Notebook se najednou zpomalil :(

[krysarr]

Notebook mám teprve rok, nemůže být ještě tak opotřebovaný, aby se už se zpomaloval.

Pokud najdete v logu nějaké programy, které jsou nainstalované od výrobce a automaticky se spouštějí, ač jsou k ničemu, rád se jich zbavím. Nedokážu totiž úplně rozeznat, co je nezbytné (funkční klávesy, zvuk apod.) a co je balast.
Např. už jsem měl několikrát problém s jakýmsi HP Audio Control, které způsobovalo, že při přehrávání hudby se neustále automaticky sama upravovala hlasitost a nešlo se toho zbavit.

Při zpomalení je plně vytížená RAM - mám 8GB, ale hardware (asi grafika) si bere 5GB.
----------
Logfile of random's system information tool 1.10 (written by random/random)
Run by fbart at 2017-12-01 17:20:12
Microsoft Windows 10 Home
System drive C: has 57 GB (48%) free of 119 GB
Total RAM: 2960 MB (8% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:20:17, on 01/12/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
D:\Software\Esmska-1.9-portable\esmska-1.9\jre\launch4j-tmp\esmska-portable.exe
C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXITREADER.EXE
C:\Program Files\trend micro\fbart.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HRTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: PDF Architect 4 Helper - {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\HP\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [HPRadioMgr] C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [O2CZ] "C:\Program Files (x86)\O2\O2CZ\EMMSN.exe" -systray
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\fbart\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
O4 - Global Startup: HP JumpStart Launch.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Unknown owner - C:\WINDOWS\system32\IntelCpHDCPSvc.exe (file missing)
O23 - Service: CxMonSvc - Conexant Systems, Inc - C:\WINDOWS\CxSvc\CxMonSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\WINDOWS\CxSvc\CxUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DigitalPersona Authentication Service (DpHost) - Crossmatch, Inc. - c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe
O23 - Service: @oem37.inf,%fpCSEvtService_SvcDesc%;fpCSEvtSvc (fpCsEvtSvc) - Unknown owner - C:\WINDOWS\system32\fpCSEvtSvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP Hotkey Service - HP - C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett Packard Enterprise Company - c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - HP - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @oem97.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HP Touchpoint Analytics (HPTouchpointAnalyticsService) - HP Inc. - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem34.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LAN/WLAN Switching Service (LanWlanSwitchingService) - HP - C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Conexant UIU Service (UIUService) - Unknown owner - C:\WINDOWS\system32\UIUSrv.exe (file missing)
O23 - Service: @oem37.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14945 bytes

======Listing Processes======









C:\WINDOWS\system32\svchost.exe -k DcomLaunch
winlogon.exe
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0b3212e4-1692-4b43-be7e-c1e581ccbf4c -SystemEventPortName:HostProcess-67eb2c29-c946-4dba-9a75-8924f85cd4ae -IoCancelEventPortName:HostProcess-6ae17d31-964a-4c45-8be5-4f1243498f3e -NonStateChangingEventPortName:HostProcess-582cffa8-e468-4c75-8eb4-12d4a4c58f83 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9f9f83a8-dddf-4e5e-9397-167fce4c8889 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
dashost.exe {f986a813-9eda-427d-a1b75a540fec195f}
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\WLANExt.exe 1749136422416
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\WINDOWS\System32\spoolsv.exe
"C:\WINDOWS\CxSvc\CxMonSvc.exe"
C:\WINDOWS\system32\IntelCpHDCPSvc.exe
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\WINDOWS\CxSvc\CxUtilSvc.exe"
"c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\fpCSEvtSvc.exe
C:\WINDOWS\system32\ibtsiva
"C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe"
"C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe" -service
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"

C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"

C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe"
C:\Windows\System32\MicTray64.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\WINDOWS\system32\igfxEM.exe"
"C:\Program Files\Conexant\SA3\HP-NB-AIO\SmartAudio3.exe" /sa3 /nv:3.0+ /uid:HP-NB-AIO /s /dne
"c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe" -m
"C:\Program Files (x86)\HP\Shared\hpqwmiex.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\HP\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe"
"C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Lingea\Lexicon5\Lexicon.exe"
"C:\totalcmd\TOTALCMD64.EXE"
C:\WINDOWS\splwow64.exe 8192
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\HPCommRecovery\HPCommRecovery.exe"
"c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE" "D:\ENGLISH\students\students files\CAE 2017\CAE Tue 2017.doc"
"C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen d:\ENGLISH\TOOLS\Reading and singing\jokes\2017-11-27 banana skin.jpg
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
"C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE" "D:\ENGLISH\students\TESTS\A-VINCE TESTS.xls"
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "D:\Video\Fry and Larrie\video\A Bit of Fry and Laurie S01E02.avi"
"CnxtNotify.exe" /appid:"Audio Controls" /plug:"0" /language:"en-US" /caption:"Information" /message:"You just unplugged a device from the audio jack"
"C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE" "D:\ENGLISH\students\HFE TESTS.xls"
"C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE" "D:\ENGLISH\students\THE ONE RING.xls"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"D:\Software\Esmska-1.9-portable\esmska-1.9\jre\launch4j-tmp\esmska-portable.exe" -jar "D:\Software\Esmska-1.9-portable\esmska-1.9\esmska.jar" -c config
"C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE" "D:\ENGLISH\students\SMS 2013-2016.xls"
"C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE" "D:\ENGLISH\students\holy timetable2.xls"
taskhostw.exe
"C:\WINDOWS\system32\mspaint.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer

