Dobrý den, proces Antimalware service executable, mi zatěžuje disk na 100%, běží neustále, ať dělám na notebooku cokoliv.
Můj OS je legální windows 10 a zasílám i log, snad jsem ho udělal správně.
Děkuji všem za rady.
Logfile of random's system information tool 1.10 (written by random/random)
Run by david at 2018-02-11 12:33:27
Microsoft Windows 10 Home
System drive C: has 264 GB (28%) free of 953 GB
Total RAM: 8060 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:33:33, on 11.02.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\david\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\david.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer17win10.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer17win10.msn.com/?pc=ACTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\david\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
O23 - Service: Dashlane Upgrade Service - Dashlane, Inc. - C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel SST Parameter Service (IntelSSTSvc) - Unknown owner - C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 11020 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
dashost.exe {46115477-839c-43dd-bd21d4c86514131c}
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
"C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe"
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\AdminService.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\KMSpico\Service_KMS.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"fontdrvhost.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"ctfmon.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /TRUEHARMONY
"C:\Users\david\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\david\AppData\Local\Steam\htmlcache" "-steampid=7416" "-buildid=1513371133" "-steamid=0" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\david\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\david\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x2e8,0x314,0x318,0x310,0x31c,0x66d081a4,0x66d081b4,0x66d081c4
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\OEM\Preload\FubTool\FubTool.exe
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --service-pipe-token=DCF551D8776669564811AF11583EF773 --enable-blink-features=ResizeObserver --lang=en-US --lang=cs-CZ --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback.host/* --disable-spell-checking --buildid=1513371133 --steamid=0 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=DCF551D8776669564811AF11583EF773 --renderer-client-id=2 --mojo-platform-channel-handle=1972 /prefetch:1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
c:\windows\system32\svchost.exe -k unistacksvcgroup
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\compattelrunner.exe
"C:\Program Files (x86)\Acer\Care Center\ACCStd.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:eo1TPUxlm0Sq/E6m.1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x524
"C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe" -auto
"C:\WINDOWS\System32\Taskmgr.exe" /3
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Opera\50.0.2762.67\opera.exe" --ran-launcher --started-from-shortcut
"C:\Program Files\Opera\50.0.2762.67\opera_crashreporter.exe" --ran-launcher --started-from-shortcut --crash-reporter-parent-id=10032
"C:\Program Files\Opera\50.0.2762.67\opera.exe" --type=gpu-process --field-trial-handle=1808,11611113644466367066,5660694171500925409,131072 --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11104 --gpu-vendor-id=0x8086 --gpu-device-id=0x5916 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=21.20.16.4534 --gpu-driver-date=10-7-2016 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x179c --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11104 --service-request-channel-token=95C1BA98EC173A9040000B51C350A5C7 --mojo-platform-channel-handle=1832 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\Opera\50.0.2762.67\opera.exe" --type=renderer --field-trial-handle=1808,11611113644466367066,5660694171500925409,131072 --service-pipe-token=5599803A0569F1BAD27849D5B28ECB8C --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11104 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=5599803A0569F1BAD27849D5B28ECB8C --renderer-client-id=6 --mojo-platform-channel-handle=3356 /prefetch:1
"C:\Program Files\Opera\50.0.2762.67\opera.exe" --type=renderer --field-trial-handle=1808,11611113644466367066,5660694171500925409,131072 --service-pipe-token=8300808EE484B215F1B562EF07699C42 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11104 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=8300808EE484B215F1B562EF07699C42 --renderer-client-id=3 --mojo-platform-channel-handle=6312 /prefetch:1
"C:\Program Files\Opera\50.0.2762.67\opera.exe" --type=renderer --field-trial-handle=1808,11611113644466367066,5660694171500925409,131072 --service-pipe-token=91DFE3A2597E74A1B2EF6A43DD800836 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11104 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=91DFE3A2597E74A1B2EF6A43DD800836 --renderer-client-id=8 --mojo-platform-channel-handle=4508 /prefetch:1
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe" -ServerName:SecHealthUI.AppXep4x2tbtjws1v9qqs0rmb3hxykvkpqtn.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{7E55A26D-EF95-4A45-9F55-21E52ADF9887}
"C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\WINDOWS\system32\wuauclt.exe" /RunHandlerComServer
"C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.261.1037.0.exe" WD /q
C:\WINDOWS\system32\MpSigStub.exe /stub 1.1.14500.5 /payload 1.261.1056.0 /MpWUStub /program C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.261.1037.0.exe WD /q
"C:\Program Files\Opera\50.0.2762.67\opera.exe" --type=renderer --field-trial-handle=1808,11611113644466367066,5660694171500925409,131072 --service-pipe-token=F16902245605C4CA5344CA5B3B7ABDCF --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11104 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=F16902245605C4CA5344CA5B3B7ABDCF --renderer-client-id=20 --mojo-platform-channel-handle=8600 /prefetch:1
"C:\Program Files\Opera\50.0.2762.67\opera.exe" --type=renderer --field-trial-handle=1808,11611113644466367066,5660694171500925409,131072 --service-pipe-token=080B651FE2452F82E6FA562FB87BBACD --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11104 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=080B651FE2452F82E6FA562FB87BBACD --renderer-client-id=21 --mojo-platform-channel-handle=3520 /prefetch:1
"C:\Program Files\Opera\50.0.2762.67\opera.exe" --type=renderer --field-trial-handle=1808,11611113644466367066,5660694171500925409,131072 --service-pipe-token=9CF5275114C4594FF4AD65E0AD3CE75D --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11104 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=9CF5275114C4594FF4AD65E0AD3CE75D --renderer-client-id=22 --mojo-platform-channel-handle=5636 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Opera\50.0.2762.67\opera.exe" --type=renderer --field-trial-handle=1808,11611113644466367066,5660694171500925409,131072 --service-pipe-token=CB011B56E5F4C79DFD6631E65495A168 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-direct-unpacking=on --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --crash-reporter-pid=11104 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=CB011B56E5F4C79DFD6631E65495A168 --renderer-client-id=26 --mojo-platform-channel-handle=8368 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe225_ Global\UsGthrCtrlFltPipeMssGthrPipe225 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 748 752 760 8192 756
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\david\AppData\Local\Temp\scoped_dir10032_23313\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-17 573504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-17 236608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-10 474688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-10 188992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-06-03 16475392]
"RtHDVBg_TrueHarmony"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-03 1454336]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2016-06-01 71168]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-07-14 303928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\david\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-01-27 1554080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-30 9818328]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-12-15 3111712]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-02-11 12:33:27 ----D---- C:\rsit
2018-02-11 12:33:27 ----D---- C:\Program Files\trend micro
2018-02-10 23:14:07 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2018-02-10 23:14:07 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2018-02-10 23:14:07 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2018-02-10 23:14:07 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2018-02-10 23:14:06 ----D---- C:\Program Files (x86)\VulkanRT
2018-02-10 23:12:20 ----D---- C:\WINDOWS\system32\drivers\NVIDIA Corporation
2018-02-10 23:09:32 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2018-02-10 23:09:32 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-02-10 23:09:32 ----A---- C:\WINDOWS\system32\nvopencl.dll
2018-02-10 23:09:31 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2018-02-10 23:09:30 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2018-02-10 23:09:30 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2018-02-10 23:09:30 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2018-02-10 23:09:30 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2018-02-10 23:09:29 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2018-02-10 23:09:29 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2018-02-10 23:09:29 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2018-02-10 23:09:29 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-02-10 23:09:29 ----A---- C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-02-10 23:09:28 ----A---- C:\WINDOWS\system32\nvdispco6439077.dll
2018-02-10 23:09:27 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2018-02-10 23:09:27 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2018-02-10 23:09:26 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2018-02-10 23:09:26 ----A---- C:\WINDOWS\system32\nvcuda.dll
2018-02-10 23:09:16 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2018-02-10 23:09:16 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2018-02-10 23:09:16 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2018-02-10 23:03:30 ----D---- C:\NVIDIA
2018-02-10 23:02:38 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-02-10 23:02:37 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2018-02-10 23:02:37 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2018-02-10 23:01:49 ----A---- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-02-10 23:01:45 ----D---- C:\WINDOWS\LastGood
2018-02-10 23:01:26 ----A---- C:\WINDOWS\system32\drivers\SETA08.tmp
2018-02-10 23:01:26 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2018-02-10 22:42:09 ----D---- C:\WINDOWS\SYSWOW64\directx
2018-02-04 21:49:17 ----D---- C:\Program Files (x86)\Assassin's Creed Origins
2018-02-03 12:21:06 ----D---- C:\WINDOWS\system32\drivers\wd
2018-02-03 12:20:47 ----D---- C:\WINDOWS\Minidump
2018-01-27 15:11:25 ----HD---- C:\OneDriveTemp
2018-01-17 07:24:14 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
======List of files/folders modified in the last 1 month======
2018-02-11 12:33:32 ----D---- C:\WINDOWS\Prefetch
2018-02-11 12:33:27 ----RD---- C:\Program Files
2018-02-11 12:23:09 ----D---- C:\WINDOWS\system32\sru
2018-02-11 12:20:32 ----D---- C:\WINDOWS\Temp
2018-02-11 11:49:08 ----D---- C:\Program Files (x86)\Steam
2018-02-11 11:47:36 ----D---- C:\ProgramData\NVIDIA
2018-02-10 23:18:57 ----D---- C:\WINDOWS\System32
2018-02-10 23:18:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-10 23:16:07 ----D---- C:\ProgramData\NVIDIA Corporation
2018-02-10 23:15:02 ----D---- C:\WINDOWS\system32\Tasks
2018-02-10 23:14:54 ----D---- C:\WINDOWS\system32\drivers
2018-02-10 23:14:54 ----D---- C:\WINDOWS\INF
2018-02-10 23:14:53 ----D---- C:\WINDOWS\system32\DriverStore
2018-02-10 23:14:37 ----D---- C:\Program Files\NVIDIA Corporation
