PC sa vypina, prehrieva

[puma27]

Dobry den, toto forum mi odporucil moj syn s tym, ze vy dokazete najst v probleme podstatu a aj pomoct k jeho vyrieseniu.
Mojim problemom je to, ze sa mi notebook zacal strasne prehrievat, je horuci (tak ako aj adapter, no prehrieva sa aj bez neho), a mimovolne sa vypina, pravdepobodne v dosledku prehrievania, co mi Windows potom dava na vedomie upozornenim.
Nedavno mi bol moj povodny Windows 8.1 aktualizovany na Windows 10, neviem, ci by toto mohlo nejakym sposobom zatazovat moj notebook.

Tu prikladam log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Renka at 2016-06-30 15:11:23
Microsoft Windows 10 Home
System drive C: has 1357 GB (96%) free of 1407 GB
Total RAM: 7365 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:11:29, on 30/06/2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Renka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Renka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT14/2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT14/2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Renka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @oem8.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe
O23 - Service: McAfee Boot Delay Start Service (mcbootdelaystartsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13611 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\Hpservice.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel

"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
dashost.exe {af573ee0-993d-4996-9853425be7303299}
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPSP
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
/QuitInfo:0000000000000DF0;0000000000000C8C;
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
/loadhooks /Parent:000000000000283c
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Renka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe"
"C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe"
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" /byrunkey
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=51.0.2704.103 --handshake-handle=0x1bc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DefaultBrowserInfobar/Default/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/SuggestFeatureAblation_Control_R1/*OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PreRead/Default/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_43/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=C261D3851A4DC088603DB97CDBCBE783 --lang=en-US --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="10540.1.690238862\1485536854" --mojo-platform-channel-handle=2432 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DefaultBrowserInfobar/Default/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/SuggestFeatureAblation_Control_R1/*OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PreRead/Default/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_43/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=10A41D450627504BD41EF2987DAC54E3 --lang=en-US --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-gpu-compositing --channel="10540.6.1982997724\597814563" --mojo-platform-channel-handle=2800 /prefetch:1
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DefaultBrowserInfobar/Default/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/SuggestFeatureAblation_Control_R1/*OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PreRead/Default/*QUIC/EnabledNoId/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_43/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --type=gpu-process --channel="10540.14.1174430851\1919088360" --disable-d3d11 --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\Renka\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159" --gpu-driver-bug-workarounds=4,10,13,25,54 --gpu-vendor-id=0x1002 --gpu-device-id=0x990f --gpu-driver-vendor=Microsoft --gpu-driver-version=10.0.10586.0 --mojo-platform-channel-handle=5224 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DefaultBrowserInfobar/Default/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/SuggestFeatureAblation_Control_R1/*OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PreRead/Default/*QUIC/EnabledNoId/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_43/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=E6355271667BE7513674885F5A641C08 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-gpu-compositing --channel="10540.17.381351298\1462163537" --mojo-platform-channel-handle=5956 /prefetch:1

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe48_ Global\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 628 632 640 8192 636
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey B25D0FE0-D533-9FA0-13C1-D0513867E3A5 -Reinvoke
"C:\Users\Renka\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForRenka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForRenka (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25 2111616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-04 585568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25 1637504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-03-10 7546072]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-06-04 2818800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-05-17 53123712]
"OneDrive"=C:\Users\Renka\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-06-15 554184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-04-25 537992]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2014-06-06 506680]
"DriveUtilitiesHelper"=C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2014-05-23 1852264]
"WD Drive Unlocker"=C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [2014-05-23 1694048]
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2014-07-22 5562736]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-06-30 15:11:23 ----D---- C:\rsit
2016-06-30 15:11:23 ----D---- C:\Program Files\trend micro
2016-06-19 13:48:39 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-06-16 19:18:28 ----D---- C:\WINDOWS\system32\SleepStudy
2016-06-15 23:12:00 ----SHD---- C:\Recovery
2016-06-15 23:11:52 ----DC---- C:\WINDOWS\Panther
2016-06-15 23:06:37 ----D---- C:\Windows.old
2016-06-15 23:03:42 ----D---- C:\Program Files\Reference Assemblies
2016-06-15 23:03:42 ----D---- C:\Program Files\MSBuild
2016-06-15 23:03:42 ----D---- C:\Program Files (x86)\Reference Assemblies
2016-06-15 23:03:42 ----D---- C:\Program Files (x86)\MSBuild
2016-06-15 23:03:42 ----D---- C:\inetpub
2016-06-15 23:02:52 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2016-06-15 23:02:52 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2016-06-15 23:02:52 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-06-15 23:02:48 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2016-06-15 23:02:48 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-06-15 23:02:48 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-06-15 22:31:39 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2016-06-15 22:17:48 ----SD---- C:\Users\Renka\AppData\Roaming\Microsoft
2016-06-15 22:17:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-15 22:17:06 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2016-06-15 22:14:30 ----D---- C:\WINDOWS\system32\SRSLabs
2016-06-15 22:14:26 ----D---- C:\Program Files\Realtek
2016-06-15 22:14:25 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2016-06-15 22:13:59 ----D---- C:\Program Files\Synaptics
2016-06-15 22:13:30 ----D---- C:\WINDOWS\Prefetch
2016-06-15 21:20:54 ----HD---- C:\$WINDOWS.~BT
2016-06-15 21:16:20 ----D---- C:\ESD
2016-06-15 20:58:29 ----HD---- C:\$Windows.~WS