"C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe"
"C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXITREADER.EXE" "D:\ENG-no backup\Simplified Books\DEUTSCH\Frankenstein.pdf"
"C:\WINDOWS\system32\taskmgr.exe" /4
"C:\WINDOWS\System32\perfmon.exe" /res
"C:\WINDOWS\system32\SystemPropertiesProtection.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /uac
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="247768.0.1163322716\1152644824" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\fbart\AppData\LocalLow\Mozilla\Temp-{ffb63717-c4e7-4c15-8e04-a20ba1ebb0dd}" 247768 "\\.\pipe\gecko-crash-server-pipe.247768" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="247768.3.119726926\880313097" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|159:4;high|194:38;{ffb63717-c4e7-4c15-8e04-a20ba1ebb0dd}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 247768 "\\.\pipe\gecko-crash-server-pipe.247768" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="247768.13.1183198526\1463172660" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|159:4;high|194:38;{ffb63717-c4e7-4c15-8e04-a20ba1ebb0dd}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 247768 "\\.\pipe\gecko-crash-server-pipe.247768" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="247768.20.2120708514\140402193" -childID 3 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|159:4;high|194:38;{ffb63717-c4e7-4c15-8e04-a20ba1ebb0dd}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 247768 "\\.\pipe\gecko-crash-server-pipe.247768" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="247768.27.541848292\471448986" -childID 4 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|159:4;high|194:38;{ffb63717-c4e7-4c15-8e04-a20ba1ebb0dd}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 247768 "\\.\pipe\gecko-crash-server-pipe.247768" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="247768.34.573354219\99136446" -childID 5 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|159:4;high|194:38;{ffb63717-c4e7-4c15-8e04-a20ba1ebb0dd}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 247768 "\\.\pipe\gecko-crash-server-pipe.247768" tab
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="247768.41.1940273160\1985221297" "C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 247768 "\\.\pipe\gecko-crash-server-pipe.247768" plugin
C:\WINDOWS\system32\AUDIODG.EXE 0x714
"D:\SOFTWARE\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\HPCeeScheduleForfbart.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForfbart (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default

"pdf_architect_4_conv@pdfarchitect.org"=C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension\


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDF Architect 4]
"Description"=
"Path"=C:\Program Files (x86)\PDF Architect 4\np-previewer.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-04 440712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8}]
PDF Architect 4 Helper - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-04 416320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - PDF Architect 4 Toolbar - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05 547040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-30 1794936]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2016-06-30 71168]
"COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-08-29 1489088]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-11-20 253344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\fbart\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-11-07 1685704]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-10-06 27832264]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\HP\HP 3D DriveGuard\AccelerometerST.exe [2016-07-25 129016]
"HPRadioMgr"=C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [2016-04-14 268896]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2015-12-16 110008]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2015-12-16 500152]
"O2CZ"=C:\Program Files (x86)\O2\O2CZ\EMMSN.exe [2009-11-30 4050632]
"IseUI"=C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [2017-08-08 3632848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP JumpStart Launch.lnk - c:\windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-12-01 17:20:12 ----D---- C:\rsit
2017-12-01 17:20:12 ----D---- C:\Program Files\trend micro
2017-11-28 15:50:19 ----D---- C:\ProgramData\SWCUTemp
2017-11-23 08:45:49 ----D---- C:\WINDOWS\Minidump
2017-11-20 16:35:38 ----A---- C:\WINDOWS\system32\drivers\aswArPot.sys
2017-11-20 16:35:31 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-11-19 20:47:08 ----ASH---- C:\pagefile.sys
2017-11-08 15:15:31 ----D---- C:\Users\fbart\AppData\Roaming\NVIDIA
2017-11-08 15:14:57 ----AD---- C:\Program Files (x86)\Movavi Slideshow Maker 3
2017-11-08 15:14:47 ----D---- C:\ProgramData\Movavi Slideshow Maker 3
2017-11-08 15:08:44 ----D---- C:\Users\fbart\AppData\Roaming\Amazing
2017-11-08 15:08:29 ----D---- C:\Program Files (x86)\Amazing
2017-11-07 15:25:13 ----D---- C:\Program Files (x86)\Media Freeware
2017-11-07 15:24:26 ----D---- C:\Users\fbart\AppData\Roaming\Media Freeware
2017-11-07 12:44:01 ----A---- C:\WINDOWS\system32\MicTray64.exe
2017-11-07 12:43:17 ----A---- C:\WINDOWS\system32\SETB0D9.tmp
2017-11-07 12:43:16 ----A---- C:\WINDOWS\system32\drivers\SETAE9E.tmp
2017-11-07 12:42:44 ----D---- C:\ProgramData\SoundResearch
2017-11-07 12:40:40 ----D---- C:\WINDOWS\pss
2017-11-07 12:40:29 ----D---- C:\WINDOWS\UCI
2017-11-07 12:39:47 ----A---- C:\WINDOWS\system32\drivers\CxSfPt.dat
2017-11-07 12:09:01 ----HD---- C:\$SysReset
2017-11-07 11:55:53 ----D---- C:\SWSetup
2017-11-07 11:17:16 ----D---- C:\SWSetup-old2
2017-11-07 10:08:08 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-07 10:07:07 ----D---- C:\Program Files\Common Files\Intel
2017-11-07 10:05:12 ----A---- C:\WINDOWS\system32\drivers\SET270D.tmp
2017-11-07 10:04:57 ----A---- C:\WINDOWS\system32\SETEE1D.tmp
2017-11-07 10:04:57 ----A---- C:\WINDOWS\system32\SETEDBD.tmp
2017-11-07 10:04:55 ----A---- C:\WINDOWS\system32\SETE479.tmp
2017-11-07 10:04:55 ----A---- C:\WINDOWS\system32\SETE448.tmp
2017-11-07 10:04:55 ----A---- C:\WINDOWS\system32\drivers\SETE3B7.tmp
2017-11-07 10:04:33 ----A---- C:\WINDOWS\system32\drivers\SET8F2E.tmp
2017-11-07 09:56:10 ----A---- C:\WINDOWS\system32\drivers\SETE4A7.tmp
2017-11-03 17:05:26 ----A---- C:\WINDOWS\system32\drivers\SET5F69.tmp
2017-11-03 17:05:26 ----A---- C:\WINDOWS\system32\drivers\SET5F68.tmp
2017-11-03 17:05:25 ----A---- C:\WINDOWS\system32\drivers\SET5F46.tmp
2017-11-03 16:35:08 ----A---- C:\WINDOWS\system32\drivers\SETC868.tmp

