:43 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Zväzok Obnovenie sa neoptimalizoval, pretože sa vyskytla chyba: Nesprávny parameter. (0x80070057)

Error: (01/26/2018 09:51:13 AM) (Source: ESENT) (EventID: 104) (User: )
Description: svchost (12768) Instance: The database engine stopped the instance (0) with error (-510).



Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.

Error: (01/26/2018 09:46:13 AM) (Source: ESENT) (EventID: 413) (User: )
Description: wuaueng.dll (1396) SUS20ClientDataStore: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1011.

Error: (01/26/2018 09:46:13 AM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (1396) SUS20ClientDataStore: An attempt to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" at offset 0 (0x0000000000000000) for 512 (0x00000200) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): "Na dokončenie požadovanej služby nie je dostatočná kvóta. ". The write operation will fail with error -1011 (0xfffffc0d). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Error: (01/26/2018 09:46:13 AM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (1396) SUS20ClientDataStore: An attempt to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" at offset 0 (0x0000000000000000) for 1024 (0x00000400) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): "Na dokončenie požadovanej služby nie je dostatočná kvóta. ". The write operation will fail with error -1011 (0xfffffc0d). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Error: (01/26/2018 09:46:13 AM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (1396) SUS20ClientDataStore: An attempt to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" at offset 0 (0x0000000000000000) for 1536 (0x00000600) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): "Na dokončenie požadovanej služby nie je dostatočná kvóta. ". The write operation will fail with error -1011 (0xfffffc0d). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Error: (01/26/2018 09:46:13 AM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (1396) SUS20ClientDataStore: An attempt to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" at offset 0 (0x0000000000000000) for 3072 (0x00000c00) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): "Na dokončenie požadovanej služby nie je dostatočná kvóta. ". The write operation will fail with error -1011 (0xfffffc0d). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Error: (01/26/2018 09:46:13 AM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (1396) SUS20ClientDataStore: An attempt to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" at offset 0 (0x0000000000000000) for 6144 (0x00001800) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): "Na dokončenie požadovanej služby nie je dostatočná kvóta. ". The write operation will fail with error -1011 (0xfffffc0d). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Error: (01/26/2018 09:46:13 AM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (1396) SUS20ClientDataStore: An attempt to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" at offset 0 (0x0000000000000000) for 12288 (0x00003000) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): "Na dokončenie požadovanej služby nie je dostatočná kvóta. ". The write operation will fail with error -1011 (0xfffffc0d). If this error persists then the file may be damaged and may need to be restored from a previous backup.


System errors:
=============
Error: (01/28/2018 12:30:46 PM) (Source: DCOM) (EventID: 10010) (User: Matus-PC)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (01/28/2018 12:30:16 PM) (Source: DCOM) (EventID: 10010) (User: Matus-PC)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (01/28/2018 12:16:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/28/2018 12:16:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/28/2018 12:16:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/28/2018 12:16:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/28/2018 12:16:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/28/2018 12:16:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bitdefender Product Agent Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/28/2018 12:16:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/28/2018 12:16:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Epson Scanner Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 40%
Total physical RAM: 8053.34 MB
Available physical RAM: 4788.68 MB
Total Virtual: 16245.34 MB
Available Virtual: 11122.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.05 GB) (Free:14.19 GB) NTFS
Drive d: (Fun) (Fixed) (Total:931.51 GB) (Free:208.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E61988B9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: RSIT Preventívka

#8 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\Users\Matúš Cehlár\Documents\disk1.EXE
    
    HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\MountPoints2: F - "F:\Lenovo_Suite.exe"
    HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\MountPoints2: {0bc1cb03-fcab-11e7-825f-fcaa145c5559} - "F:\Lenovo_Suite.exe"
    
    HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180118__yaie
    HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    SearchScopes: HKU\S-1-5-21-3036961284-2193080759-2993534940-1004 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180118__yaie&p={searchTerms}
    
    2018-01-18 22:31 - 2018-01-28 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2018-01-18 22:30 - 2018-01-18 22:30 - 000015566 _____ C:\Users\Matúš Cehlár\Downloads\[CzT]Fantasticka_zvirata_a_kde_je_najit_Fantastic_Beasts_and_Where_to_Find_Them_2016_CZ_.torrent
    2018-01-02 19:15 - 2018-01-02 19:15 - 000000000 ____H C:\ProgramData\DP45977C.lfl
    2018-01-28 12:29 - 2017-11-30 14:57 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3036961284-2193080759-2993534940-1004
    