======List of files/folders modified in the last 1 month======

2016-06-30 15:11:23 ----RD---- C:\Program Files
2016-06-30 15:11:04 ----D---- C:\Users\Renka\AppData\Roaming\Skype
2016-06-30 14:57:31 ----D---- C:\WINDOWS\Temp
2016-06-30 14:37:20 ----D---- C:\WINDOWS\system32\sru
2016-06-28 19:43:42 ----D---- C:\WINDOWS\Microsoft.NET
2016-06-27 16:06:16 ----D---- C:\WINDOWS\System32
2016-06-27 16:06:16 ----D---- C:\WINDOWS\INF
2016-06-27 16:01:37 ----D---- C:\WINDOWS\SysWOW64
2016-06-27 06:08:07 ----D---- C:\WINDOWS\system32\Tasks
2016-06-27 06:08:06 ----D---- C:\WINDOWS\Tasks
2016-06-25 18:25:49 ----D---- C:\WINDOWS\LiveKernelReports
2016-06-25 11:41:32 ----D---- C:\WINDOWS\system32\config
2016-06-25 10:37:13 ----D---- C:\WINDOWS\system32\drivers
2016-06-24 20:23:23 ----D---- C:\WINDOWS\WinSxS
2016-06-23 06:12:12 ----D---- C:\WINDOWS\CbsTemp
2016-06-17 21:27:04 ----D---- C:\WINDOWS\Logs
2016-06-17 20:58:48 ----RSD---- C:\WINDOWS\assembly
2016-06-16 22:22:50 ----D---- C:\WINDOWS\AppReadiness
2016-06-16 20:52:09 ----HD---- C:\Program Files\WindowsApps
2016-06-16 06:04:46 ----D---- C:\WINDOWS\system32\LogFiles
2016-06-16 06:04:12 ----D---- C:\WINDOWS\appcompat
2016-06-16 06:02:48 ----D---- C:\WINDOWS\system32\WDI
2016-06-15 23:05:40 ----SD---- C:\WINDOWS\system32\Microsoft
2016-06-15 23:04:31 ----D---- C:\WINDOWS\system32\DriverStore
2016-06-15 23:03:43 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-06-15 23:03:43 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2016-06-15 23:03:43 ----D---- C:\WINDOWS\system32\inetsrv
2016-06-15 23:03:35 ----A---- C:\WINDOWS\system32\wamregps.dll
2016-06-15 23:03:35 ----A---- C:\WINDOWS\system32\iisRtl.dll
2016-06-15 23:03:35 ----A---- C:\WINDOWS\system32\iisrstap.dll
2016-06-15 23:03:35 ----A---- C:\WINDOWS\system32\iisreset.exe
2016-06-15 23:03:35 ----A---- C:\WINDOWS\system32\ahadmin.dll
2016-06-15 23:03:35 ----A---- C:\WINDOWS\system32\admwprox.dll
2016-06-15 23:03:33 ----A---- C:\WINDOWS\SYSWOW64\wamregps.dll
2016-06-15 23:03:33 ----A---- C:\WINDOWS\SYSWOW64\iisRtl.dll
2016-06-15 23:03:33 ----A---- C:\WINDOWS\SYSWOW64\iisrstap.dll
2016-06-15 23:03:33 ----A---- C:\WINDOWS\SYSWOW64\iisreset.exe
2016-06-15 23:03:33 ----A---- C:\WINDOWS\SYSWOW64\ahadmin.dll
2016-06-15 23:03:33 ----A---- C:\WINDOWS\SYSWOW64\admwprox.dll
2016-06-15 22:50:02 ----SHD---- C:\System Volume Information
2016-06-15 22:49:33 ----SD---- C:\ProgramData\Microsoft
2016-06-15 22:41:01 ----D---- C:\WINDOWS\rescache
2016-06-15 22:39:23 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-06-15 22:39:11 ----D---- C:\WINDOWS\debug
2016-06-15 22:39:07 ----D---- C:\WINDOWS\SoftwareDistribution
2016-06-15 22:36:11 ----D---- C:\WINDOWS\Registration
2016-06-15 22:30:52 ----D---- C:\WINDOWS\system32\drivers\etc
2016-06-15 22:25:10 ----D---- C:\WINDOWS\system32\NDF
2016-06-15 22:25:10 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-06-15 22:25:08 ----RSD---- C:\WINDOWS\Fonts
2016-06-15 22:25:08 ----HD---- C:\WINDOWS\Installer
2016-06-15 22:25:08 ----D---- C:\Windows
2016-06-15 22:25:07 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-06-15 22:25:07 ----AD---- C:\Program Files (x86)\ATI Technologies
2016-06-15 22:21:37 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2016-06-15 22:21:37 ----D---- C:\WINDOWS\SYSWOW64\zh-HK
2016-06-15 22:21:37 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\sda
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2016-06-15 22:21:36 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2016-06-15 22:21:35 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2016-06-15 22:21:35 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2016-06-15 22:21:34 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-06-15 22:21:33 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2016-06-15 22:21:33 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-06-15 22:21:33 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2016-06-15 22:21:33 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2016-06-15 22:21:33 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-06-15 22:21:33 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2016-06-15 22:21:33 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2016-06-15 22:21:33 ----AD---- C:\WINDOWS\SYSWOW64\Adobe
2016-06-15 22:21:30 ----D---- C:\WINDOWS\system32\zh-TW
2016-06-15 22:21:29 ----D---- C:\WINDOWS\system32\zh-HK
2016-06-15 22:21:29 ----D---- C:\WINDOWS\system32\zh-CN
2016-06-15 22:21:28 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-06-15 22:21:28 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-06-15 22:21:28 ----D---- C:\WINDOWS\system32\uk-UA
2016-06-15 22:21:28 ----D---- C:\WINDOWS\system32\tr-TR
2016-06-15 22:21:28 ----D---- C:\WINDOWS\system32\th-TH
2016-06-15 22:21:28 ----D---- C:\WINDOWS\system32\sv-SE
2016-06-15 22:21:28 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2016-06-15 22:21:26 ----D---- C:\WINDOWS\system32\sl-SI
2016-06-15 22:21:26 ----D---- C:\WINDOWS\system32\slmgr
2016-06-15 22:21:26 ----D---- C:\WINDOWS\system32\sk-SK
2016-06-15 22:21:26 ----D---- C:\WINDOWS\system32\ru-RU
2016-06-15 22:21:26 ----D---- C:\WINDOWS\system32\ro-RO
2016-06-15 22:21:26 ----D---- C:\WINDOWS\system32\pt-PT
2016-06-15 22:21:26 ----D---- C:\WINDOWS\system32\pt-BR
2016-06-15 22:21:26 ----D---- C:\WINDOWS\system32\pl-PL
2016-06-15 22:21:26 ----D---- C:\WINDOWS\system32\oobe
2016-06-15 22:21:24 ----D---- C:\WINDOWS\system32\nl-NL
2016-06-15 22:21:24 ----D---- C:\WINDOWS\system32\nb-NO
2016-06-15 22:21:24 ----D---- C:\WINDOWS\system32\migration
2016-06-15 22:21:24 ----D---- C:\WINDOWS\system32\lv-LV
2016-06-15 22:21:24 ----D---- C:\WINDOWS\system32\lt-LT
2016-06-15 22:21:24 ----D---- C:\WINDOWS\system32\ko-KR
2016-06-15 22:21:24 ----D---- C:\WINDOWS\system32\ja-JP
2016-06-15 22:21:24 ----D---- C:\WINDOWS\system32\it-IT
2016-06-15 22:21:24 ----D---- C:\WINDOWS\system32\InputMethod
2016-06-15 22:21:23 ----D---- C:\WINDOWS\system32\hu-HU
2016-06-15 22:21:23 ----D---- C:\WINDOWS\system32\hr-HR
2016-06-15 22:21:23 ----D---- C:\WINDOWS\system32\he-IL
2016-06-15 22:21:23 ----D---- C:\WINDOWS\system32\fr-FR
2016-06-15 22:21:23 ----D---- C:\WINDOWS\system32\fi-FI
2016-06-15 22:21:23 ----D---- C:\WINDOWS\system32\et-EE
2016-06-15 22:21:23 ----D---- C:\WINDOWS\system32\es-ES
2016-06-15 22:21:23 ----D---- C:\WINDOWS\system32\en-US
2016-06-15 22:21:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-06-15 22:21:22 ----D---- C:\WINDOWS\system32\el-GR