======List of files/folders modified in the last 1 month======

2017-12-01 17:20:12 ----RD---- C:\Program Files
2017-12-01 17:20:08 ----D---- C:\WINDOWS\Temp
2017-12-01 17:16:06 ----D---- C:\WINDOWS\system32\SleepStudy
2017-12-01 17:09:17 ----DC---- C:\WINDOWS\Panther
2017-12-01 17:09:17 ----D---- C:\WINDOWS\ModemLogs
2017-12-01 17:09:17 ----D---- C:\WINDOWS\LiveKernelReports
2017-12-01 17:09:17 ----D---- C:\WINDOWS\INF
2017-12-01 17:09:17 ----D---- C:\WINDOWS\debug
2017-12-01 17:09:17 ----D---- C:\Windows
2017-12-01 17:06:01 ----D---- C:\WINDOWS\system32\sru
2017-12-01 17:02:54 ----D---- C:\Users\fbart\AppData\Roaming\Skype
2017-12-01 17:01:28 ----D---- C:\WINDOWS\Prefetch
2017-12-01 16:06:46 ----D---- C:\WINDOWS\System32
2017-12-01 16:06:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-01 16:06:12 ----HD---- C:\Program Files\WindowsApps
2017-12-01 16:06:12 ----D---- C:\WINDOWS\AppReadiness
2017-12-01 09:48:15 ----D---- C:\ProgramData\Foxit Software
2017-11-30 15:37:00 ----D---- C:\WINDOWS\system32\NDF
2017-11-30 11:38:20 ----RD---- C:\WINDOWS\Microsoft.NET
2017-11-30 09:29:36 ----D---- C:\WINDOWS\Tasks
2017-11-30 09:29:36 ----D---- C:\WINDOWS\system32\Tasks
2017-11-30 09:29:13 ----SHDC---- C:\WINDOWS\Installer
2017-11-30 09:29:13 ----SHD---- C:\Config.Msi
2017-11-30 09:29:12 ----D---- C:\Program Files (x86)\Intel
2017-11-30 09:29:06 ----D---- C:\ProgramData\Package Cache
2017-11-30 09:28:59 ----D---- C:\Program Files (x86)\Common Files
2017-11-30 09:28:58 ----D---- C:\Program Files\Intel
2017-11-30 09:28:57 ----D---- C:\ProgramData\Intel
2017-11-30 09:28:35 ----D---- C:\WINDOWS\system32\DriverStore
2017-11-30 09:28:35 ----D---- C:\WINDOWS\system32\CatRoot
2017-11-30 09:28:33 ----D---- C:\WINDOWS\system32\drivers
2017-11-30 09:28:32 ----D---- C:\WINDOWS\system32\catroot2
2017-11-30 09:28:29 ----D---- C:\WINDOWS\SYSWOW64\drivers
2017-11-30 09:03:08 ----D---- C:\WINDOWS\system32\config
2017-11-30 08:56:08 ----SHD---- C:\System Volume Information
2017-11-28 15:51:27 ----D---- C:\WINDOWS\system32\WDI
2017-11-28 15:50:19 ----HD---- C:\ProgramData
2017-11-28 15:49:42 ----D---- C:\ProgramData\Synaptics
2017-11-28 10:41:12 ----D---- C:\Users\fbart\AppData\Roaming\vlc
2017-11-26 18:08:31 ----D---- C:\WINDOWS\system32\FxsTmp
2017-11-24 16:00:28 ----AD---- C:\Program Files\Opera
2017-11-24 15:57:52 ----D---- C:\WINDOWS\WinSxS
2017-11-23 08:45:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-20 19:20:46 ----D---- C:\My PDF
2017-11-19 21:09:19 ----D---- C:\WINDOWS\system32\Macromed
2017-11-19 21:09:16 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-11-19 20:48:00 ----D---- C:\Users\fbart\AppData\Roaming\Mozilla
2017-11-19 20:47:58 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-11-15 19:33:28 ----D---- C:\ProgramData\HP
2017-11-15 19:33:25 ----AD---- C:\Program Files\HP
2017-11-14 12:39:31 ----D---- C:\ProgramData\Skype
2017-11-13 21:48:22 ----RD---- C:\Program Files (x86)
2017-11-07 12:45:41 ----D---- C:\WINDOWS\SysWOW64
2017-11-07 12:45:00 ----D---- C:\WINDOWS\CxSvc
2017-11-07 12:44:44 ----A---- C:\WINDOWS\SYSWOW64\RebootPrompt.exe
2017-11-07 12:43:51 ----D---- C:\ProgramData\Conexant
2017-11-07 12:41:03 ----D---- C:\WINDOWS\system32\restore
2017-11-07 12:40:33 ----D---- C:\Program Files\CONEXANT
2017-11-07 11:54:28 ----AD---- C:\ProgramData\Ashampoo
2017-11-07 11:36:49 ----D---- C:\WINDOWS\Logs
2017-11-07 10:17:17 ----D---- C:\WINDOWS\CbsTemp
2017-11-07 10:17:07 ----D---- C:\WINDOWS\system32\MRT
2017-11-07 10:08:06 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-11-07 10:08:01 ----D---- C:\Intel
2017-11-07 10:07:07 ----D---- C:\Program Files\Common Files
2017-11-03 17:04:34 ----AD---- C:\SWSETUP-old