    IE trusted site: HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\localhost -> localhost
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

psychoSVK
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 08 čer 2007 17:47

Re: RSIT Preventívka

#9 Příspěvek od psychoSVK »

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Matúš Cehlár (28-01-2018 18:48:43) Run:1
Running from C:\Users\Matúš Cehlár\Desktop
Loaded Profiles: Matúš Cehlár (Available Profiles: Matúš Cehlár)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\Mat�� Cehl�r\Documents\disk1.EXE

HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\MountPoints2: F - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\MountPoints2: {0bc1cb03-fcab-11e7-825f-fcaa145c5559} - "F:\Lenovo_Suite.exe"

HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180118__yaie
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3036961284-2193080759-2993534940-1004 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180118__yaie&p={searchTerms}

2018-01-18 22:31 - 2018-01-28 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-01-18 22:30 - 2018-01-18 22:30 - 000015566 _____ C:\Users\Mat�� Cehl�r\Downloads\[CzT]Fantasticka_zvirata_a_kde_je_najit_Fantastic_Beasts_and_Where_to_Find_Them_2016_CZ_.torrent
2018-01-02 19:15 - 2018-01-02 19:15 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-01-28 12:29 - 2017-11-30 14:57 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3036961284-2193080759-2993534940-1004

IE trusted site: HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\...\localhost -> localhost

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Users\Mat�� Cehl�r\Documents\disk1.EXE ========================

"C:\Users\Mat�� Cehl�r\Documents\disk1.EXE" => not found
====== End of File: ======

"HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => removed successfully
"HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0bc1cb03-fcab-11e7-825f-fcaa145c5559}" => removed successfully
HKLM\Software\Classes\CLSID\{0bc1cb03-fcab-11e7-825f-fcaa145c5559} => key not found
HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
"HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}" => removed successfully
HKLM\Software\Classes\CLSID\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} => key not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft => moved successfully
"C:\Users\Mat�� Cehl�r\Downloads\[CzT]Fantasticka_zvirata_a_kde_je_najit_Fantastic_Beasts_and_Where_to_Find_Them_2016_CZ_.torrent" => not found
C:\ProgramData\DP45977C.lfl => moved successfully
C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3036961284-2193080759-2993534940-1004 => moved successfully
"HKU\S-1-5-21-3036961284-2193080759-2993534940-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42627436 B
Java, Flash, Steam htmlcache => 59334023 B
Windows/system/drivers => 322409 B
Edge => 0 B
Chrome => 256801187 B
Firefox => 382644382 B
Opera => 258908997 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 4072 B
NetworkService => 0 B
Matúš Cehlár => 95181521 B

RecycleBin => 27222560 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:49:20 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: RSIT Preventívka

#10 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    File: C:\Users\Matúš Cehlár\Documents\disk1.EXE
    2018-01-18 22:30 - 2018-01-18 22:30 - 000015566 _____ C:\Users\Matúš Cehlár\Downloads\[CzT]Fantasticka_zvirata_a_kde_je_najit_Fantastic_Beasts_and_Where_to_Find_Them_2016_CZ_.torrent
    End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Tentokrat to bude bez restartu, na ploche sa vytvori subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

psychoSVK
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 08 čer 2007 17:47

Re: RSIT Preventívka

#11 Příspěvek od psychoSVK »

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Matúš Cehlár (28-01-2018 23:16:17) Run:2
Running from C:\Users\Matúš Cehlár\Desktop
Loaded Profiles: Matúš Cehlár (Available Profiles: Matúš Cehlár)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
File: C:\Users\Matúš Cehlár\Documents\disk1.EXE
2018-01-18 22:30 - 2018-01-18 22:30 - 000015566 _____ C:\Users\Matúš Cehlár\Downloads\[CzT]Fantasticka_zvirata_a_kde_je_najit_Fantastic_Beasts_and_Where_to_Find_Them_2016_CZ_.torrent
End
*****************


========================= File: C:\Users\Matúš Cehlár\Documents\disk1.EXE ========================