2016-06-15 22:21:21 ----D---- C:\WINDOWS\system32\de-DE
2016-06-15 22:21:21 ----D---- C:\WINDOWS\system32\da-DK
2016-06-15 22:21:21 ----D---- C:\WINDOWS\system32\cs-CZ
2016-06-15 22:20:22 ----D---- C:\WINDOWS\system32\bg-BG
2016-06-15 22:20:22 ----D---- C:\WINDOWS\system32\ar-SA
2016-06-15 22:20:18 ----D---- C:\WINDOWS\MediaViewer
2016-06-15 22:20:12 ----D---- C:\WINDOWS\InputMethod
2016-06-15 22:20:08 ----HD---- C:\WINDOWS\ELAMBKUP
2016-06-15 22:20:08 ----D---- C:\WINDOWS\ADFS
2016-06-15 22:20:06 ----RD---- C:\Users
2016-06-15 22:20:06 ----HD---- C:\ProgramData
2016-06-15 22:20:01 ----RD---- C:\Program Files (x86)
2016-06-15 22:20:01 ----D---- C:\Program Files (x86)\Windows Mail
2016-06-15 22:20:00 ----AD---- C:\Program Files (x86)\Hewlett-Packard
2016-06-15 22:19:59 ----D---- C:\Program Files (x86)\Common Files
2016-06-15 22:19:58 ----D---- C:\Program Files (x86)\AMD AVT
2016-06-15 22:19:57 ----D---- C:\Program Files\Windows Mail
2016-06-15 22:19:57 ----D---- C:\Program Files\Common Files\microsoft shared
2016-06-15 22:19:57 ----D---- C:\Program Files\Common Files
2016-06-15 22:19:56 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-06-15 22:19:56 ----D---- C:\Program Files\AMD
2016-06-15 22:19:37 ----D---- C:\WINDOWS\system32\Recovery
2016-06-15 22:16:41 ----D---- C:\WINDOWS\system32\Sysprep
2016-06-15 22:13:50 ----D---- C:\WINDOWS\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;@oem8.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2013-07-23 30520]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-11-04 59648]
R2 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2014-06-20 181704]
R2 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2014-06-20 313544]
R2 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2014-06-20 786296]
R2 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys [2014-06-20 348552]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 Accelerometer;@oem8.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2013-07-23 43320]
R3 AtiHDAudioService;@oem13.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2013-12-20 222720]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2016-04-27 84992]
R3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2014-06-20 72128]
R3 clwvd;@oem2.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\WINDOWS\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-03-12 3891800]
R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2014-06-20 523792]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2014-08-20 445512]
R3 RSP2STOR;@oem12.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2014-01-04 291544]
R3 RTL8168;@oem5.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2013-12-18 839896]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2015-10-30 3445248]
R3 SmbDrv;SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [2014-06-04 30448]
R3 SynTP;@oem6.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-06-04 546032]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2014-06-20 70600]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2015-10-30 165376]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-04-27 112640]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2016-04-27 245760]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2016-04-27 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-04-27 117248]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2014-08-20 96592]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-04-27 176640]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2014-06-04 31472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-06 344064]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-05 88064]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-05-25 1364096]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-05-25 1687680]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2014-01-13 92160]
R2 hpsrv;@oem8.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2013-07-23 43320]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-04-26 28552]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2014-06-06 475960]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2014-04-25 178528]
R2 mcbootdelaystartsvc;McAfee Boot Delay Start Service; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-08-20 1041192]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-06-20 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2014-06-20 189912]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 OneSyncSvc_28db4ea;Sync Host_28db4ea; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2014-06-04 191728]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-05-19 1129760]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_28db4ea;Contact Data_28db4ea; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_436ca;Sync Host_436ca; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4ea4d;Sync Host_4ea4d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_501f1;Sync Host_501f1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_b7ad2;Sync Host_b7ad2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_dadcec4;Sync Host_dadcec4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 McAWFwk;McAfee Activation Service; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [2013-07-29 334608]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [2016-03-11 293128]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2014-10-08 603424]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_28db4ea;MessagingService_28db4ea; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_436ca;MessagingService_436ca; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4ea4d;MessagingService_4ea4d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_501f1;MessagingService_501f1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_b7ad2;MessagingService_b7ad2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_dadcec4;MessagingService_dadcec4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_436ca;Contact Data_436ca; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4ea4d;Contact Data_4ea4d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_501f1;Contact Data_501f1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_b7ad2;Contact Data_b7ad2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_dadcec4;Contact Data_dadcec4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2013-07-30 328928]