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-11-20 198968]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-11-20 343288]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-11-20 57728]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-11-20 84416]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-11-20 364464]
R0 hpdskflt;@oem97.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2016-10-12 42312]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-07-01 791560]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2017-11-20 183584]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-11-20 321032]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-09-05 41832]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-11-20 110376]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-11-20 1026232]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-11-20 455376]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2015-06-08 100624]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2017-08-09 40968]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2017-08-09 827864]
R1 cmdhlp;COMODO Internet Security Helper Driver; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2017-08-09 50808]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\system32\DRIVERS\inspect.sys [2017-08-09 132904]
R1 isedrv;Internet Security Essentials; C:\WINDOWS\system32\drivers\isedrv.sys [2017-03-29 62208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-11-20 148288]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-11-20 203976]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R3 Accelerometer;@oem97.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2016-10-12 56128]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-03-18 105472]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-03-18 96768]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-03-18 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 CnxtHdAudService;@oem66.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [2017-05-14 1651704]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2011-01-30 86016]
R3 ibtusb;@oem34.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-04-13 244744]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-08-12 10528752]
R3 IntcAudioBus;@oem0.inf,%IntcAudioBus.SVCDESC%;Sběrnice technologie Intel(R) Smart Sound; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [2017-02-22 238176]
R3 IntcDAud;@oem49.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-08-12 806376]
R3 MEIx64;@oem10.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-10-17 206496]
R3 Netwtw04;@oem103.inf,%NIC_Service_DispName_WINT_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [2017-07-13 7643648]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-07-03 13624256]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-03-18 180736]
R3 rt640x64;@oem9.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-06-20 937728]
R3 RTSPER;@oem31.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2016-05-20 777944]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 aswHdsKe;aswHdsKe; \??\C:\WINDOWS\system32\drivers\aswHdsKe.sys [2017-10-27 105128]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-11-20 47008]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2017-06-12 980992]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-03-18 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 DAMDrv;DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [2016-08-11 76432]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ewusbmbb;@oem69.inf,%qcwwan.Service.DispName%;HUAWEI USB-WWAN miniport; C:\WINDOWS\System32\drivers\ewusbwwan.sys [2010-12-23 421376]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 Huawei;@oem47.inf,%Huawei.DeviceDesc%;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2010-10-08 32768]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2010-12-24 221312]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2016-12-29 114304]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 IntcOED;@oem12.inf,%IntcOED.SVCDESC%;Technologie Intel(R) Smart Sound OED; C:\WINDOWS\System32\drivers\IntcOED.sys [2017-05-19 751160]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 RTSUER;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-05-18 416472]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-11-20 281416]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_68a84;Uživatelská služba platformy připojených zařízení_68a84; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-10-12 7923888]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2017-08-29 10501616]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [2016-08-12 459248]
R2 CxMonSvc;CxMonSvc; C:\WINDOWS\CxSvc\CxMonSvc.exe [2017-08-29 34928]
R2 CxUtilSvc;CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [2017-08-29 149104]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DpHost;DigitalPersona Authentication Service; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [2016-07-19 527296]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2017-07-03 641704]
R2 FoxitReaderService;Foxit Reader Service; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [2017-10-29 1659456]
R2 fpCsEvtSvc;@oem37.inf,%fpCSEvtService_SvcDesc%;fpCSEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [2017-03-16 22528]
R2 HP Comm Recover;HP Comm Recovery; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [2016-06-02 892928]
R2 HP Hotkey Service;HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [2016-12-22 969536]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [2016-08-09 20376]
R2 HPJumpStartBridge;HP JumpStart Bridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [2016-06-02 459800]
R2 hpsrv;@oem97.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2016-10-12 38728]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-09-27 323952]
R2 HPTouchpointAnalyticsService;HP Touchpoint Analytics; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [2017-11-22 332216]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2016-06-30 17992]
R2 ibtsiva;@oem34.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-08-12 324592]
R2 isesrv;isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [2017-08-08 133840]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2017-10-23 213648]
R2 LanWlanSwitchingService;LAN/WLAN Switching Service; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [2016-12-22 602616]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2017-10-23 419984]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-06-29 1362880]
R2 OneSyncSvc_68a84;Hostitel synchronizace_68a84; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2017-07-03 158376]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-06-12 335808]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-11-20 7549928]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-08-12 284144]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
R3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-12-22 1083200]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_68a84;Data kontaktů_68a84; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-31 153752]
S2 Intel(R) TPM Provisioning Service;Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [2017-09-21 668472]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 MessagingService_68a84;Služba zasílání zpráv_68a84; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-18 52920]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2017-08-29 2876096]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_68a84;Tok zařízení_68a84; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2016-08-11 567888]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-31 153752]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-10-19 1102560]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2017-09-21 742704]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-19 194000]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2017-07-03 269480]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S4 PDF Architect 4 CrashHandler;PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [2016-12-29 1038048]
S4 PDF Architect 4 Creator;PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [2016-12-29 851168]
S4 PDF Architect 4;PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2016-12-29 2438880]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[krysarr]

# AdwCleaner 7.0.5.0 - Logfile created on Fri Dec 01 20:40:20 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [3081 B] - [2017/12/1 20:28:47]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

[Rudy]

Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

[krysarr]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2017
Ran by fbart (administrator) on DESKTOP-1NAN9QR (01-12-2017 22:31:05)
Running from C:\Users\fbart\Desktop
Loaded Profiles: fbart (Available Profiles: fbart)
Platform: Windows 10 Home Version 1703 15063.413 (X64) Language: Czech (Czech Republic)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
(Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(Conexant Systems, Inc) C:\Windows\CxSvc\CxMonSvc.exe
(Intel Corporation) C:\Windows\System32\IntelCpHDCPSvc.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(HP) C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(HP) C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
() C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
(Conexant) C:\Windows\System32\MicTray64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(2BrightSparks Pte. Ltd.) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe
(DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(HP) C:\Program Files (x86)\HP\HP 3D DriveGuard\AccelerometerSt.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Hewlett Packard Enterprise Company) C:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\fbart\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794936 2016-06-30] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-30] (Intel Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-08-29] (COMODO)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-20] (AVAST Software)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\HP\HP 3D DriveGuard\AccelerometerST.exe [129016 2016-07-25] (HP)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [268896 2016-04-14] (HP)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-12-16] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [500152 2015-12-16] (CyberLink Corp.)
HKLM-x32\...\Run: [O2CZ] => C:\Program Files (x86)\O2\O2CZ\EMMSN.exe [4050632 2009-11-30] (Telefónica I+D)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3632848 2017-08-08] (COMODO)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-10-30]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}\HPlogo_blue.ico ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2016-12-26]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk [2017-05-11]
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe (Lingea)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{5e93018d-e819-411c-a382-4ff97e6c7ce1}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{7191fe23-5f29-4c83-8116-0cf877ca686d}: [DhcpNameServer] 192.168.10.254
Tcpip\..\Interfaces\{8a386b75-748c-4b9a-b485-10037ff1581d}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{ffa86dba-3d82-4856-9162-fbb0cf3ea26b}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-04] (HP Inc.)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-04] (HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 5idlmvdg.default
FF ProfilePath: C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default [2017-12-01]
FF Extension: (Avast SafePrice) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\sp@avast.com.xpi [2017-11-24]
FF Extension: (Avast Online Security) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\wrc@avast.com.xpi [2017-10-18]
FF Extension: (Docs Online Viewer) - C:\Users\fbart\AppData\Roaming\Mozilla\Firefox\Profiles\5idlmvdg.default\Extensions\{bfb54675-2fd9-4e22-949d-c36333aff6b5}.xpi [2017-03-03]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-12-29] [Lagacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-11-07] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-07] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2002658774-1703651359-3694545506-1002: @lingea.com/x-lingea-translate -> C:\Program Files (x86)\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default [2017-12-01]
CHR Extension: (Slides) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-31]
CHR Extension: (YouTube) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-31]
CHR Extension: (Avast SafePrice) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-11-28]
CHR Extension: (Sheets) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-13]
CHR Extension: (Avast Online Security) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-05]
CHR Extension: (Gmail) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\fbart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files (x86)\Lingea\Lexicon5\syst\LG_Chrome.crx [2016-12-26]