2018-02-10 23:14:36 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-02-10 23:14:07 ----D---- C:\WINDOWS\SysWOW64
2018-02-10 23:14:07 ----D---- C:\Users\david\AppData\Roaming\NVIDIA
2018-02-10 23:14:06 ----RD---- C:\Program Files (x86)
2018-02-10 23:01:49 ----D---- C:\Windows
2018-02-10 23:01:44 ----D---- C:\WINDOWS\system32\catroot2
2018-02-10 22:56:56 ----D---- C:\ProgramData\Oracle
2018-02-10 22:56:33 ----SHDC---- C:\WINDOWS\Installer
2018-02-10 22:56:31 ----SHD---- C:\Config.Msi
2018-02-10 22:56:28 ----D---- C:\Program Files\Java
2018-02-10 22:55:59 ----D---- C:\Program Files (x86)\Java
2018-02-10 22:54:42 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2018-02-10 22:42:16 ----HD---- C:\WINDOWS\msdownld.tmp
2018-02-10 22:42:09 ----D---- C:\WINDOWS\Logs
2018-02-10 21:57:25 ----D---- C:\Games
2018-02-10 21:38:13 ----D---- C:\Users\david\AppData\Roaming\uTorrent
2018-02-10 21:17:45 ----D---- C:\WINDOWS\system32\SleepStudy
2018-02-10 20:56:58 ----SHD---- C:\System Volume Information
2018-02-10 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2018-02-10 16:51:49 ----RD---- C:\WINDOWS\Microsoft.NET
2018-02-10 16:51:47 ----RD---- C:\WINDOWS\assembly
2018-02-10 16:06:28 ----D---- C:\WINDOWS\DeliveryOptimization
2018-02-10 15:43:44 ----HD---- C:\Program Files\WindowsApps
2018-02-10 15:43:44 ----D---- C:\WINDOWS\AppReadiness
2018-02-10 15:28:42 ----D---- C:\WINDOWS\system32\NDF
2018-02-09 15:28:49 ----AD---- C:\Program Files\Opera
2018-02-09 15:28:31 ----D---- C:\WINDOWS\system32\Macromed
2018-02-09 15:28:30 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-02-05 17:49:33 ----D---- C:\Users\david\AppData\Roaming\vlc
2018-01-25 21:12:45 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 01:23:45 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2018-01-24 01:23:45 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2018-01-24 01:23:45 ----A---- C:\WINDOWS\system32\nvapi64.dll
2018-01-24 01:23:45 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2018-01-23 23:57:35 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2018-01-23 23:57:35 ----A---- C:\WINDOWS\system32\nvcpl.dll
2018-01-23 23:57:33 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2018-01-23 23:57:33 ----A---- C:\WINDOWS\system32\nvshext.dll
2018-01-23 23:57:33 ----A---- C:\WINDOWS\system32\nvmctray.dll
2018-01-23 23:57:33 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-23 23:57:33 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2018-01-22 17:47:57 ----D---- C:\WINDOWS\system32\config
2018-01-17 07:23:37 ----D---- C:\Program Files (x86)\Common Files
2018-01-16 20:24:33 ----D---- C:\WINDOWS\WinSxS
2018-01-13 22:54:03 ----D---- C:\WINDOWS\system32\MRT
2018-01-13 22:44:54 ----D---- C:\WINDOWS\debug
2018-01-13 22:44:45 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-13 22:44:33 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-01-13 22:43:37 ----D---- C:\WINDOWS\CbsTemp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-06-01 791560]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-01-01 385024]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 speedfan;speedfan; \??\C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-09-29 79872]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-06-25 610656]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 ETDI2C;@oem41.inf,%ELANI2CDeviceDesc%;ELAN I2C Filter Driver; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [2016-03-24 183896]
R3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igdkmd64.sys [2017-02-07 11041776]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-06-03 5111040]
R3 IntcDAud;@oem60.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-09-16 821224]
R3 LMDriver;@oem68.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2016-09-13 21344]
R3 MEIx64;@oem10.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-04-14 202848]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_fa38828e445984f5\nvlddmkm.sys [2018-01-24 17493824]
R3 nvvad_WaveExtensible;@oem0.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-12-15 59240]
R3 nvvhci;@oem28.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-01-24 57928]
R3 Qcamain10x64;@oem48.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2017-04-23 2412976]
R3 RadioShim;@oem68.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2016-09-13 14688]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
R3 rt640x64;@oem44.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-11-19 935168]
R3 RTSPER;@oem22.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-12-18 769752]
R3 ScpVBus;@oem27.inf,%ScpVBus.SVCDESC%;Scp Virtual Bus Driver; C:\WINDOWS\System32\drivers\ScpVBus.sys [2013-05-19 39168]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-12-27 45464]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-09-29 191488]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
S3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-12-27 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-01-24 30280]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-04-03 83768]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe [2016-06-25 355760]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_911e220;Uživatelská služba platformy připojených zařízení_911e220; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe [2017-02-07 488944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2016-06-01 17992]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe [2017-02-07 350704]
R2 IntelSSTSvc;Intel SST Parameter Service; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [2016-03-04 26592]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-05-17 215328]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-05-17 419104]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-24 519240]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-01-24 462920]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-01-24 460872]
R2 OneSyncSvc_911e220;Hostitel synchronizace_911e220; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-01-01 519152]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2015-11-01 740544]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe [2017-02-07 310256]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-12-27 43648]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2016-03-02 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_911e220;Data kontaktů_911e220; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 Dashlane Upgrade Service;Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [2017-08-23 83992]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2016-03-02 8704]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe []
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-09 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_911e220;Tok zařízení_911e220; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-02-19 974632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-07-14 689976]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_911e220;Služba zasílání zpráv_911e220; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-24 519240]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_911e220;PrintWorkflow_911e220; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
100% využití disku - antimalware service executable
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119429
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 100% využití disku - antimalware service executable
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: 100% využití disku - antimalware service executable
# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 11:58:21 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\DriverSetupUtility
Deleted: C:\Program Files\DriverSetupUtility
Deleted: C:\Users\All Users\DriverSetupUtility
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1fd06d23-1810-464b-b9c5-b92c28776962}_is1
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1660 B] - [2018/2/11 11:57:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\DriverSetupUtility
Deleted: C:\Program Files\DriverSetupUtility
Deleted: C:\Users\All Users\DriverSetupUtility
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1fd06d23-1810-464b-b9c5-b92c28776962}_is1
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1660 B] - [2018/2/11 11:57:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119429
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 100% využití disku - antimalware service executable
Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: 100% využití disku - antimalware service executable
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2018 02
Ran by david (administrator) on LAPTOP-NKMN7808 (11-02-2018 18:02:50)
Running from C:\Users\david\Desktop
Loaded Profiles: david (Available Profiles: david)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(forum.viry.cz) C:\Users\david\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\MountPoints2: {6b8a8a14-b76d-11e6-9d9a-806e6f6e6963} - "D:\autorun.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{02beaa11-2dfd-40b3-b3c2-6faff1e40937}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{99074bd5-a45e-4796-9ac4-9671c29f7bff}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2059283851-2947840002-3319665459-1001 -> DefaultScope {15FFE0B1-8382-4AD9-9C9B-2525969C3FD5} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-17] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-10] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-10] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-09] ()
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26592 2016-03-04] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-17] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-24] (NVIDIA Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI) [File not signed]
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-22] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-22] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [183896 2016-03-24] (ELAN Microelectronic Corp.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-09-13] (Acer Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_fa38828e445984f5\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30280 2018-01-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-09-13] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-22] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-22] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-11 18:02 - 2018-02-11 18:03 - 000014766 _____ C:\Users\david\Desktop\FRST.txt
2018-02-11 18:00 - 2018-02-11 18:02 - 000000000 ____D C:\FRST
2018-02-11 18:00 - 2018-02-11 18:00 - 002404864 _____ (Farbar) C:\Users\david\Desktop\FRST64.exe
2018-02-11 18:00 - 2018-02-11 18:00 - 000112640 _____ (forum.viry.cz) C:\Users\david\Desktop\FRSTLauncher.exe
2018-02-11 14:03 - 2018-02-11 14:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-11 12:56 - 2018-02-11 13:04 - 000000000 ____D C:\AdwCleaner
2018-02-11 12:54 - 2018-02-11 12:54 - 008222496 _____ (Malwarebytes) C:\Users\david\Desktop\adwcleaner_7.0.8.0.exe
2018-02-11 12:33 - 2018-02-11 12:33 - 001222144 _____ C:\Users\david\Downloads\RSITx64.exe
2018-02-11 12:33 - 2018-02-11 12:33 - 000000000 ____D C:\rsit
2018-02-11 12:33 - 2018-02-11 12:33 - 000000000 ____D C:\Program Files\trend micro
2018-02-11 12:29 - 2018-02-11 12:30 - 012259160 _____ (Microsoft Corporation) C:\Users\david\Downloads\MSEInstall.exe
2018-02-11 12:09 - 2018-02-11 12:10 - 021750910 _____ C:\Users\david\Downloads\WickedWhims 3.2.4.122e - 10 February 2018.zip
2018-02-10 23:16 - 2018-02-10 23:16 - 000000000 ____D C:\Users\david\ansel
2018-02-10 23:14 - 2018-02-10 23:14 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-10 23:14 - 2017-11-02 21:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-02-10 23:14 - 2017-11-02 21:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-02-10 23:14 - 2017-11-02 21:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-02-10 23:14 - 2017-11-02 21:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-02-10 23:12 - 2018-02-10 23:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-02-10 23:09 - 2018-01-24 01:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-02-10 23:03 - 2018-02-10 23:03 - 000000000 ____D C:\NVIDIA