-----------------EOF-----------------

[Rudy]

Zdravím!
Zkusíme to vyčistit, problém ale může způsobovat ucpaný chladič, nebo chladicí kanál prachem, příp. nevhodné položení NB na měkký podklad, který ucpe nasávací otvor. Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[puma27]

Akym sposobom sa to da riesit v pripade upchatia? Notebook je horuci uz po chvili pouzivania

# AdwCleaner v5.201 - Logfile created 30/06/2016 at 21:44:14
# Updated 30/06/2016 by ToolsLib
# Database : 2016-06-30.2 [Server]
# Operating system : Windows 10 Home (X64)
# Username : Renka - RENATKA
# Running from : C:\Users\Renka\Desktop\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1100 bytes] - [30/06/2016 21:44:14]
C:\AdwCleaner\AdwCleaner[S1].txt - [1144 bytes] - [30/06/2016 21:41:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1246 bytes] ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[puma27]

Nevedela som stiahnut FRST Launcher - neviem vypnut firewall, akoby to nefungovalo
Tak som urobila log bez neho spustenim FRST (dufam, ze to nie je velka chyba)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Renka (administrator) on RENATKA (08-07-2016 22:01:56)
Running from C:\Users\Renka\Desktop
Loaded Profiles: Renka (Available Profiles: Renka)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-04] (Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-06] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKU\S-1-5-21-3610466750-4172107846-2339034740-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{1c4bf1cb-c2a4-4c53-bdfa-7d8f1caf4c1d}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{5dbdfcab-70f0-4f67-ae26-036c8ced1e0a}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/2
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/2
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/2
HKU\S-1-5-21-3610466750-4172107846-2339034740-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/2
HKU\S-1-5-21-3610466750-4172107846-2339034740-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/2
SearchScopes: HKLM-x32 -> {1E0026ED-4253-4C9C-8649-44EC22FCBD56} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3610466750-4172107846-2339034740-1002 -> {1E0026ED-4253-4C9C-8649-44EC22FCBD56} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-04-25] (McAfee, Inc.)