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-20] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-20] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923888 2017-10-12] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10501616 2017-08-29] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-08-29] (COMODO)
R2 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [459248 2016-08-12] (Intel Corporation)
R2 CxMonSvc; C:\WINDOWS\CxSvc\CxMonSvc.exe [34928 2017-08-29] (Conexant Systems, Inc)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [149104 2017-08-29] (Conexant Systems, Inc.)
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [527296 2016-07-19] (Crossmatch, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567888 2016-08-11] (Hewlett-Packard Company)
R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659456 2017-10-29] (Foxit Software Inc.)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22528 2017-03-16] ()
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [892928 2016-06-02] (HP Inc.) [File not signed]
R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [969536 2016-12-22] (HP)
R2 HpDamServiceHost; c:\Program Files (x86)\HP\HP Device Access Manager\HPE.DeviceAccessManager.ServiceHost.exe [20376 2016-08-09] (Hewlett Packard Enterprise Company)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [459800 2016-06-02] (HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1083200 2016-12-22] (HP)
S3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1102560 2015-10-19] (HP)
R2 hpsrv; C:\WINDOWS\system32\Hpservice.exe [38728 2016-10-12] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [324592 2016-08-12] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [133840 2017-08-08] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-10-23] (Intel Corporation)
R2 LanWlanSwitchingService; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [602616 2016-12-22] (HP)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-07-03] ()
S4 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-12-29] (pdfforge GmbH)
S4 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-12-29] (pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-12-29] (pdfforge GmbH)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [272472 2017-08-17] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82944 2017-03-16] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3755176 2017-07-03] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 UIUService; %SystemRoot%\system32\UIUSrv.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [56128 2016-10-12] (HP)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-20] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-20] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-20] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-20] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-20] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [105128 2017-10-27] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-20] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-05] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-20] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-20] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-20] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-20] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-11-20] (AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-20] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-20] (AVAST Software)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40968 2017-08-09] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [827864 2017-08-09] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-08-09] (COMODO)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [1651704 2017-05-14] (Conexant Systems Inc.)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [76432 2016-08-11] (Hewlett-Packard Enterpise Company)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [42312 2016-10-12] (HP)
S3 Huawei; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2016-12-29] (Huawei Technologies Co., Ltd.) [File not signed]
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-08-09] (COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7643648 2017-07-13] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-06-20] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-05-20] (Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-18] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [54880 2017-08-17] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-04-06] (Sunplus Innovation Technology Inc.)
S3 VBAudioVACMME; C:\WINDOWS\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-01 22:31 - 2017-12-01 22:31 - 000024722 _____ C:\Users\fbart\Desktop\FRST.txt
2017-12-01 22:30 - 2017-12-01 22:31 - 000000000 ____D C:\FRST
2017-12-01 22:28 - 2017-12-01 22:28 - 000112640 _____ (forum.viry.cz) C:\Users\fbart\Desktop\FRSTLauncher.exe
2017-12-01 22:27 - 2017-12-01 22:27 - 002391552 _____ (Farbar) C:\Users\fbart\Desktop\FRST64.exe
2017-12-01 21:41 - 2017-12-01 21:41 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-12-01 21:22 - 2017-12-01 21:40 - 000000000 ____D C:\AdwCleaner
2017-12-01 21:21 - 2017-12-01 21:21 - 008187336 _____ (Malwarebytes) C:\Users\fbart\Desktop\adwcleaner_7.0.5.0.exe
2017-12-01 17:20 - 2017-12-01 17:20 - 000000000 ____D C:\rsit
2017-12-01 17:20 - 2017-12-01 17:20 - 000000000 ____D C:\Program Files\trend micro
2017-12-01 09:48 - 2017-12-01 09:48 - 000002229 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-12-01 09:48 - 2017-12-01 09:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-11-28 11:32 - 2017-11-28 11:32 - 000000000 ____D C:\Users\fbart\Downloads\Black Cat reading training 6 Wuthering Heights
2017-11-28 10:27 - 2017-11-28 10:27 - 000000000 ____D C:\Users\fbart\Downloads\Black Cat 4 www frenglish ru Gullivers Travel
2017-11-28 10:14 - 2017-11-28 10:14 - 000002212 _____ C:\Users\fbart\Desktop\JDownloader 2.lnk
2017-11-28 10:14 - 2017-11-28 10:14 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-11-28 10:12 - 2017-11-28 13:15 - 000000000 ____D C:\Users\fbart\AppData\Local\JDownloader v2.0