C:\Users\Matúš Cehlár\Documents\disk1.EXE
File not signed
MD5: 2570EDF7439EEBDB39C0F2C370866F57
Creation and modification date: 2018-01-10 22:03 - 2018-01-10 22:03
Size: 000098304
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product: GSplit Archive
Description: GSplit Self-Uniting for WoWCombatLog.txt
File Version: 3, 0, 0, 0
Product Version: 3, 0, 0, 0
Copyright: GSplit 3.0.1
VirusTotal: 0

====== End of File: ======

C:\Users\Matúš Cehlár\Downloads\[CzT]Fantasticka_zvirata_a_kde_je_najit_Fantastic_Beasts_and_Where_to_Find_Them_2016_CZ_.torrent => moved successfully

==== End of Fixlog 23:16:17 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: RSIT Preventívka

#12 Příspěvek od Conder »

:arrow: Log uz vyzera OK. Nastala nejaka zmena, pripadne su este nejake problemy s PC?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

psychoSVK
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 08 čer 2007 17:47

Re: RSIT Preventívka

#13 Příspěvek od psychoSVK »

Systém sa stále občas zasekne, ale vyzerá to tak, že za to môže Mozilla

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: RSIT Preventívka

#14 Příspěvek od Conder »

:arrow: Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
  • Uloz na plochu a spusti
  • Nechaj oznacenu moznost "Remove disinfection tools"
  • Klikni na "Run"
:arrow: Spusti kontrolu integrity systemovych suborov
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Postupne skopiruj a spusti tieto 2 prikazy a stlac enter (pockaj na dokoncenie pred druhym prikazom):

    Kód: Vybrat vše

    DISM.exe /Online /Cleanup-image /Restorehealth
    sfc /scannow
  • Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Na ploche sa vytvori subor sfcdetails.txt, jeho obsah sem skopiruj
:arrow: Urob v MBAM uplny sken
  • Stiahni a nainstaluj Malwarebytes (MBAM): https://www.malwarebytes.com/mwb-download/thankyou/
  • Ignoruj skusobnu trial verziu
  • Otvor MBAM a vlavo klikni na "Skenovat"
  • Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
  • Vlavo oznac moznost "Vyhladavat rootkity" a vpravo oznac vsetky disky v PC
  • Pockaj na dokoncenie
  • Po dokonceni klikni na Exportovat zhrnutie -> Textovy subor, zadaj nejaky nazov suboru a uloz na plochu
  • Obsah tohto suboru sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

psychoSVK
Návštěvník
Návštěvník
Příspěvky: 84
Registrován: 08 čer 2007 17:47

Re: RSIT Preventívka

#15 Příspěvek od psychoSVK »

mbam

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 01.02.18
Čas skenovania: 18:59
Súbor denníka: b413cc56-0779-11e8-a8db-fcaa145c5559.json
Správca: Áno

-Údaje o softvéri-
Verzia: 3.3.1.2183
Verzia súčastí: 1.0.262
Aktualizovať verziu balíka: 1.0.3841
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 8.1
Procesor: x64
Systém súborov: NTFS
Používateľ: Matus-PC\Mat\u00c3\u00ba\u00c5\u00a1 Cehl\u00c3\u00a1r

-Zhrnutie skenovania-
Typ skenovania: Vlastné skenovanie
Výsledok: Dokončené
Preskenované objekty: 515939
Zistené hrozby: 3
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 4 h, 33 min, 1 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Povolené
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 3
HackTool.FilePatch, D:\DOWNLOADS\ADOBE PHOTOSHOP CS6 13.0 FINAL CZ\PATCH - PAINTER\ADOBE.PHOTOSHOP.CS6-PATCH.EXE, Bez zásahu používateľa, [7045], [281135],1.0.3841
Generic.Malware/Suspicious, D:\DOWNLOADS\AIDA64 EXTREME EDITION & PORTABLE 5.00.3300 FINAL (CZ,SK)\CHILI-KEYGEN.EXE, Bez zásahu používateľa, [0], [392686],1.0.3841
RiskWare.Tool.CK, D:\DOWNLOADS\AKTIVáTORY - LEGALIZáTORY\WINDOWS 7 LEGALIZáTOR\WINDOWS 7 LEGALIZáTOR.EXE, Bez zásahu používateľa, [227], [277576],1.0.3841

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)


(end)

Zamčeno