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-01-18] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-06]
CHR Extension: (Skype) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Renka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-06] (Hewlett-Packard Development Company, L.P.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe [293128 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-10-08] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-04] (Synaptics Incorporated)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-06-04] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-06-04] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-08 22:01 - 2016-07-08 22:02 - 00020219 _____ C:\Users\Renka\Desktop\FRST.txt
2016-07-08 22:01 - 2016-07-08 22:01 - 00000000 ____D C:\FRST
2016-07-02 17:41 - 2016-07-02 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-07-02 14:03 - 2016-07-08 22:01 - 02390016 _____ (Farbar) C:\Users\Renka\Desktop\FRST64.exe
2016-06-30 21:41 - 2016-06-30 21:44 - 00000000 ____D C:\AdwCleaner
2016-06-30 21:40 - 2016-06-30 21:40 - 03712064 _____ C:\Users\Renka\Desktop\adwcleaner_5.201.exe
2016-06-30 15:11 - 2016-06-30 15:11 - 00000000 ____D C:\rsit
2016-06-30 15:11 - 2016-06-30 15:11 - 00000000 ____D C:\Program Files\trend micro
2016-06-30 15:09 - 2016-06-30 15:11 - 01222144 _____ C:\Users\Renka\Desktop\RSITx64.exe
2016-06-20 18:05 - 2016-06-20 18:05 - 00000000 ____D C:\Users\Renka\AppData\Local\MicrosoftEdge
2016-06-19 13:48 - 2016-06-15 21:40 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-16 19:18 - 2016-06-16 19:18 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-06-15 23:11 - 2016-06-15 22:49 - 00000000 ___DC C:\WINDOWS\Panther
2016-06-15 23:06 - 2016-06-15 23:06 - 00000000 ____D C:\Windows.old
2016-06-15 23:05 - 2016-06-15 23:05 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-06-15 23:03 - 2016-06-15 23:03 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-06-15 23:03 - 2016-06-15 23:03 - 00000000 ____D C:\Program Files\MSBuild
2016-06-15 23:03 - 2016-06-15 23:03 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-06-15 23:03 - 2016-06-15 23:03 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-06-15 23:03 - 2016-06-15 23:03 - 00000000 ____D C:\inetpub
2016-06-15 23:02 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-06-15 23:02 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-06-15 23:02 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-06-15 23:02 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-06-15 23:02 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-06-15 23:02 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-06-15 22:53 - 2016-06-15 22:54 - 00002412 _____ C:\Users\Renka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-06-15 22:53 - 2016-06-15 22:54 - 00000000 ___RD C:\Users\Renka\OneDrive
2016-06-15 22:51 - 2016-06-15 22:51 - 00000000 ____D C:\Users\Renka\AppData\Local\ActiveSync
2016-06-15 22:50 - 2016-06-15 22:50 - 00000000 ____D C:\Users\Renka\AppData\Local\Publishers
2016-06-15 22:49 - 2016-06-15 22:50 - 00000000 ____D C:\Users\Renka\AppData\Local\Comms
2016-06-15 22:49 - 2016-06-15 22:49 - 00000020 ___SH C:\Users\Renka\ntuser.ini
2016-06-15 22:49 - 2016-06-15 22:49 - 00000000 ____D C:\Users\Renka\AppData\Local\TileDataLayer
2016-06-15 22:31 - 2016-06-15 22:31 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-06-15 22:23 - 2016-06-15 22:23 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-06-15 22:23 - 2016-06-15 22:23 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2016-06-15 22:23 - 2016-06-15 22:23 - 00000000 ____D C:\Users\Default\Documents\hp.applications.package.appdata
2016-06-15 22:23 - 2016-06-15 22:23 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2016-06-15 22:23 - 2016-06-15 22:23 - 00000000 ____D C:\Users\Default User\Documents\hp.applications.package.appdata
2016-06-15 22:19 - 2016-06-15 22:19 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-06-15 22:17 - 2016-07-04 07:30 - 00000000 ____D C:\Users\Renka
2016-06-15 22:17 - 2016-07-02 17:46 - 00972168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-15 22:17 - 2016-06-15 22:17 - 00929278 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-06-15 22:14 - 2016-06-15 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2016-06-15 22:14 - 2016-06-15 22:14 - 00005680 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2016-06-15 22:14 - 2016-06-15 22:14 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-06-15 22:14 - 2016-06-15 22:14 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2016-06-15 22:14 - 2016-06-15 22:14 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-06-15 22:14 - 2016-06-15 22:14 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-06-15 22:14 - 2016-06-15 22:14 - 00000000 ____D C:\Program Files\Realtek
2016-06-15 22:13 - 2016-06-15 22:13 - 00000000 ____D C:\Program Files\Synaptics
2016-06-15 21:20 - 2016-06-15 22:38 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-06-15 21:20 - 2016-06-15 22:38 - 00009528 _____ C:\WINDOWS\diagerr.xml
2016-06-15 21:20 - 2016-06-15 21:49 - 00000000 ___HD C:\$WINDOWS.~BT
2016-06-15 21:16 - 2016-06-15 21:16 - 00000000 ____D C:\ESD
2016-06-15 20:58 - 2016-06-15 20:58 - 00000000 ___HD C:\$Windows.~WS
2016-06-15 20:57 - 2016-06-15 20:58 - 18447464 _____ (Microsoft Corporation) C:\Users\Renka\Downloads\MediaCreationTool.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-08 22:01 - 2015-01-17 20:19 - 00000000 ____D C:\Users\Renka\AppData\Roaming\Skype
2016-07-08 21:58 - 2015-01-17 19:51 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-08 21:50 - 2014-07-11 01:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-07-08 21:44 - 2015-01-17 19:50 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9E64B784-B97C-4B2B-9C04-4821AB95664A}
2016-07-08 21:42 - 2015-01-17 19:47 - 00000000 ____D C:\Users\Renka\Documents\Youcam