2017-11-23 08:45 - 2017-12-01 17:09 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-20 16:35 - 2017-11-20 16:35 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-11-20 16:35 - 2017-11-20 16:35 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2017-11-15 19:38 - 2017-12-01 21:41 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForfbart.job
2017-11-15 19:38 - 2017-11-30 09:29 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForfbart
2017-11-14 09:59 - 2017-12-01 21:13 - 000098816 ___SH C:\Users\fbart\Desktop\Thumbs.db
2017-11-08 15:46 - 2017-11-08 15:46 - 000000000 ____D C:\Users\fbart\.fontconfig
2017-11-08 15:15 - 2017-11-08 15:46 - 000000000 ____D C:\Users\fbart\AppData\Roaming\NVIDIA
2017-11-08 15:15 - 2017-11-08 15:15 - 000001229 _____ C:\Users\Public\Desktop\Movavi Slideshow Maker 3.lnk
2017-11-08 15:15 - 2017-11-08 15:15 - 000000000 ____D C:\Users\fbart\AppData\Local\SlideshowMaker
2017-11-08 15:15 - 2017-11-08 15:15 - 000000000 ____D C:\Users\fbart\AppData\Local\Movavi
2017-11-08 15:15 - 2017-11-08 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Slideshow Maker 3
2017-11-08 15:14 - 2017-11-08 15:15 - 000000000 ____D C:\Program Files (x86)\Movavi Slideshow Maker 3
2017-11-08 15:14 - 2017-11-08 15:14 - 000004965 _____ C:\ProgramData\nkqvxvck.cou
2017-11-08 15:14 - 2017-11-08 15:14 - 000000016 _____ C:\ProgramData\mntemp
2017-11-08 15:14 - 2017-11-08 15:14 - 000000000 ____D C:\ProgramData\Movavi Slideshow Maker 3
2017-11-08 15:08 - 2017-11-08 15:08 - 000001297 _____ C:\Users\Public\Desktop\Free Slideshow Maker.lnk
2017-11-08 15:08 - 2017-11-08 15:08 - 000000000 ____D C:\Users\fbart\Documents\Free Slideshow Maker
2017-11-08 15:08 - 2017-11-08 15:08 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Amazing
2017-11-08 15:08 - 2017-11-08 15:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazing
2017-11-08 15:08 - 2017-11-08 15:08 - 000000000 ____D C:\Program Files (x86)\Amazing
2017-11-07 15:30 - 2017-11-07 15:30 - 000000000 ____D C:\Users\fbart\AppData\Local\Spoon
2017-11-07 15:25 - 2017-11-12 18:12 - 000001460 _____ C:\Users\Public\Desktop\Free DOCX To DOC Converter.lnk
2017-11-07 15:25 - 2017-11-12 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free DOCX To DOC Converter
2017-11-07 15:25 - 2017-11-07 15:25 - 000000000 ____D C:\Program Files (x86)\Media Freeware
2017-11-07 15:24 - 2017-11-07 15:24 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Media Freeware
2017-11-07 12:44 - 2017-09-07 14:58 - 000002988 _____ C:\WINDOWS\system32\MicTray64.xml
2017-11-07 12:44 - 2017-09-05 14:39 - 002783824 _____ (Conexant) C:\WINDOWS\system32\MicTray64.exe
2017-11-07 12:44 - 2016-11-29 15:26 - 000007260 _____ C:\WINDOWS\system32\cxapo.prop
2017-11-07 12:43 - 2017-11-07 12:43 - 000000000 _____ C:\WINDOWS\system32\SETB0D9.tmp
2017-11-07 12:43 - 2017-11-07 12:43 - 000000000 _____ C:\WINDOWS\system32\Drivers\SETAE9E.tmp
2017-11-07 12:42 - 2017-11-07 12:42 - 000000000 ____D C:\ProgramData\SoundResearch
2017-11-07 12:40 - 2017-11-07 12:40 - 000000000 ____D C:\WINDOWS\UCI
2017-11-07 12:40 - 2017-11-07 12:40 - 000000000 ____D C:\WINDOWS\pss
2017-11-07 12:39 - 2016-09-20 13:51 - 000004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat
2017-11-07 12:09 - 2017-11-07 12:09 - 000000000 ___HD C:\$SysReset
2017-11-07 11:55 - 2017-11-30 09:28 - 000000000 ____D C:\SWSetup
2017-11-07 11:47 - 2017-11-07 11:47 - 000015940 _____ C:\Users\fbart\Documents\install.txt
2017-11-07 11:30 - 2017-11-07 11:30 - 000000000 _____ C:\Users\fbart\Desktop\Notebook HP ProBook 450 G4.txt
2017-11-07 11:17 - 2017-11-07 11:37 - 000000000 ____D C:\SWSetup-old2
2017-11-07 11:15 - 2017-11-07 11:15 - 000000282 _____ C:\Users\fbart\Documents\cc_20171107_111532.reg
2017-11-07 10:50 - 2017-11-07 10:50 - 000007876 _____ C:\Users\fbart\Documents\cc_20171107_105022.reg
2017-11-07 10:48 - 2017-11-07 10:48 - 000404424 _____ C:\Users\fbart\Documents\cc_20171107_104829.reg
2017-11-07 10:08 - 2017-11-07 10:08 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-07 10:07 - 2017-11-07 10:07 - 000000000 ____D C:\Program Files\Common Files\Intel
2017-11-07 10:05 - 2017-11-07 10:05 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET270D.tmp
2017-11-07 10:04 - 2017-11-07 10:04 - 000000000 _____ C:\WINDOWS\system32\SETEE1D.tmp
2017-11-07 10:04 - 2017-11-07 10:04 - 000000000 _____ C:\WINDOWS\system32\SETEDBD.tmp
2017-11-07 10:04 - 2017-11-07 10:04 - 000000000 _____ C:\WINDOWS\system32\SETE479.tmp
2017-11-07 10:04 - 2017-11-07 10:04 - 000000000 _____ C:\WINDOWS\system32\SETE448.tmp
2017-11-07 10:04 - 2017-11-07 10:04 - 000000000 _____ C:\WINDOWS\system32\Drivers\SETE3B7.tmp
2017-11-07 10:04 - 2017-11-07 10:04 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET8F2E.tmp
2017-11-07 09:56 - 2017-11-07 09:56 - 000000000 _____ C:\WINDOWS\system32\Drivers\SETE4A7.tmp
2017-11-03 17:05 - 2017-11-03 17:05 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET5F69.tmp
2017-11-03 17:05 - 2017-11-03 17:05 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET5F68.tmp
2017-11-03 17:05 - 2017-11-03 17:05 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET5F46.tmp
2017-11-03 16:35 - 2017-11-03 16:35 - 000000000 _____ C:\WINDOWS\system32\Drivers\SETC868.tmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-01 22:28 - 2016-12-20 22:41 - 000000000 ____D C:\Users\fbart\AppData\LocalLow\Mozilla
2017-12-01 22:21 - 2017-06-12 18:14 - 002673844 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-01 22:21 - 2017-03-20 05:43 - 001558006 _____ C:\WINDOWS\system32\perfh005.dat
2017-12-01 22:21 - 2017-03-20 05:43 - 000518960 _____ C:\WINDOWS\system32\perfc005.dat
2017-12-01 22:20 - 2017-06-12 18:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-01 21:41 - 2017-06-12 18:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-01 21:41 - 2017-06-12 18:13 - 000000000 ____D C:\ProgramData\Synaptics
2017-12-01 21:41 - 2016-12-20 22:34 - 000000000 __SHD C:\Users\fbart\IntelGraphicsProfiles
2017-12-01 21:40 - 2017-03-18 12:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-12-01 21:21 - 2016-12-26 16:31 - 000000000 ____D C:\Users\fbart\AppData\Roaming\vlc