2018-02-10 23:02 - 2018-02-10 23:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:15 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:14 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-10 23:02 - 2018-01-24 01:23 - 002424904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-02-10 23:02 - 2018-01-24 01:23 - 002090056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-02-10 23:02 - 2018-01-24 01:23 - 001309256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-02-10 23:01 - 2018-02-10 23:14 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-01-24 01:23 - 000057928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-02-10 23:01 - 2018-01-24 01:23 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-02-10 22:57 - 2018-02-10 23:01 - 452923096 _____ (NVIDIA Corporation) C:\Users\david\Downloads\390.77-notebook-win10-64bit-international-whql.exe
2018-02-10 22:54 - 2018-02-10 22:55 - 084046192 _____ (NVIDIA Corporation) C:\Users\david\Downloads\GeForce_Experience_v3.12.0.84.exe
2018-02-10 22:51 - 2018-02-10 22:51 - 001861696 _____ (Oracle Corporation) C:\Users\david\Downloads\JavaSetup8u161.exe
2018-02-10 22:50 - 2018-02-10 22:50 - 004182688 _____ (Husdawg, LLC) C:\Users\david\Downloads\Detection.exe
2018-02-10 22:44 - 2018-02-10 22:44 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Electronic Arts
2018-02-10 22:42 - 2018-02-10 22:42 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-02-10 21:57 - 2018-02-10 21:57 - 000001571 _____ C:\Users\Public\Desktop\The Sims 4 x64.lnk
2018-02-10 21:57 - 2018-02-10 21:57 - 000001551 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2018-02-10 21:38 - 2018-02-04 17:01 - 000000000 ____D C:\Users\david\Desktop\The Sims 4 Tommy Full Repack CZ
2018-02-10 20:08 - 2018-02-10 21:30 - 3555720583 _____ C:\Users\david\Downloads\The Sims 4 Tommy Full Repack CZ.rar
2018-02-10 20:08 - 2018-02-10 20:08 - 000099360 _____ C:\Users\david\Downloads\[CzT]The_Sims_4_v_1_39_DLC_doplnky_2018_.torrent
2018-02-10 17:35 - 2018-02-10 17:39 - 000000000 ____D C:\Users\david\Downloads\Vražda v Orient expresu 2017 Cz dab
2018-02-10 17:33 - 2018-02-10 17:33 - 000014790 _____ C:\Users\david\Downloads\[CzT]Vrazda_v_Orient_expresu_Murder_on_the_Orient_Express_2017_CZ_.torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000020250 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_On_The_Train_2016_CZ_ (1).torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000017650 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_On_The_Train_2016_CZ_.torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000000000 ____D C:\Users\david\Downloads\The.Girl.on.the.Train.2016.BDRip.XviD.CZ
2018-02-05 21:43 - 2018-02-05 21:43 - 000043839 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_on_the_Train_2016_CZ_EN_720pHD_.torrent
2018-02-05 21:41 - 2018-02-05 21:41 - 000034387 _____ C:\Users\david\Downloads\[CzT]Fakju_pane_uciteli_Fack_ju_Gohte_2013_CZ_DE_720pHD_.torrent
2018-02-05 21:41 - 2018-02-05 21:41 - 000018244 _____ C:\Users\david\Downloads\[CzT]Fakju_pane_uciteli_Fack_ju_Gohte_2013_CZ_.torrent
2018-02-05 21:24 - 2018-02-05 21:38 - 1911045812 _____ C:\Users\david\Downloads\Let číslo 93 (2006) CZ .avi
2018-02-05 21:24 - 2018-02-05 21:24 - 000018712 _____ C:\Users\david\Downloads\[CzT]Let_cislo_93_United_93_2006_CZ_.torrent
2018-02-05 17:49 - 2018-02-05 17:49 - 000466452 _____ C:\Users\david\Downloads\27731363_2031296717117749_4982644096129564672_n.mp4
2018-02-05 17:20 - 2018-02-05 17:20 - 000060974 _____ C:\Users\david\Downloads\obchodni-podminky.pdf
2018-02-05 16:22 - 2018-02-05 16:26 - 000000000 ____D C:\Users\david\Downloads\Deepwater.Horizon.2016.BRRip.XViD.AC3.CZ-S1LV3R
2018-02-05 16:22 - 2018-02-05 16:22 - 000013058 _____ C:\Users\david\Downloads\[CzT]Deepwater_Horizon_More_v_plamenech_Deepwater_Horizon_2016_CZ_.torrent
2018-02-05 16:21 - 2018-02-05 16:21 - 000032160 _____ C:\Users\david\Downloads\[CzT]Deepwater_Horizon_More_v_plamenech_Deepwater_Horizon_2016_CZ_EN_720pHD_.torrent
2018-02-04 23:20 - 2018-02-04 23:21 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Assassin's Creed Origins
2018-02-04 23:20 - 2018-02-04 23:20 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\CPY_SAVES
2018-02-04 23:18 - 2018-02-04 23:18 - 000001319 _____ C:\Users\Public\Desktop\Assassin's Creed Origins.lnk
2018-02-04 23:18 - 2018-02-04 23:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Origins
2018-02-04 22:27 - 2018-02-04 22:27 - 000040734 _____ C:\Users\david\Downloads\[CzT]Den_patriotu_Patriots_Day_2016_CZ_720pHD_ (1).torrent
2018-02-04 21:49 - 2018-02-04 23:19 - 000000000 ____D C:\Program Files (x86)\Assassin's Creed Origins
2018-02-04 11:18 - 2018-02-04 11:25 - 1406691328 _____ C:\Users\david\Downloads\The.Voices.2014.BDRip.XViD.CZ-S1LV3R.avi
2018-02-04 11:17 - 2018-02-04 11:17 - 000057753 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_EN_1080pHD_.torrent
2018-02-04 11:17 - 2018-02-04 11:17 - 000013904 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_.torrent
2018-02-04 11:15 - 2018-02-04 11:15 - 000025057 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_EN_720pHD_.torrent
2018-02-04 11:15 - 2018-02-04 11:15 - 000000000 ____D C:\Users\david\Downloads\The.Voices.2014.720p.BluRay.x264.AC3.CZ-Worm
2018-02-03 23:46 - 2018-02-04 20:06 - 3275061248 _____ C:\Users\david\Downloads\cpy-aco.iso
2018-02-03 17:53 - 2018-02-03 17:53 - 004510184 _____ C:\Users\david\Downloads\[CzT]Assassin_s_Creed_Origins_2017_CZ_.torrent
2018-02-03 17:37 - 2018-02-03 17:48 - 3559090737 _____ C:\Users\david\Downloads\The Sims 4 MEGA pack 2018.rar
2018-02-03 17:37 - 2018-02-03 17:37 - 000017452 _____ C:\Users\david\Downloads\[CzT]The_Sims_4_Mod_2018_.torrent
2018-02-03 16:36 - 2018-02-03 16:36 - 000602578 _____ C:\Users\david\Downloads\stahování.html
2018-02-03 12:20 - 2018-02-03 20:31 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-03 08:30 - 2018-02-03 10:38 - 392918270 _____ C:\Users\david\Downloads\XStoryPl 3.5.rar
2018-01-27 15:30 - 2018-01-27 15:30 - 000149756 _____ C:\Users\david\Downloads\Unemployment.pdf
2018-01-27 15:17 - 2018-02-04 20:39 - 000000000 ____D C:\Users\david\Desktop\skola
2018-01-27 15:11 - 2018-01-27 15:11 - 000000000 ___HD C:\OneDriveTemp
2018-01-25 22:19 - 2018-01-25 23:38 - 4143132382 _____ C:\Users\david\Downloads\Den patriotů Patriots Day (2016)(CZ)[720pHD].mkv
2018-01-25 22:18 - 2018-01-25 22:18 - 000040734 _____ C:\Users\david\Downloads\[CzT]Den_patriotu_Patriots_Day_2016_CZ_720pHD_.torrent
2018-01-25 21:34 - 2018-01-25 21:34 - 000141093 _____ C:\Users\david\Downloads\HotAndMean.18.01.25.Evelin.Stone.And.Sloan.Harper.Youll.Never.Be.Cool.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-23 12:47 - 2018-01-23 12:47 - 000111855 _____ C:\Users\david\Downloads\8thStreetLatinas.18.01.17.Gina.Valentina.And.Victoria.June.Hooker.On.The.Run.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-22 21:32 - 2018-01-22 21:36 - 000000000 ____D C:\Users\david\Downloads\Thor.Ragnarok.2017
2018-01-22 21:12 - 2018-01-22 21:12 - 000000000 ____D C:\Users\david\Downloads\Hráči se smrtí (1990)
2018-01-21 22:18 - 2018-01-21 22:18 - 000042570 _____ C:\Users\david\Downloads\4231-_quiksta_mc_ifx2_tm_61656.fmf
2018-01-21 22:13 - 2018-01-21 22:13 - 000042254 _____ C:\Users\david\Downloads\Luoni 2.fmf
2018-01-21 21:03 - 2018-01-21 21:03 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Vlastní šablony Office
2018-01-21 20:37 - 2018-01-21 20:37 - 000000000 _____ C:\Users\david\Desktop\~WRL0002.tmp
2018-01-21 15:56 - 2018-01-21 16:37 - 000000000 ____D C:\Users\david\Downloads\Jigsaw.2017.NORDiC.1080p.BluRay.x264-COALiTiON
2018-01-21 15:54 - 2018-01-21 20:29 - 464924205 _____ C:\Users\david\Downloads\Hráči.se.smrtí-flatliners-2017.1080p.DTS.EN.AC3.5.1.CZ.mkv
2018-01-21 15:53 - 2018-01-21 16:06 - 1317470208 _____ C:\Users\david\Downloads\Vymítání Molly Hartleyové 2015 Cz dab..avi
2018-01-21 15:50 - 2018-01-22 22:02 - 000000000 ____D C:\Users\david\Downloads\Thor.Ragnarok.2017.1080p.WEB-DL.DD5.1.H264-FGT
2018-01-17 07:29 - 2018-01-17 07:29 - 000088371 _____ C:\Users\david\Downloads\Spizoo.17.09.18.Arya.Fae.Blake.Morgan.And.Saya.Song.Arya.Fae.Is.Your.Stripper.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-17 07:24 - 2018-01-17 07:22 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-01-17 07:14 - 2018-01-17 07:14 - 000095730 _____ C:\Users\david\Downloads\HotAndMean.18.01.17.Luna.Lain.And.Raven.Hart.Good.Taste.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-17 06:54 - 2018-01-17 06:54 - 000000000 ____D C:\Users\david\AppData\LocalLow\Oracle
2018-01-14 18:22 - 2018-01-14 18:22 - 000112245 _____ C:\Users\david\Downloads\HotAndMean.18.01.09.Ariella.Ferrera.And.Reagan.Foxx.Harder.Faster.MILFier.XXX.1080p.MP4-KTR-[rarbg.to].torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-11 17:59 - 2017-12-28 12:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-11 15:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-11 15:28 - 2016-12-01 03:29 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-11 15:26 - 2017-06-29 15:55 - 000000000 ___RD C:\Users\david\OneDrive
2018-02-11 14:41 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-11 14:08 - 2017-10-29 13:20 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-11 14:06 - 2017-12-28 12:51 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck
2018-02-11 14:05 - 2017-12-28 12:27 - 000000000 ____D C:\Users\david
2018-02-11 14:05 - 2017-06-29 15:50 - 000000000 __SHD C:\Users\david\IntelGraphicsProfiles
2018-02-11 14:03 - 2017-12-28 12:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-11 12:58 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-11 11:49 - 2017-06-29 15:52 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA Corporation
2018-02-10 23:20 - 2017-06-29 18:37 - 000000000 ____D C:\Users\david\AppData\Local\CrashDumps
2018-02-10 23:18 - 2017-12-28 12:45 - 001927310 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-10 23:18 - 2017-09-30 15:31 - 000830072 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-10 23:18 - 2017-09-30 15:31 - 000173820 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-10 23:16 - 2017-07-09 21:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-10 23:14 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-10 23:14 - 2017-07-09 21:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-10 23:14 - 2017-07-03 18:18 - 000000000 ____D C:\Users\david\AppData\Roaming\NVIDIA
2018-02-10 23:14 - 2016-12-01 03:29 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-10 23:04 - 2017-06-29 15:51 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA
2018-02-10 22:56 - 2017-07-02 08:49 - 000000000 ____D C:\Program Files\Java
2018-02-10 22:56 - 2017-07-02 08:48 - 000000000 ____D C:\ProgramData\Oracle
2018-02-10 22:56 - 2017-07-02 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-02-10 22:55 - 2017-07-02 08:48 - 000000000 ____D C:\Program Files (x86)\Java
2018-02-10 22:54 - 2017-07-02 08:48 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-02-10 22:42 - 2017-08-06 13:45 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2018-02-10 21:57 - 2017-07-01 14:25 - 000000000 ____D C:\Games
2018-02-10 21:38 - 2017-06-29 19:02 - 000000000 ____D C:\Users\david\AppData\Roaming\uTorrent
2018-02-10 16:52 - 2018-01-07 21:03 - 000005264 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LAPTOP-NKMN7808-david LAPTOP-NKMN7808
2018-02-10 15:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-10 15:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-10 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-09 15:28 - 2017-12-28 12:51 - 000004666 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-09 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-09 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-09 15:28 - 2017-06-29 18:07 - 000000000 ____D C:\Program Files\Opera
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 17:49 - 2017-07-01 14:30 - 000000000 ____D C:\Users\david\AppData\Roaming\vlc
2018-02-04 22:30 - 2017-06-29 19:02 - 000000999 _____ C:\Users\david\Desktop\µTorrent.lnk
2018-02-04 10:53 - 2017-12-28 12:28 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2018-02-03 11:39 - 2017-11-14 09:55 - 000000000 ____D C:\Users\david\Desktop\Nová složka (2)
2018-01-28 00:15 - 2017-12-29 21:32 - 000000000 ____D C:\Users\david\AppData\Local\PlaceholderTileLogoFolder
2018-01-27 15:11 - 2017-12-28 12:51 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2059283851-2947840002-3319665459-1001