2016-07-06 03:41 - 2015-01-20 05:39 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2016-07-06 03:40 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-06 03:39 - 2016-04-27 06:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-06 03:39 - 2016-04-03 10:48 - 00000348 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRenka.job
2016-07-04 18:43 - 2016-04-03 10:48 - 00003240 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForRenka
2016-07-02 17:46 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-02 17:41 - 2016-02-28 09:26 - 00002016 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-07-02 17:41 - 2016-02-27 21:23 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-06-30 21:44 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-25 18:25 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-06-25 11:19 - 2015-01-31 19:32 - 00000000 ____D C:\Users\Renka\AppData\Local\ElevatedDiagnostics
2016-06-23 06:12 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-18 09:03 - 2015-01-17 19:52 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 22:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-16 20:52 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-16 06:14 - 2015-01-17 19:45 - 00000000 ____D C:\Users\Renka\AppData\Local\Packages
2016-06-16 06:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-06-15 23:11 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-06-15 23:03 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-06-15 23:03 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-06-15 23:03 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-06-15 23:03 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-06-15 23:03 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-06-15 23:03 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-06-15 23:03 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-06-15 23:03 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-06-15 23:03 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-06-15 23:03 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-06-15 23:03 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-06-15 23:03 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-06-15 23:03 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-06-15 23:03 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-06-15 22:49 - 2016-04-27 06:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-15 22:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-15 22:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-06-15 22:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2016-06-15 22:31 - 2016-02-22 12:57 - 00002764 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-06-15 22:31 - 2015-01-17 19:51 - 00003290 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-15 22:31 - 2015-01-17 19:51 - 00003062 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-15 22:31 - 2015-01-17 19:50 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3610466750-4172107846-2339034740-1002
2016-06-15 22:31 - 2014-10-28 17:30 - 00002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3610466750-4172107846-2339034740-500
2016-06-15 22:31 - 2014-10-28 15:54 - 00002346 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2016-06-15 22:30 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-06-15 22:25 - 2016-04-26 22:30 - 00222264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-15 22:25 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-15 22:25 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-15 22:25 - 2014-10-28 15:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-15 22:25 - 2014-10-28 15:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2016-06-15 22:25 - 2014-10-28 15:35 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-06-15 22:25 - 2014-07-11 01:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-06-15 22:25 - 2014-07-11 01:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-06-15 22:23 - 2013-08-22 14:36 - 00000000 ____D C:\Users\Default.migrated
2016-06-15 22:21 - 2016-04-27 06:09 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-06-15 22:21 - 2016-04-27 06:09 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-06-15 22:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-06-15 22:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-06-15 22:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-06-15 22:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-06-15 22:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-06-15 22:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-06-15 22:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-06-15 22:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-06-15 22:21 - 2014-10-28 15:39 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-06-15 22:21 - 2014-07-11 01:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2016-06-15 22:21 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-06-15 22:21 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-06-15 22:20 - 2015-12-22 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-15 22:20 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-06-15 22:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-06-15 22:20 - 2015-01-17 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2016-06-15 22:20 - 2014-07-11 01:21 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-06-15 22:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-06-15 22:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-06-15 22:19 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-15 22:19 - 2014-10-28 15:36 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-06-15 22:19 - 2014-10-28 15:36 - 00000000 ____D C:\Program Files\AMD
2016-06-15 22:19 - 2014-10-28 15:36 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2016-06-15 22:16 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-06-15 21:55 - 2014-10-28 15:44 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin

==================== Files in the root of some directories =======

2016-01-18 22:12 - 2016-01-18 22:12 - 0000000 _____ () C:\Users\Renka\AppData\Local\{DBEDEFE9-9BA1-4E7B-B94B-88A809D4EA47}

Some files in TEMP:
====================
C:\Users\Renka\AppData\Local\Temp\libeay32.dll
C:\Users\Renka\AppData\Local\Temp\msvcr120.dll
C:\Users\Renka\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-01 19:57

==================== End of FRST.txt ============================

[puma27]

Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by Renka (2016-07-08 22:03:21)
Running from C:\Users\Renka\Desktop
Windows 10 Home Version 1511 (X64) (2016-06-15 21:49:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3610466750-4172107846-2339034740-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3610466750-4172107846-2339034740-503 - Limited - Disabled)
Guest (S-1-5-21-3610466750-4172107846-2339034740-501 - Limited - Disabled)
Renka (S-1-5-21-3610466750-4172107846-2339034740-1002 - Administrator - Enabled) => C:\Users\Renka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{0B448829-3672-18EA-4117-C1240D4CF140}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5307 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.1.5307 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3018 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.1.3018 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4119 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{9D7BFF2A-F810-4E35-BE2C-A6CB4B9202DB}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.4.18.7 - HP)
HP System Event Utility (HKLM-x32\...\{2E88735F-0A9A-45B5-8B10-8330862343C5}) (Version: 1.1.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{E8F2076D-1885-4A0F-83D8-77B1F9D384CE}) (Version: 2.5.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.334.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.10 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.13 - Synaptics Incorporated)
WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{919ADA61-13BF-43C4-A2DD-8BA49A244FC8}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6BB4E4E8-17B9-4534-8A8E-89E53F12769C}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3610466750-4172107846-2339034740-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Renka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {24F855DF-6B73-42F9-BD36-24E8ED988ACA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {536E4467-2387-405C-B574-BAC11AEE2E8B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {5475D42E-A4E6-48D3-ACE9-BFD902766CA3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {769CBBD9-F2C0-4394-9146-2F9CC4D24906} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {816F7D87-04AA-4BA4-B821-F1475A877D47} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {A318EAC7-55B9-44ED-BB2D-4B8FD3CC692A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {AE51B8CD-718A-4AF7-B7AC-237907EEC328} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
Task: {AE51CB16-2A20-4A2B-B462-20CB01C41943} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {BFFF5D3A-C934-459D-AEEE-861AB56D1BF9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-12-18] (Hewlett-Packard)
Task: {C4463EC2-D03B-4684-B3EB-17D24B8E7118} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2014-01-13] (Hewlett-Packard Company)
Task: {E88393A2-3C16-42DF-8587-CD5467FBE541} - System32\Tasks\HPCeeScheduleForRenka => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRenka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-03-28 13:31 - 2014-03-28 13:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-28 15:41 - 2014-03-05 19:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-04-06 23:38 - 2014-04-06 23:38 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-10-28 16:12 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-27 06:12 - 2016-04-27 06:12 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-27 06:12 - 2016-04-27 06:12 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-15 22:54 - 2016-06-15 22:54 - 00959168 _____ () C:\Users\Renka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-27 06:12 - 2016-04-27 06:12 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-27 06:12 - 2016-04-27 06:12 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-27 06:12 - 2016-04-27 06:12 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-27 06:12 - 2016-04-27 06:12 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-27 06:12 - 2016-04-27 06:12 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-27 06:12 - 2016-04-27 06:12 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-03-28 13:36 - 2014-03-28 13:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2016-04-27 06:24 - 2016-04-27 06:24 - 00044032 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-15 22:53 - 2016-06-15 22:53 - 00679624 _____ () C:\Users\Renka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-04-27 06:24 - 2016-04-27 06:24 - 00151040 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-27 06:24 - 2016-04-27 06:24 - 18818048 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-06-16 06:24 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Renka\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2016-06-16 06:24 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Renka\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2016-07-02 17:41 - 00000859 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3610466750-4172107846-2339034740-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Renka\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{5ea32568-4199-4578-be21-ed09f5575289}.JPG
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C67C5C35-610D-4749-8DE6-73F23D60AF08}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3E394204-4E43-4746-BDE5-DFA18B48C492}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8731A86D-7F44-4C8E-8261-ADE8172967C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7701728-7468-464F-B706-5E0B0F24B195}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{59B022E5-971D-45DB-AD21-0B4918939CAA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6C475CCC-1A88-4B74-A29E-3701D82427D8}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1F1D7471-686C-4686-8CA3-32390587A809}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{CD76FC96-A3E8-455E-909C-6A7E21D45058}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C0FD53FC-2976-4B71-A2E0-79AEC9AA6447}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{143E967A-C023-4668-9128-AB7D2C4931F8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{6501445D-20D6-4E12-A5BF-89F531B411F1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{0A40C561-71CD-4F8C-8E7A-E216F7DACA30}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{1CC30BE2-549B-4ED5-8CD3-3077BF86F4D1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{A36042AD-BD60-402D-B11F-2D543A703FE0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{AD3154B7-8899-4D33-A4B1-BDEA4BBBCB0A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{809E9D89-BAFB-43D5-AED1-EBFA64E9FE35}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{47D1106C-14F4-4830-8748-D18C32222466}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DD7F64C8-AEFD-416E-80C3-F393D97194A5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9B90275A-7D0D-4931-88FB-CDDEAAA20871}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EB1ADD9B-7861-4F95-96D0-DCE051F7E4C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2E135E4C-8EF3-4FD1-BE4E-74532A6987C3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2016 05:56:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Renatka)
Description: Activation of application Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/06/2016 05:56:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7589938