2017-12-01 21:15 - 2017-01-09 21:48 - 000007608 _____ C:\Users\fbart\AppData\Local\Resmon.ResmonCfg
2017-12-01 21:14 - 2016-12-30 20:15 - 000000000 ____D C:\Users\fbart\Documents\Lexicon
2017-12-01 17:09 - 2017-06-02 08:53 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-01 17:09 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-12-01 17:09 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-01 17:09 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-12-01 17:02 - 2017-06-12 18:21 - 000003366 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1487236436
2017-12-01 17:02 - 2016-12-20 22:37 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Skype
2017-12-01 16:06 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-01 16:06 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-01 09:48 - 2016-12-29 14:44 - 000000000 ____D C:\ProgramData\Foxit Software
2017-11-30 15:37 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-30 09:29 - 2017-06-12 18:21 - 000003738 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-11-30 09:29 - 2017-06-12 18:12 - 000000000 ____D C:\Program Files (x86)\Intel
2017-11-30 09:29 - 2016-04-02 03:17 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-30 09:28 - 2017-06-12 18:12 - 000000000 ____D C:\Program Files\Intel
2017-11-30 09:28 - 2016-10-29 23:39 - 000000000 ____D C:\ProgramData\Intel
2017-11-28 15:48 - 2017-06-12 18:14 - 000000000 ____D C:\Users\fbart
2017-11-26 18:08 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2017-11-24 16:00 - 2017-06-28 13:38 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2017-11-24 16:00 - 2017-02-16 10:12 - 000000000 ____D C:\Program Files\Opera
2017-11-23 08:45 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-20 19:20 - 2017-01-12 16:34 - 000000000 ____D C:\My PDF
2017-11-20 16:35 - 2017-06-12 18:21 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-11-20 16:35 - 2017-06-08 10:47 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-11-20 16:35 - 2017-03-21 16:51 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-11-20 16:35 - 2017-03-21 16:51 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-11-20 16:35 - 2017-03-21 16:51 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-11-20 16:35 - 2017-03-21 16:51 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-11-20 16:35 - 2016-12-20 22:57 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-11-20 16:35 - 2016-12-20 22:57 - 000455384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.151119214498404
2017-11-20 16:35 - 2016-12-20 22:57 - 000455376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-11-20 16:35 - 2016-12-20 22:57 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-11-20 16:35 - 2016-12-20 22:57 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-11-20 16:35 - 2016-12-20 22:57 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-11-20 16:35 - 2016-12-20 22:57 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-11-20 16:35 - 2016-12-20 22:57 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-11-20 16:35 - 2016-12-20 22:57 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-11-19 21:09 - 2017-06-12 18:21 - 000004602 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-19 21:09 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-19 21:09 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-19 21:09 - 2016-12-20 23:40 - 000000000 ____D C:\Users\fbart\AppData\Local\Adobe
2017-11-19 20:48 - 2016-12-20 22:40 - 000000000 ____D C:\Users\fbart\AppData\Roaming\Mozilla
2017-11-19 20:47 - 2016-12-20 22:40 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-19 20:47 - 2016-12-20 22:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-15 19:33 - 2016-10-29 23:26 - 000000000 ____D C:\ProgramData\HP
2017-11-15 19:33 - 2016-09-02 09:01 - 000000000 ____D C:\Program Files\HP
2017-11-14 12:39 - 2017-01-13 14:06 - 000000000 ____D C:\ProgramData\Skype
2017-11-13 21:53 - 2016-12-31 22:30 - 000002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-13 21:53 - 2016-12-31 22:30 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-13 21:48 - 2017-06-12 18:21 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-13 21:48 - 2017-06-12 18:21 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-08 13:34 - 2016-12-20 22:34 - 000000000 ____D C:\Users\fbart\AppData\Local\Packages
2017-11-07 12:45 - 2017-06-12 18:13 - 000000000 ____D C:\WINDOWS\CxSvc
2017-11-07 12:45 - 2016-12-20 22:37 - 000000000 ____D C:\Users\fbart\AppData\Local\Conexant
2017-11-07 12:44 - 2017-06-12 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2017-11-07 12:44 - 2017-06-12 18:12 - 001705080 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe
2017-11-07 12:43 - 2017-06-12 18:13 - 000000000 ____D C:\ProgramData\Conexant
2017-11-07 12:40 - 2017-06-12 18:12 - 000000000 ____D C:\Program Files\CONEXANT
2017-11-07 11:54 - 2017-10-25 11:33 - 000000000 ____D C:\ProgramData\Ashampoo
2017-11-07 11:23 - 2016-12-20 22:37 - 000000000 ___RD C:\Users\fbart\OneDrive
2017-11-07 10:25 - 2017-07-28 08:31 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2002658774-1703651359-3694545506-1002
2017-11-07 10:25 - 2016-12-20 22:37 - 000002420 _____ C:\Users\fbart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-07 10:17 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-07 10:17 - 2016-12-22 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-07 10:08 - 2016-12-22 19:42 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-07 10:08 - 2016-10-29 23:18 - 000000000 ____D C:\Intel
2017-11-03 17:04 - 2016-04-02 03:25 - 000000000 ____D C:\SWSETUP-old
2017-11-03 16:39 - 2016-12-27 22:22 - 000000000 ____D C:\Users\fbart\AppData\Local\ElevatedDiagnostics
2017-11-03 16:18 - 2017-06-12 18:11 - 000411552 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2017-01-09 21:48 - 2017-12-01 21:15 - 000007608 _____ () C:\Users\fbart\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2017-09-05 13:36 - 2017-08-21 17:01 - 003700288 _____ (Foxit Corporation) C:\Users\fbart\AppData\Local\Temp\FoxitUpdater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-23 14:04