2018-01-27 15:11 - 2017-06-29 15:55 - 000002395 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-26 00:32 - 2017-12-28 12:51 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1498756043
2018-01-25 21:12 - 2017-06-29 20:05 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 01:23 - 2017-06-29 18:37 - 000187704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-01-24 01:23 - 2017-06-29 18:37 - 000152976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-01-24 01:23 - 2017-06-29 15:40 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-24 01:23 - 2017-01-17 04:50 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-24 01:23 - 2017-01-17 00:37 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-23 23:57 - 2017-07-09 21:17 - 005950024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000633328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000082744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-22 06:46 - 2017-07-09 21:17 - 007947791 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-01-13 22:54 - 2017-06-29 16:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-13 22:44 - 2017-10-10 19:44 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-13 22:44 - 2017-06-29 16:49 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\david\Desktop" je 16430 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2018 02
Ran by david (administrator) on LAPTOP-NKMN7808 (11-02-2018 18:06:17)
Running from C:\Users\david\Desktop
Loaded Profiles: david (Available Profiles: david)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(forum.viry.cz) C:\Users\david\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\MountPoints2: {6b8a8a14-b76d-11e6-9d9a-806e6f6e6963} - "D:\autorun.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{02beaa11-2dfd-40b3-b3c2-6faff1e40937}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{99074bd5-a45e-4796-9ac4-9671c29f7bff}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2059283851-2947840002-3319665459-1001 -> DefaultScope {15FFE0B1-8382-4AD9-9C9B-2525969C3FD5} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-17] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-10] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-10] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-09] ()
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26592 2016-03-04] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-17] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-24] (NVIDIA Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI) [File not signed]
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-22] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-22] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [183896 2016-03-24] (ELAN Microelectronic Corp.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-09-13] (Acer Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_fa38828e445984f5\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30280 2018-01-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-09-13] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-22] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-22] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-11 18:05 - 2018-02-11 18:05 - 000038848 _____ C:\Users\david\Desktop\FRST3.txt
2018-02-11 18:02 - 2018-02-11 18:06 - 000014574 _____ C:\Users\david\Desktop\FRST.txt
2018-02-11 18:00 - 2018-02-11 18:06 - 000000000 ____D C:\FRST
2018-02-11 18:00 - 2018-02-11 18:00 - 002404864 _____ (Farbar) C:\Users\david\Desktop\FRST64.exe
2018-02-11 18:00 - 2018-02-11 18:00 - 000112640 _____ (forum.viry.cz) C:\Users\david\Desktop\FRSTLauncher.exe
2018-02-11 14:03 - 2018-02-11 14:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-11 12:56 - 2018-02-11 13:04 - 000000000 ____D C:\AdwCleaner
2018-02-11 12:54 - 2018-02-11 12:54 - 008222496 _____ (Malwarebytes) C:\Users\david\Desktop\adwcleaner_7.0.8.0.exe
2018-02-11 12:33 - 2018-02-11 12:33 - 001222144 _____ C:\Users\david\Downloads\RSITx64.exe
2018-02-11 12:33 - 2018-02-11 12:33 - 000000000 ____D C:\rsit
2018-02-11 12:33 - 2018-02-11 12:33 - 000000000 ____D C:\Program Files\trend micro
2018-02-11 12:29 - 2018-02-11 12:30 - 012259160 _____ (Microsoft Corporation) C:\Users\david\Downloads\MSEInstall.exe
2018-02-11 12:09 - 2018-02-11 12:10 - 021750910 _____ C:\Users\david\Downloads\WickedWhims 3.2.4.122e - 10 February 2018.zip
2018-02-10 23:16 - 2018-02-10 23:16 - 000000000 ____D C:\Users\david\ansel
2018-02-10 23:14 - 2018-02-10 23:14 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-10 23:14 - 2017-11-02 21:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-02-10 23:14 - 2017-11-02 21:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-02-10 23:14 - 2017-11-02 21:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-02-10 23:14 - 2017-11-02 21:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-02-10 23:12 - 2018-02-10 23:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-02-10 23:09 - 2018-01-24 01:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-02-10 23:03 - 2018-02-10 23:03 - 000000000 ____D C:\NVIDIA
2018-02-10 23:02 - 2018-02-10 23:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:15 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:14 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-10 23:02 - 2018-01-24 01:23 - 002424904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-02-10 23:02 - 2018-01-24 01:23 - 002090056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-02-10 23:02 - 2018-01-24 01:23 - 001309256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-02-10 23:01 - 2018-02-10 23:14 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-01-24 01:23 - 000057928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-02-10 23:01 - 2018-01-24 01:23 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-02-10 22:57 - 2018-02-10 23:01 - 452923096 _____ (NVIDIA Corporation) C:\Users\david\Downloads\390.77-notebook-win10-64bit-international-whql.exe
2018-02-10 22:54 - 2018-02-10 22:55 - 084046192 _____ (NVIDIA Corporation) C:\Users\david\Downloads\GeForce_Experience_v3.12.0.84.exe
2018-02-10 22:51 - 2018-02-10 22:51 - 001861696 _____ (Oracle Corporation) C:\Users\david\Downloads\JavaSetup8u161.exe
2018-02-10 22:50 - 2018-02-10 22:50 - 004182688 _____ (Husdawg, LLC) C:\Users\david\Downloads\Detection.exe
2018-02-10 22:44 - 2018-02-10 22:44 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Electronic Arts
2018-02-10 22:42 - 2018-02-10 22:42 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-02-10 21:57 - 2018-02-10 21:57 - 000001571 _____ C:\Users\Public\Desktop\The Sims 4 x64.lnk
2018-02-10 21:57 - 2018-02-10 21:57 - 000001551 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2018-02-10 21:38 - 2018-02-04 17:01 - 000000000 ____D C:\Users\david\Desktop\The Sims 4 Tommy Full Repack CZ
2018-02-10 20:08 - 2018-02-10 21:30 - 3555720583 _____ C:\Users\david\Downloads\The Sims 4 Tommy Full Repack CZ.rar
2018-02-10 20:08 - 2018-02-10 20:08 - 000099360 _____ C:\Users\david\Downloads\[CzT]The_Sims_4_v_1_39_DLC_doplnky_2018_.torrent
2018-02-10 17:35 - 2018-02-10 17:39 - 000000000 ____D C:\Users\david\Downloads\Vražda v Orient expresu 2017 Cz dab
2018-02-10 17:33 - 2018-02-10 17:33 - 000014790 _____ C:\Users\david\Downloads\[CzT]Vrazda_v_Orient_expresu_Murder_on_the_Orient_Express_2017_CZ_.torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000020250 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_On_The_Train_2016_CZ_ (1).torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000017650 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_On_The_Train_2016_CZ_.torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000000000 ____D C:\Users\david\Downloads\The.Girl.on.the.Train.2016.BDRip.XviD.CZ
2018-02-05 21:43 - 2018-02-05 21:43 - 000043839 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_on_the_Train_2016_CZ_EN_720pHD_.torrent
2018-02-05 21:41 - 2018-02-05 21:41 - 000034387 _____ C:\Users\david\Downloads\[CzT]Fakju_pane_uciteli_Fack_ju_Gohte_2013_CZ_DE_720pHD_.torrent
2018-02-05 21:41 - 2018-02-05 21:41 - 000018244 _____ C:\Users\david\Downloads\[CzT]Fakju_pane_uciteli_Fack_ju_Gohte_2013_CZ_.torrent
2018-02-05 21:24 - 2018-02-05 21:38 - 1911045812 _____ C:\Users\david\Downloads\Let číslo 93 (2006) CZ .avi
2018-02-05 21:24 - 2018-02-05 21:24 - 000018712 _____ C:\Users\david\Downloads\[CzT]Let_cislo_93_United_93_2006_CZ_.torrent
2018-02-05 17:49 - 2018-02-05 17:49 - 000466452 _____ C:\Users\david\Downloads\27731363_2031296717117749_4982644096129564672_n.mp4
2018-02-05 17:20 - 2018-02-05 17:20 - 000060974 _____ C:\Users\david\Downloads\obchodni-podminky.pdf
2018-02-05 16:22 - 2018-02-05 16:26 - 000000000 ____D C:\Users\david\Downloads\Deepwater.Horizon.2016.BRRip.XViD.AC3.CZ-S1LV3R
2018-02-05 16:22 - 2018-02-05 16:22 - 000013058 _____ C:\Users\david\Downloads\[CzT]Deepwater_Horizon_More_v_plamenech_Deepwater_Horizon_2016_CZ_.torrent
2018-02-05 16:21 - 2018-02-05 16:21 - 000032160 _____ C:\Users\david\Downloads\[CzT]Deepwater_Horizon_More_v_plamenech_Deepwater_Horizon_2016_CZ_EN_720pHD_.torrent
2018-02-04 23:20 - 2018-02-04 23:21 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Assassin's Creed Origins
2018-02-04 23:20 - 2018-02-04 23:20 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\CPY_SAVES
2018-02-04 23:18 - 2018-02-04 23:18 - 000001319 _____ C:\Users\Public\Desktop\Assassin's Creed Origins.lnk
2018-02-04 23:18 - 2018-02-04 23:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Origins
2018-02-04 22:27 - 2018-02-04 22:27 - 000040734 _____ C:\Users\david\Downloads\[CzT]Den_patriotu_Patriots_Day_2016_CZ_720pHD_ (1).torrent
2018-02-04 21:49 - 2018-02-04 23:19 - 000000000 ____D C:\Program Files (x86)\Assassin's Creed Origins
2018-02-04 11:18 - 2018-02-04 11:25 - 1406691328 _____ C:\Users\david\Downloads\The.Voices.2014.BDRip.XViD.CZ-S1LV3R.avi
2018-02-04 11:17 - 2018-02-04 11:17 - 000057753 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_EN_1080pHD_.torrent
2018-02-04 11:17 - 2018-02-04 11:17 - 000013904 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_.torrent
2018-02-04 11:15 - 2018-02-04 11:15 - 000025057 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_EN_720pHD_.torrent
2018-02-04 11:15 - 2018-02-04 11:15 - 000000000 ____D C:\Users\david\Downloads\The.Voices.2014.720p.BluRay.x264.AC3.CZ-Worm
2018-02-03 23:46 - 2018-02-04 20:06 - 3275061248 _____ C:\Users\david\Downloads\cpy-aco.iso
2018-02-03 17:53 - 2018-02-03 17:53 - 004510184 _____ C:\Users\david\Downloads\[CzT]Assassin_s_Creed_Origins_2017_CZ_.torrent
2018-02-03 17:37 - 2018-02-03 17:48 - 3559090737 _____ C:\Users\david\Downloads\The Sims 4 MEGA pack 2018.rar
2018-02-03 17:37 - 2018-02-03 17:37 - 000017452 _____ C:\Users\david\Downloads\[CzT]The_Sims_4_Mod_2018_.torrent
2018-02-03 16:36 - 2018-02-03 16:36 - 000602578 _____ C:\Users\david\Downloads\stahování.html
2018-02-03 12:20 - 2018-02-03 20:31 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-03 08:30 - 2018-02-03 10:38 - 392918270 _____ C:\Users\david\Downloads\XStoryPl 3.5.rar
2018-01-27 15:30 - 2018-01-27 15:30 - 000149756 _____ C:\Users\david\Downloads\Unemployment.pdf
2018-01-27 15:17 - 2018-02-04 20:39 - 000000000 ____D C:\Users\david\Desktop\skola
2018-01-27 15:11 - 2018-01-27 15:11 - 000000000 ___HD C:\OneDriveTemp
2018-01-25 22:19 - 2018-01-25 23:38 - 4143132382 _____ C:\Users\david\Downloads\Den patriotů Patriots Day (2016)(CZ)[720pHD].mkv
2018-01-25 22:18 - 2018-01-25 22:18 - 000040734 _____ C:\Users\david\Downloads\[CzT]Den_patriotu_Patriots_Day_2016_CZ_720pHD_.torrent
2018-01-25 21:34 - 2018-01-25 21:34 - 000141093 _____ C:\Users\david\Downloads\HotAndMean.18.01.25.Evelin.Stone.And.Sloan.Harper.Youll.Never.Be.Cool.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-23 12:47 - 2018-01-23 12:47 - 000111855 _____ C:\Users\david\Downloads\8thStreetLatinas.18.01.17.Gina.Valentina.And.Victoria.June.Hooker.On.The.Run.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-22 21:32 - 2018-01-22 21:36 - 000000000 ____D C:\Users\david\Downloads\Thor.Ragnarok.2017
2018-01-22 21:12 - 2018-01-22 21:12 - 000000000 ____D C:\Users\david\Downloads\Hráči se smrtí (1990)
2018-01-21 22:18 - 2018-01-21 22:18 - 000042570 _____ C:\Users\david\Downloads\4231-_quiksta_mc_ifx2_tm_61656.fmf