Error: (07/06/2016 05:56:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7589938

Error: (07/06/2016 05:56:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/06/2016 05:56:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7587031

Error: (07/06/2016 05:56:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7587031

Error: (07/06/2016 05:56:04 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/06/2016 05:55:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7580344

Error: (07/06/2016 05:55:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7580344

Error: (07/06/2016 05:55:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/08/2016 09:43:54 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (07/08/2016 07:36:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_1a6c31d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/08/2016 07:36:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_1a6c31d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/08/2016 07:36:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_1a6c31d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/08/2016 07:36:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_1a6c31d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/08/2016 07:36:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/08/2016 06:16:15 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (07/07/2016 07:21:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_a6ac47 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/07/2016 07:21:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_a6ac47 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (07/07/2016 07:21:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_a6ac47 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.


CodeIntegrity:
===================================
Date: 2016-06-23 06:13:32.720
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-15 22:31:48.395
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-15 22:29:10.048
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-06-15 22:13:47.949
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 31%
Total physical RAM: 7364.91 MB
Available physical RAM: 5025.55 MB
Total Virtual: 8516.91 MB
Available Virtual: 6167.01 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1373.83 GB) (Free:1324.69 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.63 GB) (Free:2.43 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 4A1D15F0)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe (McAfee, Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Renka\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[puma27]

Bola som s notebookom v servise a pan predavac mi povedal, ze za kontrolu pc sa plati 15 libier, a aj tak zisti najpravdepodobnejsie to, ze to je chyba grafickej karty, ze ta sposobuje problem prehrievania pri HP notebookoch najcastejsie a v tom pripade musi vymenit celu dosku a to si mam radsej kupit novy notebook..
Notebook nie je taky stary, som teraz v obavach, ze to boli zbytocne vyhodene peniaze
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by Renka (2016-07-15 07:40:40) Run:1
Running from C:\Users\Renka\Desktop
Loaded Profiles: Renka (Available Profiles: Renka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-07-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe (McAfee, Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Renka\AppData\Local\Temp
End
*****************

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.334\SSScheduler.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus => moved successfully
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => not found.
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

"C:\Users\Renka\AppData\Local\Temp" folder move:

Could not move "C:\Users\Renka\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-07-15 07:43:00)

C:\Users\Renka\AppData\Local\Temp => moved successfully

==== End of Fixlog 07:43:12 ====



[Rudy]

Smazáno. Pravděpodobně se asi mnoho nezměnilo, podle toho co píšete. V případě, že je opravdu vadná grafike se deska skutečně musí vyměnit, neboť grafika je její fyzickou součástí. Nespadl vám někdy systém do modré smrti?

[puma27]

Myslim, ze nespadol, maximalne mavam upozornenia o vysokej teplote ked sa mi laptop vypne
Co odporucate? Asi je teda jedinou moznostou dat pc do opravy.. Nemoze byt problemom len zapraseny notebook?

[Rudy]

Jednou z možností, proč se NB přehžívá, může být zanesený chladič, či chladicí kanál prachem. K tomu, aby bylo možné zjistit příčinu, přehřívání, je třeba NB rozebrat. Pokud si na to netroufáte sám, musíte navštívit servis.