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows) (Fixed) (Total:115.8 GB) (Free:56.21 GB) NTFS
Drive d: (DATADRIVE0) (Fixed) (Total:931.39 GB) (Free:645.35 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32

Available physical RAM: 1207.86 MB
Total physical RAM: 2959.75 MB
Percentage of memory in use: 59%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 931.5 GB) (Disk ID: CB272412)
Disk: 1 (Size: 119.2 GB) (Disk ID: A4776A55)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForfbart.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DextUVCB_x64.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dopdfmi7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dopdfmn7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VCamPPage_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZLhp1020.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZSHP1020.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DextUVCB.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr70.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VCamPPage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ewusbdev.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET7C3C.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SPUVCBv64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\fbart\Desktop\revize plynu.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\fbart\Desktop\revize plynu.pdf:$CmdZnID [26]

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\fbart\Desktop" je 11 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
C:\WINDOWS\system32\SETB0D9.tmp
C:\WINDOWS\system32\Drivers\SET270D.tmp
C:\WINDOWS\system32\SETEE1D.tmp
C:\WINDOWS\system32\SETEDBD.tmp
C:\WINDOWS\system32\SETE479.tmp
C:\WINDOWS\system32\SETE448.tmp
C:\WINDOWS\system32\Drivers\SETE3B7.tmp
C:\WINDOWS\system32\Drivers\SET8F2E.tmp
C:\WINDOWS\system32\Drivers\SETE4A7.tmp
C:\WINDOWS\system32\Drivers\SET5F69.tmp
C:\WINDOWS\system32\Drivers\SET5F68.tmp
C:\WINDOWS\system32\Drivers\SET5F46.tmp
C:\WINDOWS\system32\Drivers\SETC868.tmp
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\fbart\AppData\Local\Temp
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DextUVCB_x64.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dopdfmi7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dopdfmn7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VCamPPage_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZLhp1020.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZSHP1020.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DextUVCB.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr70.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VCamPPage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ewusbdev.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET7C3C.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SPUVCBv64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\fbart\Desktop\revize plynu.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\fbart\Desktop\revize plynu.pdf:$CmdZnID [26]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[krysarr]

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by fbart (02-12-2017 23:57:58) Run:1
Running from C:\Users\fbart\Desktop
Loaded Profiles: fbart (Available Profiles: fbart)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
C:\WINDOWS\system32\SETB0D9.tmp
C:\WINDOWS\system32\Drivers\SET270D.tmp
C:\WINDOWS\system32\SETEE1D.tmp
C:\WINDOWS\system32\SETEDBD.tmp
C:\WINDOWS\system32\SETE479.tmp
C:\WINDOWS\system32\SETE448.tmp
C:\WINDOWS\system32\Drivers\SETE3B7.tmp
C:\WINDOWS\system32\Drivers\SET8F2E.tmp
C:\WINDOWS\system32\Drivers\SETE4A7.tmp
C:\WINDOWS\system32\Drivers\SET5F69.tmp
C:\WINDOWS\system32\Drivers\SET5F68.tmp
C:\WINDOWS\system32\Drivers\SET5F46.tmp
C:\WINDOWS\system32\Drivers\SETC868.tmp
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\fbart\AppData\Local\Temp
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DextUVCB_x64.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dopdfmi7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dopdfmn7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VCamPPage_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZLhp1020.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ZSHP1020.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DextUVCB.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr70.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VCamPPage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ewusbdev.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SET7C3C.tmp:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SPUVCBv64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\fbart\Desktop\revize plynu.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\fbart\Desktop\revize plynu.pdf:$CmdZnID [26]

EmptyTemp:
End
*****************

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-21-2002658774-1703651359-3694545506-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
C:\WINDOWS\system32\SETB0D9.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SET270D.tmp => moved successfully
C:\WINDOWS\system32\SETEE1D.tmp => moved successfully
C:\WINDOWS\system32\SETEDBD.tmp => moved successfully
C:\WINDOWS\system32\SETE479.tmp => moved successfully
C:\WINDOWS\system32\SETE448.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SETE3B7.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SET8F2E.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SETE4A7.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SET5F69.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SET5F68.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SET5F46.tmp => moved successfully
C:\WINDOWS\system32\Drivers\SETC868.tmp => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\fbart\AppData\Local\Temp => moved successfully
C:\WINDOWS\system32\cdpreference.exe => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\DextUVCB_x64.ax => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\dopdfmi7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\dopdfmn7.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\VCamPPage_x64.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ZLhp1020.DLL => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\ZSHP1020.EXE => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\DextUVCB.ax => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\indexeddbserver.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\msvcr70.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\SysWOW64\VCamPPage.dll => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\ewusbdev.sys => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\SET7C3C.tmp => ":$CmdTcID" ADS could not remove.
C:\WINDOWS\system32\Drivers\SPUVCBv64.sys => ":$CmdTcID" ADS could not remove.
C:\Users\fbart\Desktop\revize plynu.pdf => ":$CmdTcID" ADS could not remove.
C:\Users\fbart\Desktop\revize plynu.pdf => ":$CmdZnID" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 77423540 B
Java, Flash, Steam htmlcache => 737 B
Windows/system/drivers => 615678 B
Edge => 991 B
Chrome => 9247133 B
Firefox => 79261683 B
Opera => 560930 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4898 B
NetworkService => 0 B
fbart => 5115551 B

RecycleBin => 149689726 B
EmptyTemp: => 317 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:58:29 ====

[Rudy]

OK. Nastala nějaká změna?

[krysarr]

Zatím se zdá vše v pořádku. Kdyby se vyskytl nějaký další problém, dám vědět.

Moc Vám děkuji za pomoc!

[Rudy]

To jsem rád. Rádo se stalo!