2018-01-21 22:13 - 2018-01-21 22:13 - 000042254 _____ C:\Users\david\Downloads\Luoni 2.fmf
2018-01-21 21:03 - 2018-01-21 21:03 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Vlastní šablony Office
2018-01-21 20:37 - 2018-01-21 20:37 - 000000000 _____ C:\Users\david\Desktop\~WRL0002.tmp
2018-01-21 15:56 - 2018-01-21 16:37 - 000000000 ____D C:\Users\david\Downloads\Jigsaw.2017.NORDiC.1080p.BluRay.x264-COALiTiON
2018-01-21 15:54 - 2018-01-21 20:29 - 464924205 _____ C:\Users\david\Downloads\Hráči.se.smrtí-flatliners-2017.1080p.DTS.EN.AC3.5.1.CZ.mkv
2018-01-21 15:53 - 2018-01-21 16:06 - 1317470208 _____ C:\Users\david\Downloads\Vymítání Molly Hartleyové 2015 Cz dab..avi
2018-01-21 15:50 - 2018-01-22 22:02 - 000000000 ____D C:\Users\david\Downloads\Thor.Ragnarok.2017.1080p.WEB-DL.DD5.1.H264-FGT
2018-01-17 07:29 - 2018-01-17 07:29 - 000088371 _____ C:\Users\david\Downloads\Spizoo.17.09.18.Arya.Fae.Blake.Morgan.And.Saya.Song.Arya.Fae.Is.Your.Stripper.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-17 07:24 - 2018-01-17 07:22 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-01-17 07:14 - 2018-01-17 07:14 - 000095730 _____ C:\Users\david\Downloads\HotAndMean.18.01.17.Luna.Lain.And.Raven.Hart.Good.Taste.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-17 06:54 - 2018-01-17 06:54 - 000000000 ____D C:\Users\david\AppData\LocalLow\Oracle
2018-01-14 18:22 - 2018-01-14 18:22 - 000112245 _____ C:\Users\david\Downloads\HotAndMean.18.01.09.Ariella.Ferrera.And.Reagan.Foxx.Harder.Faster.MILFier.XXX.1080p.MP4-KTR-[rarbg.to].torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-11 17:59 - 2017-12-28 12:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-11 15:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-11 15:28 - 2016-12-01 03:29 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-11 15:26 - 2017-06-29 15:55 - 000000000 ___RD C:\Users\david\OneDrive
2018-02-11 14:41 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-11 14:08 - 2017-10-29 13:20 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-11 14:06 - 2017-12-28 12:51 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck
2018-02-11 14:05 - 2017-12-28 12:27 - 000000000 ____D C:\Users\david
2018-02-11 14:05 - 2017-06-29 15:50 - 000000000 __SHD C:\Users\david\IntelGraphicsProfiles
2018-02-11 14:03 - 2017-12-28 12:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-11 12:58 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-11 11:49 - 2017-06-29 15:52 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA Corporation
2018-02-10 23:20 - 2017-06-29 18:37 - 000000000 ____D C:\Users\david\AppData\Local\CrashDumps
2018-02-10 23:18 - 2017-12-28 12:45 - 001927310 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-10 23:18 - 2017-09-30 15:31 - 000830072 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-10 23:18 - 2017-09-30 15:31 - 000173820 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-10 23:16 - 2017-07-09 21:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-10 23:14 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-10 23:14 - 2017-07-09 21:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-10 23:14 - 2017-07-03 18:18 - 000000000 ____D C:\Users\david\AppData\Roaming\NVIDIA
2018-02-10 23:14 - 2016-12-01 03:29 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-10 23:04 - 2017-06-29 15:51 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA
2018-02-10 22:56 - 2017-07-02 08:49 - 000000000 ____D C:\Program Files\Java
2018-02-10 22:56 - 2017-07-02 08:48 - 000000000 ____D C:\ProgramData\Oracle
2018-02-10 22:56 - 2017-07-02 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-02-10 22:55 - 2017-07-02 08:48 - 000000000 ____D C:\Program Files (x86)\Java
2018-02-10 22:54 - 2017-07-02 08:48 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-02-10 22:42 - 2017-08-06 13:45 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2018-02-10 21:57 - 2017-07-01 14:25 - 000000000 ____D C:\Games
2018-02-10 21:38 - 2017-06-29 19:02 - 000000000 ____D C:\Users\david\AppData\Roaming\uTorrent
2018-02-10 16:52 - 2018-01-07 21:03 - 000005264 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LAPTOP-NKMN7808-david LAPTOP-NKMN7808
2018-02-10 15:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-10 15:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-10 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-09 15:28 - 2017-12-28 12:51 - 000004666 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-09 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-09 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-09 15:28 - 2017-06-29 18:07 - 000000000 ____D C:\Program Files\Opera
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 17:49 - 2017-07-01 14:30 - 000000000 ____D C:\Users\david\AppData\Roaming\vlc
2018-02-04 22:30 - 2017-06-29 19:02 - 000000999 _____ C:\Users\david\Desktop\µTorrent.lnk
2018-02-04 10:53 - 2017-12-28 12:28 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2018-02-03 11:39 - 2017-11-14 09:55 - 000000000 ____D C:\Users\david\Desktop\Nová složka (2)
2018-01-28 00:15 - 2017-12-29 21:32 - 000000000 ____D C:\Users\david\AppData\Local\PlaceholderTileLogoFolder
2018-01-27 15:11 - 2017-12-28 12:51 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2059283851-2947840002-3319665459-1001
2018-01-27 15:11 - 2017-06-29 15:55 - 000002395 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-26 00:32 - 2017-12-28 12:51 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1498756043
2018-01-25 21:12 - 2017-06-29 20:05 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 01:23 - 2017-06-29 18:37 - 000187704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-01-24 01:23 - 2017-06-29 18:37 - 000152976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-01-24 01:23 - 2017-06-29 15:40 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-24 01:23 - 2017-01-17 04:50 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-24 01:23 - 2017-01-17 00:37 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-23 23:57 - 2017-07-09 21:17 - 005950024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000633328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000082744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-22 06:46 - 2017-07-09 21:17 - 007947791 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-01-13 22:54 - 2017-06-29 16:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-13 22:44 - 2017-10-10 19:44 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-13 22:44 - 2017-06-29 16:49 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-10 16:50
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:258.84 GB) NTFS
Drive d: (FS17PE) (CDROM) (Total:6.54 GB) (Free:0 GB) UDF
\\?\Volume{fb8b54ae-6c2e-401e-ae5e-9978ab06641a}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
\\?\Volume{6bc73e67-53e6-4c91-b80a-60f732357fbc}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS
Available physical RAM: 5285.26 MB
Total physical RAM: 8060.22 MB
Percentage of memory in use: 34%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: 46B6C0FA)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\david\Desktop" je 16431 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Ran by david (administrator) on LAPTOP-NKMN7808 (11-02-2018 18:02:50)
Running from C:\Users\david\Desktop
Loaded Profiles: david (Available Profiles: david)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(forum.viry.cz) C:\Users\david\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\MountPoints2: {6b8a8a14-b76d-11e6-9d9a-806e6f6e6963} - "D:\autorun.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{02beaa11-2dfd-40b3-b3c2-6faff1e40937}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{99074bd5-a45e-4796-9ac4-9671c29f7bff}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2059283851-2947840002-3319665459-1001 -> DefaultScope {15FFE0B1-8382-4AD9-9C9B-2525969C3FD5} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-17] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-10] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-10] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-09] ()
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26592 2016-03-04] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-17] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-24] (NVIDIA Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI) [File not signed]
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-22] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-22] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [183896 2016-03-24] (ELAN Microelectronic Corp.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-09-13] (Acer Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_fa38828e445984f5\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30280 2018-01-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-09-13] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-22] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-22] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-11 18:02 - 2018-02-11 18:03 - 000014766 _____ C:\Users\david\Desktop\FRST.txt
2018-02-11 18:00 - 2018-02-11 18:02 - 000000000 ____D C:\FRST
2018-02-11 18:00 - 2018-02-11 18:00 - 002404864 _____ (Farbar) C:\Users\david\Desktop\FRST64.exe
2018-02-11 18:00 - 2018-02-11 18:00 - 000112640 _____ (forum.viry.cz) C:\Users\david\Desktop\FRSTLauncher.exe
2018-02-11 14:03 - 2018-02-11 14:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-11 12:56 - 2018-02-11 13:04 - 000000000 ____D C:\AdwCleaner
2018-02-11 12:54 - 2018-02-11 12:54 - 008222496 _____ (Malwarebytes) C:\Users\david\Desktop\adwcleaner_7.0.8.0.exe
2018-02-11 12:33 - 2018-02-11 12:33 - 001222144 _____ C:\Users\david\Downloads\RSITx64.exe
2018-02-11 12:33 - 2018-02-11 12:33 - 000000000 ____D C:\rsit
2018-02-11 12:33 - 2018-02-11 12:33 - 000000000 ____D C:\Program Files\trend micro
2018-02-11 12:29 - 2018-02-11 12:30 - 012259160 _____ (Microsoft Corporation) C:\Users\david\Downloads\MSEInstall.exe
2018-02-11 12:09 - 2018-02-11 12:10 - 021750910 _____ C:\Users\david\Downloads\WickedWhims 3.2.4.122e - 10 February 2018.zip
2018-02-10 23:16 - 2018-02-10 23:16 - 000000000 ____D C:\Users\david\ansel
2018-02-10 23:14 - 2018-02-10 23:14 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-10 23:14 - 2017-11-02 21:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-02-10 23:14 - 2017-11-02 21:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-02-10 23:14 - 2017-11-02 21:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-02-10 23:14 - 2017-11-02 21:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-02-10 23:12 - 2018-02-10 23:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-02-10 23:09 - 2018-01-24 01:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-02-10 23:03 - 2018-02-10 23:03 - 000000000 ____D C:\NVIDIA
2018-02-10 23:02 - 2018-02-10 23:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:15 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:14 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-10 23:02 - 2018-01-24 01:23 - 002424904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-02-10 23:02 - 2018-01-24 01:23 - 002090056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-02-10 23:02 - 2018-01-24 01:23 - 001309256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-02-10 23:01 - 2018-02-10 23:14 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-01-24 01:23 - 000057928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-02-10 23:01 - 2018-01-24 01:23 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-02-10 22:57 - 2018-02-10 23:01 - 452923096 _____ (NVIDIA Corporation) C:\Users\david\Downloads\390.77-notebook-win10-64bit-international-whql.exe
2018-02-10 22:54 - 2018-02-10 22:55 - 084046192 _____ (NVIDIA Corporation) C:\Users\david\Downloads\GeForce_Experience_v3.12.0.84.exe
2018-02-10 22:51 - 2018-02-10 22:51 - 001861696 _____ (Oracle Corporation) C:\Users\david\Downloads\JavaSetup8u161.exe
2018-02-10 22:50 - 2018-02-10 22:50 - 004182688 _____ (Husdawg, LLC) C:\Users\david\Downloads\Detection.exe
2018-02-10 22:44 - 2018-02-10 22:44 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Electronic Arts
2018-02-10 22:42 - 2018-02-10 22:42 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-02-10 21:57 - 2018-02-10 21:57 - 000001571 _____ C:\Users\Public\Desktop\The Sims 4 x64.lnk
2018-02-10 21:57 - 2018-02-10 21:57 - 000001551 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2018-02-10 21:38 - 2018-02-04 17:01 - 000000000 ____D C:\Users\david\Desktop\The Sims 4 Tommy Full Repack CZ
2018-02-10 20:08 - 2018-02-10 21:30 - 3555720583 _____ C:\Users\david\Downloads\The Sims 4 Tommy Full Repack CZ.rar
2018-02-10 20:08 - 2018-02-10 20:08 - 000099360 _____ C:\Users\david\Downloads\[CzT]The_Sims_4_v_1_39_DLC_doplnky_2018_.torrent
2018-02-10 17:35 - 2018-02-10 17:39 - 000000000 ____D C:\Users\david\Downloads\Vražda v Orient expresu 2017 Cz dab
2018-02-10 17:33 - 2018-02-10 17:33 - 000014790 _____ C:\Users\david\Downloads\[CzT]Vrazda_v_Orient_expresu_Murder_on_the_Orient_Express_2017_CZ_.torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000020250 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_On_The_Train_2016_CZ_ (1).torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000017650 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_On_The_Train_2016_CZ_.torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000000000 ____D C:\Users\david\Downloads\The.Girl.on.the.Train.2016.BDRip.XviD.CZ
2018-02-05 21:43 - 2018-02-05 21:43 - 000043839 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_on_the_Train_2016_CZ_EN_720pHD_.torrent
2018-02-05 21:41 - 2018-02-05 21:41 - 000034387 _____ C:\Users\david\Downloads\[CzT]Fakju_pane_uciteli_Fack_ju_Gohte_2013_CZ_DE_720pHD_.torrent
2018-02-05 21:41 - 2018-02-05 21:41 - 000018244 _____ C:\Users\david\Downloads\[CzT]Fakju_pane_uciteli_Fack_ju_Gohte_2013_CZ_.torrent
2018-02-05 21:24 - 2018-02-05 21:38 - 1911045812 _____ C:\Users\david\Downloads\Let číslo 93 (2006) CZ .avi
2018-02-05 21:24 - 2018-02-05 21:24 - 000018712 _____ C:\Users\david\Downloads\[CzT]Let_cislo_93_United_93_2006_CZ_.torrent
2018-02-05 17:49 - 2018-02-05 17:49 - 000466452 _____ C:\Users\david\Downloads\27731363_2031296717117749_4982644096129564672_n.mp4
2018-02-05 17:20 - 2018-02-05 17:20 - 000060974 _____ C:\Users\david\Downloads\obchodni-podminky.pdf
2018-02-05 16:22 - 2018-02-05 16:26 - 000000000 ____D C:\Users\david\Downloads\Deepwater.Horizon.2016.BRRip.XViD.AC3.CZ-S1LV3R
2018-02-05 16:22 - 2018-02-05 16:22 - 000013058 _____ C:\Users\david\Downloads\[CzT]Deepwater_Horizon_More_v_plamenech_Deepwater_Horizon_2016_CZ_.torrent
2018-02-05 16:21 - 2018-02-05 16:21 - 000032160 _____ C:\Users\david\Downloads\[CzT]Deepwater_Horizon_More_v_plamenech_Deepwater_Horizon_2016_CZ_EN_720pHD_.torrent
2018-02-04 23:20 - 2018-02-04 23:21 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Assassin's Creed Origins
2018-02-04 23:20 - 2018-02-04 23:20 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\CPY_SAVES
2018-02-04 23:18 - 2018-02-04 23:18 - 000001319 _____ C:\Users\Public\Desktop\Assassin's Creed Origins.lnk
2018-02-04 23:18 - 2018-02-04 23:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Origins
2018-02-04 22:27 - 2018-02-04 22:27 - 000040734 _____ C:\Users\david\Downloads\[CzT]Den_patriotu_Patriots_Day_2016_CZ_720pHD_ (1).torrent
2018-02-04 21:49 - 2018-02-04 23:19 - 000000000 ____D C:\Program Files (x86)\Assassin's Creed Origins
2018-02-04 11:18 - 2018-02-04 11:25 - 1406691328 _____ C:\Users\david\Downloads\The.Voices.2014.BDRip.XViD.CZ-S1LV3R.avi
2018-02-04 11:17 - 2018-02-04 11:17 - 000057753 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_EN_1080pHD_.torrent
2018-02-04 11:17 - 2018-02-04 11:17 - 000013904 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_.torrent
2018-02-04 11:15 - 2018-02-04 11:15 - 000025057 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_EN_720pHD_.torrent
2018-02-04 11:15 - 2018-02-04 11:15 - 000000000 ____D C:\Users\david\Downloads\The.Voices.2014.720p.BluRay.x264.AC3.CZ-Worm
2018-02-03 23:46 - 2018-02-04 20:06 - 3275061248 _____ C:\Users\david\Downloads\cpy-aco.iso
2018-02-03 17:53 - 2018-02-03 17:53 - 004510184 _____ C:\Users\david\Downloads\[CzT]Assassin_s_Creed_Origins_2017_CZ_.torrent
2018-02-03 17:37 - 2018-02-03 17:48 - 3559090737 _____ C:\Users\david\Downloads\The Sims 4 MEGA pack 2018.rar
2018-02-03 17:37 - 2018-02-03 17:37 - 000017452 _____ C:\Users\david\Downloads\[CzT]The_Sims_4_Mod_2018_.torrent
2018-02-03 16:36 - 2018-02-03 16:36 - 000602578 _____ C:\Users\david\Downloads\stahování.html
2018-02-03 12:20 - 2018-02-03 20:31 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-03 08:30 - 2018-02-03 10:38 - 392918270 _____ C:\Users\david\Downloads\XStoryPl 3.5.rar
2018-01-27 15:30 - 2018-01-27 15:30 - 000149756 _____ C:\Users\david\Downloads\Unemployment.pdf
2018-01-27 15:17 - 2018-02-04 20:39 - 000000000 ____D C:\Users\david\Desktop\skola
2018-01-27 15:11 - 2018-01-27 15:11 - 000000000 ___HD C:\OneDriveTemp
2018-01-25 22:19 - 2018-01-25 23:38 - 4143132382 _____ C:\Users\david\Downloads\Den patriotů Patriots Day (2016)(CZ)[720pHD].mkv
2018-01-25 22:18 - 2018-01-25 22:18 - 000040734 _____ C:\Users\david\Downloads\[CzT]Den_patriotu_Patriots_Day_2016_CZ_720pHD_.torrent
2018-01-25 21:34 - 2018-01-25 21:34 - 000141093 _____ C:\Users\david\Downloads\HotAndMean.18.01.25.Evelin.Stone.And.Sloan.Harper.Youll.Never.Be.Cool.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-23 12:47 - 2018-01-23 12:47 - 000111855 _____ C:\Users\david\Downloads\8thStreetLatinas.18.01.17.Gina.Valentina.And.Victoria.June.Hooker.On.The.Run.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-22 21:32 - 2018-01-22 21:36 - 000000000 ____D C:\Users\david\Downloads\Thor.Ragnarok.2017
2018-01-22 21:12 - 2018-01-22 21:12 - 000000000 ____D C:\Users\david\Downloads\Hráči se smrtí (1990)
2018-01-21 22:18 - 2018-01-21 22:18 - 000042570 _____ C:\Users\david\Downloads\4231-_quiksta_mc_ifx2_tm_61656.fmf
2018-01-21 22:13 - 2018-01-21 22:13 - 000042254 _____ C:\Users\david\Downloads\Luoni 2.fmf
2018-01-21 21:03 - 2018-01-21 21:03 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Vlastní šablony Office
2018-01-21 20:37 - 2018-01-21 20:37 - 000000000 _____ C:\Users\david\Desktop\~WRL0002.tmp
2018-01-21 15:56 - 2018-01-21 16:37 - 000000000 ____D C:\Users\david\Downloads\Jigsaw.2017.NORDiC.1080p.BluRay.x264-COALiTiON
2018-01-21 15:54 - 2018-01-21 20:29 - 464924205 _____ C:\Users\david\Downloads\Hráči.se.smrtí-flatliners-2017.1080p.DTS.EN.AC3.5.1.CZ.mkv
2018-01-21 15:53 - 2018-01-21 16:06 - 1317470208 _____ C:\Users\david\Downloads\Vymítání Molly Hartleyové 2015 Cz dab..avi
2018-01-21 15:50 - 2018-01-22 22:02 - 000000000 ____D C:\Users\david\Downloads\Thor.Ragnarok.2017.1080p.WEB-DL.DD5.1.H264-FGT
2018-01-17 07:29 - 2018-01-17 07:29 - 000088371 _____ C:\Users\david\Downloads\Spizoo.17.09.18.Arya.Fae.Blake.Morgan.And.Saya.Song.Arya.Fae.Is.Your.Stripper.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-17 07:24 - 2018-01-17 07:22 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-01-17 07:14 - 2018-01-17 07:14 - 000095730 _____ C:\Users\david\Downloads\HotAndMean.18.01.17.Luna.Lain.And.Raven.Hart.Good.Taste.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-17 06:54 - 2018-01-17 06:54 - 000000000 ____D C:\Users\david\AppData\LocalLow\Oracle
2018-01-14 18:22 - 2018-01-14 18:22 - 000112245 _____ C:\Users\david\Downloads\HotAndMean.18.01.09.Ariella.Ferrera.And.Reagan.Foxx.Harder.Faster.MILFier.XXX.1080p.MP4-KTR-[rarbg.to].torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-11 17:59 - 2017-12-28 12:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-11 15:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-11 15:28 - 2016-12-01 03:29 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-11 15:26 - 2017-06-29 15:55 - 000000000 ___RD C:\Users\david\OneDrive
2018-02-11 14:41 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-11 14:08 - 2017-10-29 13:20 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-11 14:06 - 2017-12-28 12:51 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck
2018-02-11 14:05 - 2017-12-28 12:27 - 000000000 ____D C:\Users\david
2018-02-11 14:05 - 2017-06-29 15:50 - 000000000 __SHD C:\Users\david\IntelGraphicsProfiles
2018-02-11 14:03 - 2017-12-28 12:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-11 12:58 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-11 11:49 - 2017-06-29 15:52 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA Corporation
2018-02-10 23:20 - 2017-06-29 18:37 - 000000000 ____D C:\Users\david\AppData\Local\CrashDumps
2018-02-10 23:18 - 2017-12-28 12:45 - 001927310 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-10 23:18 - 2017-09-30 15:31 - 000830072 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-10 23:18 - 2017-09-30 15:31 - 000173820 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-10 23:16 - 2017-07-09 21:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-10 23:14 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-10 23:14 - 2017-07-09 21:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-10 23:14 - 2017-07-03 18:18 - 000000000 ____D C:\Users\david\AppData\Roaming\NVIDIA
2018-02-10 23:14 - 2016-12-01 03:29 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-10 23:04 - 2017-06-29 15:51 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA
2018-02-10 22:56 - 2017-07-02 08:49 - 000000000 ____D C:\Program Files\Java
2018-02-10 22:56 - 2017-07-02 08:48 - 000000000 ____D C:\ProgramData\Oracle
2018-02-10 22:56 - 2017-07-02 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-02-10 22:55 - 2017-07-02 08:48 - 000000000 ____D C:\Program Files (x86)\Java
2018-02-10 22:54 - 2017-07-02 08:48 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-02-10 22:42 - 2017-08-06 13:45 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2018-02-10 21:57 - 2017-07-01 14:25 - 000000000 ____D C:\Games
2018-02-10 21:38 - 2017-06-29 19:02 - 000000000 ____D C:\Users\david\AppData\Roaming\uTorrent
2018-02-10 16:52 - 2018-01-07 21:03 - 000005264 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LAPTOP-NKMN7808-david LAPTOP-NKMN7808
2018-02-10 15:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-10 15:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-10 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-09 15:28 - 2017-12-28 12:51 - 000004666 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-09 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-09 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-09 15:28 - 2017-06-29 18:07 - 000000000 ____D C:\Program Files\Opera
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 17:49 - 2017-07-01 14:30 - 000000000 ____D C:\Users\david\AppData\Roaming\vlc
2018-02-04 22:30 - 2017-06-29 19:02 - 000000999 _____ C:\Users\david\Desktop\µTorrent.lnk
2018-02-04 10:53 - 2017-12-28 12:28 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2018-02-03 11:39 - 2017-11-14 09:55 - 000000000 ____D C:\Users\david\Desktop\Nová složka (2)
2018-01-28 00:15 - 2017-12-29 21:32 - 000000000 ____D C:\Users\david\AppData\Local\PlaceholderTileLogoFolder
2018-01-27 15:11 - 2017-12-28 12:51 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2059283851-2947840002-3319665459-1001
2018-01-27 15:11 - 2017-06-29 15:55 - 000002395 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-26 00:32 - 2017-12-28 12:51 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1498756043
2018-01-25 21:12 - 2017-06-29 20:05 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 01:23 - 2017-06-29 18:37 - 000187704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-01-24 01:23 - 2017-06-29 18:37 - 000152976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-01-24 01:23 - 2017-06-29 15:40 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-24 01:23 - 2017-01-17 04:50 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-24 01:23 - 2017-01-17 00:37 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-23 23:57 - 2017-07-09 21:17 - 005950024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000633328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000082744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-22 06:46 - 2017-07-09 21:17 - 007947791 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-01-13 22:54 - 2017-06-29 16:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-13 22:44 - 2017-10-10 19:44 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-13 22:44 - 2017-06-29 16:49 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\david\Desktop" je 16430 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2018 02
Ran by david (administrator) on LAPTOP-NKMN7808 (11-02-2018 18:06:17)
Running from C:\Users\david\Desktop
Loaded Profiles: david (Available Profiles: david)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(Opera Software) C:\Program Files\Opera\50.0.2762.67\opera.exe
(forum.viry.cz) C:\Users\david\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\MountPoints2: {6b8a8a14-b76d-11e6-9d9a-806e6f6e6963} - "D:\autorun.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{02beaa11-2dfd-40b3-b3c2-6faff1e40937}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{99074bd5-a45e-4796-9ac4-9671c29f7bff}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2059283851-2947840002-3319665459-1001 -> DefaultScope {15FFE0B1-8382-4AD9-9C9B-2525969C3FD5} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-17] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-10] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-10] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-09] ()
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26592 2016-03-04] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-17] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-01-24] (NVIDIA Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI) [File not signed]
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-22] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-22] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [183896 2016-03-24] (ELAN Microelectronic Corp.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-09-13] (Acer Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_fa38828e445984f5\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30280 2018-01-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-09-13] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-22] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-22] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-11 18:05 - 2018-02-11 18:05 - 000038848 _____ C:\Users\david\Desktop\FRST3.txt
2018-02-11 18:02 - 2018-02-11 18:06 - 000014574 _____ C:\Users\david\Desktop\FRST.txt
2018-02-11 18:00 - 2018-02-11 18:06 - 000000000 ____D C:\FRST
2018-02-11 18:00 - 2018-02-11 18:00 - 002404864 _____ (Farbar) C:\Users\david\Desktop\FRST64.exe
2018-02-11 18:00 - 2018-02-11 18:00 - 000112640 _____ (forum.viry.cz) C:\Users\david\Desktop\FRSTLauncher.exe
2018-02-11 14:03 - 2018-02-11 14:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-11 12:56 - 2018-02-11 13:04 - 000000000 ____D C:\AdwCleaner
2018-02-11 12:54 - 2018-02-11 12:54 - 008222496 _____ (Malwarebytes) C:\Users\david\Desktop\adwcleaner_7.0.8.0.exe
2018-02-11 12:33 - 2018-02-11 12:33 - 001222144 _____ C:\Users\david\Downloads\RSITx64.exe
2018-02-11 12:33 - 2018-02-11 12:33 - 000000000 ____D C:\rsit
2018-02-11 12:33 - 2018-02-11 12:33 - 000000000 ____D C:\Program Files\trend micro
2018-02-11 12:29 - 2018-02-11 12:30 - 012259160 _____ (Microsoft Corporation) C:\Users\david\Downloads\MSEInstall.exe
2018-02-11 12:09 - 2018-02-11 12:10 - 021750910 _____ C:\Users\david\Downloads\WickedWhims 3.2.4.122e - 10 February 2018.zip
2018-02-10 23:16 - 2018-02-10 23:16 - 000000000 ____D C:\Users\david\ansel
2018-02-10 23:14 - 2018-02-10 23:14 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-10 23:14 - 2017-11-02 21:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-02-10 23:14 - 2017-11-02 21:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-02-10 23:14 - 2017-11-02 21:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-02-10 23:14 - 2017-11-02 21:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-02-10 23:12 - 2018-02-10 23:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-02-10 23:09 - 2018-01-24 01:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-02-10 23:09 - 2018-01-24 01:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-02-10 23:03 - 2018-02-10 23:03 - 000000000 ____D C:\NVIDIA
2018-02-10 23:02 - 2018-02-10 23:15 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:15 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:14 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:02 - 2018-02-10 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-10 23:02 - 2018-01-24 01:23 - 002424904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-02-10 23:02 - 2018-01-24 01:23 - 002090056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-02-10 23:02 - 2018-01-24 01:23 - 001309256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-02-10 23:01 - 2018-02-10 23:14 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-02-10 23:14 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-10 23:01 - 2018-01-24 01:23 - 000057928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-02-10 23:01 - 2018-01-24 01:23 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-02-10 22:57 - 2018-02-10 23:01 - 452923096 _____ (NVIDIA Corporation) C:\Users\david\Downloads\390.77-notebook-win10-64bit-international-whql.exe
2018-02-10 22:54 - 2018-02-10 22:55 - 084046192 _____ (NVIDIA Corporation) C:\Users\david\Downloads\GeForce_Experience_v3.12.0.84.exe
2018-02-10 22:51 - 2018-02-10 22:51 - 001861696 _____ (Oracle Corporation) C:\Users\david\Downloads\JavaSetup8u161.exe
2018-02-10 22:50 - 2018-02-10 22:50 - 004182688 _____ (Husdawg, LLC) C:\Users\david\Downloads\Detection.exe
2018-02-10 22:44 - 2018-02-10 22:44 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Electronic Arts
2018-02-10 22:42 - 2018-02-10 22:42 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-02-10 21:57 - 2018-02-10 21:57 - 000001571 _____ C:\Users\Public\Desktop\The Sims 4 x64.lnk
2018-02-10 21:57 - 2018-02-10 21:57 - 000001551 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2018-02-10 21:38 - 2018-02-04 17:01 - 000000000 ____D C:\Users\david\Desktop\The Sims 4 Tommy Full Repack CZ
2018-02-10 20:08 - 2018-02-10 21:30 - 3555720583 _____ C:\Users\david\Downloads\The Sims 4 Tommy Full Repack CZ.rar
2018-02-10 20:08 - 2018-02-10 20:08 - 000099360 _____ C:\Users\david\Downloads\[CzT]The_Sims_4_v_1_39_DLC_doplnky_2018_.torrent
2018-02-10 17:35 - 2018-02-10 17:39 - 000000000 ____D C:\Users\david\Downloads\Vražda v Orient expresu 2017 Cz dab
2018-02-10 17:33 - 2018-02-10 17:33 - 000014790 _____ C:\Users\david\Downloads\[CzT]Vrazda_v_Orient_expresu_Murder_on_the_Orient_Express_2017_CZ_.torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000020250 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_On_The_Train_2016_CZ_ (1).torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000017650 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_On_The_Train_2016_CZ_.torrent
2018-02-05 21:48 - 2018-02-05 21:48 - 000000000 ____D C:\Users\david\Downloads\The.Girl.on.the.Train.2016.BDRip.XviD.CZ
2018-02-05 21:43 - 2018-02-05 21:43 - 000043839 _____ C:\Users\david\Downloads\[CzT]Divka_ve_vlaku_The_Girl_on_the_Train_2016_CZ_EN_720pHD_.torrent
2018-02-05 21:41 - 2018-02-05 21:41 - 000034387 _____ C:\Users\david\Downloads\[CzT]Fakju_pane_uciteli_Fack_ju_Gohte_2013_CZ_DE_720pHD_.torrent
2018-02-05 21:41 - 2018-02-05 21:41 - 000018244 _____ C:\Users\david\Downloads\[CzT]Fakju_pane_uciteli_Fack_ju_Gohte_2013_CZ_.torrent
2018-02-05 21:24 - 2018-02-05 21:38 - 1911045812 _____ C:\Users\david\Downloads\Let číslo 93 (2006) CZ .avi
2018-02-05 21:24 - 2018-02-05 21:24 - 000018712 _____ C:\Users\david\Downloads\[CzT]Let_cislo_93_United_93_2006_CZ_.torrent
2018-02-05 17:49 - 2018-02-05 17:49 - 000466452 _____ C:\Users\david\Downloads\27731363_2031296717117749_4982644096129564672_n.mp4
2018-02-05 17:20 - 2018-02-05 17:20 - 000060974 _____ C:\Users\david\Downloads\obchodni-podminky.pdf
2018-02-05 16:22 - 2018-02-05 16:26 - 000000000 ____D C:\Users\david\Downloads\Deepwater.Horizon.2016.BRRip.XViD.AC3.CZ-S1LV3R
2018-02-05 16:22 - 2018-02-05 16:22 - 000013058 _____ C:\Users\david\Downloads\[CzT]Deepwater_Horizon_More_v_plamenech_Deepwater_Horizon_2016_CZ_.torrent
2018-02-05 16:21 - 2018-02-05 16:21 - 000032160 _____ C:\Users\david\Downloads\[CzT]Deepwater_Horizon_More_v_plamenech_Deepwater_Horizon_2016_CZ_EN_720pHD_.torrent
2018-02-04 23:20 - 2018-02-04 23:21 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Assassin's Creed Origins
2018-02-04 23:20 - 2018-02-04 23:20 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\CPY_SAVES
2018-02-04 23:18 - 2018-02-04 23:18 - 000001319 _____ C:\Users\Public\Desktop\Assassin's Creed Origins.lnk
2018-02-04 23:18 - 2018-02-04 23:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Origins
2018-02-04 22:27 - 2018-02-04 22:27 - 000040734 _____ C:\Users\david\Downloads\[CzT]Den_patriotu_Patriots_Day_2016_CZ_720pHD_ (1).torrent
2018-02-04 21:49 - 2018-02-04 23:19 - 000000000 ____D C:\Program Files (x86)\Assassin's Creed Origins
2018-02-04 11:18 - 2018-02-04 11:25 - 1406691328 _____ C:\Users\david\Downloads\The.Voices.2014.BDRip.XViD.CZ-S1LV3R.avi
2018-02-04 11:17 - 2018-02-04 11:17 - 000057753 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_EN_1080pHD_.torrent
2018-02-04 11:17 - 2018-02-04 11:17 - 000013904 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_.torrent
2018-02-04 11:15 - 2018-02-04 11:15 - 000025057 _____ C:\Users\david\Downloads\[CzT]Cesta_do_hlubin_magorovy_duse_The_Voices_2014_CZ_EN_720pHD_.torrent
2018-02-04 11:15 - 2018-02-04 11:15 - 000000000 ____D C:\Users\david\Downloads\The.Voices.2014.720p.BluRay.x264.AC3.CZ-Worm
2018-02-03 23:46 - 2018-02-04 20:06 - 3275061248 _____ C:\Users\david\Downloads\cpy-aco.iso
2018-02-03 17:53 - 2018-02-03 17:53 - 004510184 _____ C:\Users\david\Downloads\[CzT]Assassin_s_Creed_Origins_2017_CZ_.torrent
2018-02-03 17:37 - 2018-02-03 17:48 - 3559090737 _____ C:\Users\david\Downloads\The Sims 4 MEGA pack 2018.rar
2018-02-03 17:37 - 2018-02-03 17:37 - 000017452 _____ C:\Users\david\Downloads\[CzT]The_Sims_4_Mod_2018_.torrent
2018-02-03 16:36 - 2018-02-03 16:36 - 000602578 _____ C:\Users\david\Downloads\stahování.html
2018-02-03 12:20 - 2018-02-03 20:31 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-03 08:30 - 2018-02-03 10:38 - 392918270 _____ C:\Users\david\Downloads\XStoryPl 3.5.rar
2018-01-27 15:30 - 2018-01-27 15:30 - 000149756 _____ C:\Users\david\Downloads\Unemployment.pdf
2018-01-27 15:17 - 2018-02-04 20:39 - 000000000 ____D C:\Users\david\Desktop\skola
2018-01-27 15:11 - 2018-01-27 15:11 - 000000000 ___HD C:\OneDriveTemp
2018-01-25 22:19 - 2018-01-25 23:38 - 4143132382 _____ C:\Users\david\Downloads\Den patriotů Patriots Day (2016)(CZ)[720pHD].mkv
2018-01-25 22:18 - 2018-01-25 22:18 - 000040734 _____ C:\Users\david\Downloads\[CzT]Den_patriotu_Patriots_Day_2016_CZ_720pHD_.torrent
2018-01-25 21:34 - 2018-01-25 21:34 - 000141093 _____ C:\Users\david\Downloads\HotAndMean.18.01.25.Evelin.Stone.And.Sloan.Harper.Youll.Never.Be.Cool.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-23 12:47 - 2018-01-23 12:47 - 000111855 _____ C:\Users\david\Downloads\8thStreetLatinas.18.01.17.Gina.Valentina.And.Victoria.June.Hooker.On.The.Run.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-22 21:32 - 2018-01-22 21:36 - 000000000 ____D C:\Users\david\Downloads\Thor.Ragnarok.2017
2018-01-22 21:12 - 2018-01-22 21:12 - 000000000 ____D C:\Users\david\Downloads\Hráči se smrtí (1990)
2018-01-21 22:18 - 2018-01-21 22:18 - 000042570 _____ C:\Users\david\Downloads\4231-_quiksta_mc_ifx2_tm_61656.fmf
2018-01-21 22:13 - 2018-01-21 22:13 - 000042254 _____ C:\Users\david\Downloads\Luoni 2.fmf
2018-01-21 21:03 - 2018-01-21 21:03 - 000000000 ____D C:\Users\david\OneDrive\Dokumenty\Vlastní šablony Office
2018-01-21 20:37 - 2018-01-21 20:37 - 000000000 _____ C:\Users\david\Desktop\~WRL0002.tmp
2018-01-21 15:56 - 2018-01-21 16:37 - 000000000 ____D C:\Users\david\Downloads\Jigsaw.2017.NORDiC.1080p.BluRay.x264-COALiTiON
2018-01-21 15:54 - 2018-01-21 20:29 - 464924205 _____ C:\Users\david\Downloads\Hráči.se.smrtí-flatliners-2017.1080p.DTS.EN.AC3.5.1.CZ.mkv
2018-01-21 15:53 - 2018-01-21 16:06 - 1317470208 _____ C:\Users\david\Downloads\Vymítání Molly Hartleyové 2015 Cz dab..avi
2018-01-21 15:50 - 2018-01-22 22:02 - 000000000 ____D C:\Users\david\Downloads\Thor.Ragnarok.2017.1080p.WEB-DL.DD5.1.H264-FGT
2018-01-17 07:29 - 2018-01-17 07:29 - 000088371 _____ C:\Users\david\Downloads\Spizoo.17.09.18.Arya.Fae.Blake.Morgan.And.Saya.Song.Arya.Fae.Is.Your.Stripper.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-17 07:24 - 2018-01-17 07:22 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-01-17 07:14 - 2018-01-17 07:14 - 000095730 _____ C:\Users\david\Downloads\HotAndMean.18.01.17.Luna.Lain.And.Raven.Hart.Good.Taste.XXX.1080p.MP4-KTR-[rarbg.to].torrent
2018-01-17 06:54 - 2018-01-17 06:54 - 000000000 ____D C:\Users\david\AppData\LocalLow\Oracle
2018-01-14 18:22 - 2018-01-14 18:22 - 000112245 _____ C:\Users\david\Downloads\HotAndMean.18.01.09.Ariella.Ferrera.And.Reagan.Foxx.Harder.Faster.MILFier.XXX.1080p.MP4-KTR-[rarbg.to].torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-11 17:59 - 2017-12-28 12:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-11 15:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-11 15:28 - 2016-12-01 03:29 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-11 15:26 - 2017-06-29 15:55 - 000000000 ___RD C:\Users\david\OneDrive
2018-02-11 14:41 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-11 14:08 - 2017-10-29 13:20 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-11 14:06 - 2017-12-28 12:51 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck
2018-02-11 14:05 - 2017-12-28 12:27 - 000000000 ____D C:\Users\david
2018-02-11 14:05 - 2017-06-29 15:50 - 000000000 __SHD C:\Users\david\IntelGraphicsProfiles
2018-02-11 14:03 - 2017-12-28 12:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-11 12:58 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-11 11:49 - 2017-06-29 15:52 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA Corporation
2018-02-10 23:20 - 2017-06-29 18:37 - 000000000 ____D C:\Users\david\AppData\Local\CrashDumps
2018-02-10 23:18 - 2017-12-28 12:45 - 001927310 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-10 23:18 - 2017-09-30 15:31 - 000830072 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-10 23:18 - 2017-09-30 15:31 - 000173820 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-10 23:16 - 2017-07-09 21:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-10 23:14 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-10 23:14 - 2017-07-09 21:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-10 23:14 - 2017-07-03 18:18 - 000000000 ____D C:\Users\david\AppData\Roaming\NVIDIA
2018-02-10 23:14 - 2016-12-01 03:29 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-10 23:04 - 2017-06-29 15:51 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA
2018-02-10 22:56 - 2017-07-02 08:49 - 000000000 ____D C:\Program Files\Java
2018-02-10 22:56 - 2017-07-02 08:48 - 000000000 ____D C:\ProgramData\Oracle
2018-02-10 22:56 - 2017-07-02 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-02-10 22:55 - 2017-07-02 08:48 - 000000000 ____D C:\Program Files (x86)\Java
2018-02-10 22:54 - 2017-07-02 08:48 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-02-10 22:42 - 2017-08-06 13:45 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2018-02-10 21:57 - 2017-07-01 14:25 - 000000000 ____D C:\Games
2018-02-10 21:38 - 2017-06-29 19:02 - 000000000 ____D C:\Users\david\AppData\Roaming\uTorrent
2018-02-10 16:52 - 2018-01-07 21:03 - 000005264 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LAPTOP-NKMN7808-david LAPTOP-NKMN7808
2018-02-10 15:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-10 15:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-10 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-09 15:28 - 2017-12-28 12:51 - 000004666 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-09 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-09 15:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-09 15:28 - 2017-06-29 18:07 - 000000000 ____D C:\Program Files\Opera
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 17:49 - 2017-07-01 14:30 - 000000000 ____D C:\Users\david\AppData\Roaming\vlc
2018-02-04 22:30 - 2017-06-29 19:02 - 000000999 _____ C:\Users\david\Desktop\µTorrent.lnk
2018-02-04 10:53 - 2017-12-28 12:28 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2018-02-03 11:39 - 2017-11-14 09:55 - 000000000 ____D C:\Users\david\Desktop\Nová složka (2)
2018-01-28 00:15 - 2017-12-29 21:32 - 000000000 ____D C:\Users\david\AppData\Local\PlaceholderTileLogoFolder
2018-01-27 15:11 - 2017-12-28 12:51 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2059283851-2947840002-3319665459-1001
2018-01-27 15:11 - 2017-06-29 15:55 - 000002395 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-26 00:32 - 2017-12-28 12:51 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1498756043
2018-01-25 21:12 - 2017-06-29 20:05 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 01:23 - 2017-06-29 18:37 - 000187704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-01-24 01:23 - 2017-06-29 18:37 - 000152976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-01-24 01:23 - 2017-06-29 15:40 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-24 01:23 - 2017-01-17 04:50 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-24 01:23 - 2017-01-17 00:37 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-23 23:57 - 2017-07-09 21:17 - 005950024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000633328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-23 23:57 - 2017-07-09 21:17 - 000082744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-22 06:46 - 2017-07-09 21:17 - 007947791 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-01-13 22:54 - 2017-06-29 16:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-13 22:44 - 2017-10-10 19:44 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-13 22:44 - 2017-06-29 16:49 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-10 16:50
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:258.84 GB) NTFS
Drive d: (FS17PE) (CDROM) (Total:6.54 GB) (Free:0 GB) UDF
\\?\Volume{fb8b54ae-6c2e-401e-ae5e-9978ab06641a}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
\\?\Volume{6bc73e67-53e6-4c91-b80a-60f732357fbc}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS
Available physical RAM: 5285.26 MB
Total physical RAM: 8060.22 MB
Percentage of memory in use: 34%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: 46B6C0FA)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\david\Desktop" je 16431 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (11.95 KiB) Staženo 92 x
-
Rudy
- Site Admin
- Příspěvky: 119429
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 100% využití disku - antimalware service executable
Otevřte poznámkový blok a zkopírujte do něj:
Z logu:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
C:\Program Files\KMSpico
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\MountPoints2: {6b8a8a14-b76d-11e6-9d9a-806e6f6e6963} - "D:\autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> No File
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => -> No File
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {1248A2CF-28FE-4DA6-B66A-B0CDB26F2AAF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
EmptyTemp:
End
Z logu:
To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\david novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.Velikost slozky "C:\Users\david\Desktop" je 16431 MB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: 100% využití disku - antimalware service executable
On noťas běží víceméně v pohodě, jen prostě stále běží ten Antimalware Service Executable a žere disk na 100% a to i po tom fixu co jsme spolu teď zkusili 
Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2018 02
Ran by david (11-02-2018 20:09:16) Run:1
Running from C:\Users\david\Desktop
Loaded Profiles: david (Available Profiles: david)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
C:\Program Files\KMSpico
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\MountPoints2: {6b8a8a14-b76d-11e6-9d9a-806e6f6e6963} - "D:\autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> No File
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => -> No File
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {1248A2CF-28FE-4DA6-B66A-B0CDB26F2AAF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Program Files\KMSpico => moved successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key could not remove, key could be protected
"HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b8a8a14-b76d-11e6-9d9a-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{6b8a8a14-b76d-11e6-9d9a-806e6f6e6963} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ ACloudSynced" => removed successfully
HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ ACloudSyncing" => removed successfully
HKLM\Software\Classes\CLSID\{C1E1456F-C2D8-4C96-870D-35F1E13941EE} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ ACloudToBeSynced" => removed successfully
HKLM\Software\Classes\CLSID\{307523FA-DDC0-4068-983F-2A6B34627744} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1248A2CF-28FE-4DA6-B66A-B0CDB26F2AAF} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1248A2CF-28FE-4DA6-B66A-B0CDB26F2AAF} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove key. ErrorCode1: 0x00000001
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43595363 B
Java, Flash, Steam htmlcache => 18413887 B
Windows/system/drivers => 50755481 B
Edge => 976696 B
Chrome => 0 B
Firefox => 0 B
Opera => 252117336 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 101186 B
NetworkService => 129843122 B
david => 50588937 B
RecycleBin => 30700456975 B
EmptyTemp: => 29.1 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-02-2018 20:13:25)
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key could not remove, key could be protected
==== End of Fixlog 20:13:25 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2018 02
Ran by david (11-02-2018 20:09:16) Run:1
Running from C:\Users\david\Desktop
Loaded Profiles: david (Available Profiles: david)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
C:\Program Files\KMSpico
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\...\MountPoints2: {6b8a8a14-b76d-11e6-9d9a-806e6f6e6963} - "D:\autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> No File
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => -> No File
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {1248A2CF-28FE-4DA6-B66A-B0CDB26F2AAF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Program Files\KMSpico => moved successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key could not remove, key could be protected
"HKU\S-1-5-21-2059283851-2947840002-3319665459-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b8a8a14-b76d-11e6-9d9a-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{6b8a8a14-b76d-11e6-9d9a-806e6f6e6963} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ ACloudSynced" => removed successfully
HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ ACloudSyncing" => removed successfully
HKLM\Software\Classes\CLSID\{C1E1456F-C2D8-4C96-870D-35F1E13941EE} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ ACloudToBeSynced" => removed successfully
HKLM\Software\Classes\CLSID\{307523FA-DDC0-4068-983F-2A6B34627744} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1248A2CF-28FE-4DA6-B66A-B0CDB26F2AAF} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1248A2CF-28FE-4DA6-B66A-B0CDB26F2AAF} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove key. ErrorCode1: 0x00000001
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43595363 B
Java, Flash, Steam htmlcache => 18413887 B
Windows/system/drivers => 50755481 B
Edge => 976696 B
Chrome => 0 B
Firefox => 0 B
Opera => 252117336 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 101186 B
NetworkService => 129843122 B
david => 50588937 B
RecycleBin => 30700456975 B
EmptyTemp: => 29.1 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 11-02-2018 20:13:25)
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key could not remove, key could be protected
==== End of Fixlog 20:13:25 ====
-
Rudy
- Site Admin
- Příspěvky: 119429
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 100% využití disku - antimalware service executable
Nemáte naplánovanou kontrolu pomocí antiviru MSSE? Pokud ano, vypněte ji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: 100% využití disku - antimalware service executable
Koukal jsem do plánovače úloh a nic co by se týkalo Defenderu tam naplánováno není..
-
Rudy
- Site Admin
- Příspěvky: 119429
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 100% využití disku - antimalware service executable
OK. Zkuste jednu z těchto možností: https://translate.google.cz/translate?h ... rev=search .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?