Dobrý den, pc je hodně pomalý, prosím o kontrolu logu: Díky
Logfile of random's system information tool 1.16 (written by random/random)
Run by Ivka at 2018-04-28 16:10:11
Microsoft Windows 8.1 Pro
System drive C: has 190 GB (72%) free of 265 GB
Total RAM: 3993 MB (36% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:10:14, on 28. 4. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\trend micro\Ivka_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunOnce: [SBrowserCheck] "%ALLUSERSPROFILE%\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe" /s /run_source=av_update /runonce /cgid 101
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_7C6C907CA581A68684E5030D0ECE19C6] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Ivka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Ivka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} (GTileContainerCtl Class) - http://212.4.154.47/webviewer.cab
O16 - DPF: {BF776FD3-69B4-4151-AC97-3A2A64753E18} (GVersionManager Class) - http://212.4.154.47/GVersionMan.cab
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem1.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9592 bytes
====== Enumerating Processes ======
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhostex.exe
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Ivka\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Ivka\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Ivka\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.139 --initial-client-data=0x23c,0x238,0x230,0x1ec,0x240,0x7ff8e07e3218,0x7ff8e07e3228,0x7ff8e07e3238
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6700 --on-initialized-event-handle=748 --parent-handle=752 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1412,12116980595253702114,15364164942984993177,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=B091A340722F3F341B461B3E3F193853 --mojo-platform-channel-handle=1528 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,12116980595253702114,15364164942984993177,131072 --service-pipe-token=A0C3F8A16257A3FC691B68BFC41AD1B6 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=A0C3F8A16257A3FC691B68BFC41AD1B6 --renderer-client-id=3 --mojo-platform-channel-handle=2672 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,12116980595253702114,15364164942984993177,131072 --service-pipe-token=ED649543F244E5470CE1A8A018A3C00C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=ED649543F244E5470CE1A8A018A3C00C --renderer-client-id=6 --mojo-platform-channel-handle=5340 /prefetch:1
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\dashost.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,12116980595253702114,15364164942984993177,131072 --service-pipe-token=37056F783FB0F5AB0B9E4BE43E2D2569 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=37056F783FB0F5AB0B9E4BE43E2D2569 --renderer-client-id=13 --mojo-platform-channel-handle=5224 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,12116980595253702114,15364164942984993177,131072 --service-pipe-token=4FE94BC71F606BEEA4DCE9698CFF5AF2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=4FE94BC71F606BEEA4DCE9698CFF5AF2 --renderer-client-id=15 --mojo-platform-channel-handle=4076 /prefetch:1
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e625768f-1363-4702-b26c-c8ee6dcd005b -SystemEventPortName:HostProcess-475eb5ba-0627-4be6-b001-c264aa3c7ccc -IoCancelEventPortName:HostProcess-47211100-9f2b-4880-bf84-b884cda26833 -NonStateChangingEventPortName:HostProcess-2ac1b80a-40dd-4588-87c1-2c499c8916e0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9196d1db-6934-41c5-885b-2a39d1321d11 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,12116980595253702114,15364164942984993177,131072 --service-pipe-token=2A024FF60EB2EDD1F555153F414E0EE6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=2A024FF60EB2EDD1F555153F414E0EE6 --renderer-client-id=19 --mojo-platform-channel-handle=5260 /prefetch:1
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Ivka\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
====== Scheduled tasks folder ======
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\Driver Booster SkipUAC (Ivka) - C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe /skipuac
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-1624803748-2227083184-3933870540-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1468387076 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1503995509 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\Windows\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\Windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\Windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\Windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\Windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
C:\Windows\system32\tasks\AVAST Software\Overseer - C:\Program Files\Common Files\avast software\overseer\overseer.exe
=========Google Chrome=========
C:\Users\Ivka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aminlpmkfcdibgpgfajlgnamicjckkjf 2 Поиск Яндекса 1.0.3
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.579
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 0.0.0.8
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 0 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.28.0
Extension gomekmidlodglbbmalcneegieacbdmki 2 avast! Online Security 9.0.2021.112
Extension hibdhkmhlcalcpgmpgmiabihphalngjl
Extension jdkihdhlegcdggknokfekoemkjjnjhgi 2 Стартовая — Яндекс 1.0.3
Extension kijomcfcibjpffbhooigkoajlhebpkoo
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mmimngoggfoobjdlefbcabngfnmieonb 1 Google Play Books 1.1.14
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.7
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam doplněk - Esko 4.2.3
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 0 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6618.312.0.2
Homepage:
default_search_provider.search_url:
C:\Users\Ivka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-04-28 938712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-18 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-04-28 812248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-18 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KONICA MINOLTA PagePro 1350WStatusDisplay"=C:\Windows\system32\MSTM64_Q.EXE [2014-09-17 247224]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-11-01 176440]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05 315880]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-04-28 242392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ASYNCMAC"=streamci,StreamingDeviceSetup {eeab7790-c514-11d1-b42b-00805fc1270e},asyncmac,{ad498944-762f-11d0-8dcb-00c04fc3358c},C:\Windows\INF\netrasa.inf,Ndis-Mp-AsyncMac []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-10-18 801816]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-04-12 18334528]
"GoogleChromeAutoLaunch_7C6C907CA581A68684E5030D0ECE19C6"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2018-04-26 1586008]
"cz.seznam.software.autoupdate"=C:\Users\Ivka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Ivka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2013-10-18 801816]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"ToolboxFX"=C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [2010-10-25 58936]
"Reader Library Launcher"=C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [2010-07-13 906648]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-04-23 3642688]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"SBrowserCheck"=C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [2018-04-28 4788840]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
====== List of files/folders created in the last 1 month ======
2018-04-28 16:10:11 ----D---- C:\rsit
2018-04-28 14:18:29 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-04-28 14:18:28 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-04-28 14:18:12 ----A---- C:\Windows\system32\aswBoot.exe
2018-04-28 09:09:45 ----A---- C:\Windows\system32\drivers\mbam.sys
2018-04-28 09:09:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2018-04-28 09:09:35 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2018-04-28 09:09:35 ----A---- C:\Windows\system32\drivers\farflt.sys
2018-04-28 09:09:31 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-04-23 12:15:28 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2018-04-23 12:15:28 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2018-04-23 12:15:28 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2018-04-23 12:15:28 ----A---- C:\Windows\system32\DbxSvc.exe
====== List of files/folders modified in the last 1 month ======
2018-04-28 16:10:14 ----D---- C:\Windows\Prefetch
2018-04-28 16:10:13 ----D---- C:\Program Files\trend micro
2018-04-28 16:07:48 ----D---- C:\Windows\Temp
2018-04-28 16:00:04 ----D---- C:\Windows\system32\sru
2018-04-28 15:33:22 ----SHD---- C:\Windows\Installer
2018-04-28 15:32:33 ----D---- C:\Program Files (x86)\WinRAR
2018-04-28 15:28:30 ----D---- C:\Windows
2018-04-28 15:09:42 ----D---- C:\Windows\Inf
2018-04-28 15:09:41 ----D---- C:\Windows\SoftwareDistribution
2018-04-28 15:09:34 ----RD---- C:\Program Files
2018-04-28 15:04:19 ----SHD---- C:\System Volume Information
2018-04-28 15:04:08 ----RD---- C:\Program Files (x86)
2018-04-28 15:01:58 ----D---- C:\Windows\system32\Tasks
2018-04-28 14:58:26 ----D---- C:\Windows\system32\config
2018-04-28 14:56:37 ----D---- C:\Program Files\CCleaner
2018-04-28 14:56:23 ----D---- C:\Windows\WinSxS
2018-04-28 14:56:23 ----D---- C:\Windows\SysWOW64
2018-04-28 14:56:20 ----D---- C:\Windows\system32\DriverStore
2018-04-28 14:56:05 ----D---- C:\Windows\CbsTemp
2018-04-28 14:41:20 ----D---- C:\Windows\system32\drivers
2018-04-28 14:18:12 ----RD---- C:\Windows\System32
2018-04-28 14:17:11 ----D---- C:\ProgramData\AVAST Software
2018-04-28 14:09:51 ----D---- C:\Windows\Minidump
2018-04-28 14:06:56 ----D---- C:\Users\Ivka\AppData\Roaming\Ahnenblatt
2018-04-28 14:06:20 ----D---- C:\Windows\Tasks
2018-04-28 13:48:05 ----D---- C:\Program Files (x86)\DriverToolkit
2018-04-28 13:37:53 ----D---- C:\Windows\Microsoft.NET
2018-04-28 13:19:56 ----D---- C:\Users\Ivka\AppData\Roaming\vlc
2018-04-28 09:09:24 ----HD---- C:\ProgramData
2018-04-27 18:54:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-04-26 20:07:22 ----D---- C:\Program Files (x86)\Dropbox
2018-04-12 09:37:44 ----HD---- C:\Program Files\WindowsApps
2018-04-12 09:37:44 ----D---- C:\Windows\AppReadiness
2018-04-03 03:01:48 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-04-01 10:33:43 ----D---- C:\Users\Ivka\AppData\Roaming\Ancestry
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-04-28 199440]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-04-28 343752]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-04-28 57680]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-04-28 84368]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-04-28 380528]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-04-28 253664]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-04-28 196640]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-04-28 227504]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-04-28 227784]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-08-16 41800]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-04-28 111352]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-04-28 1026696]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-04-28 460520]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2018-03-19 76192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-01-03 27552]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-04-28 147224]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-04-28 205976]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2018-04-28 193768]
R3 bcbtums;@oem1.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-09-04 170712]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\Windows\system32\drivers\BthA2DP.sys [2015-01-30 132608]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\Windows\system32\DRIVERS\BthHfAud.sys [2014-10-08 32768]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 - ovladač I pro síťová připojení PCI Express; C:\Windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-05-21 3791872]
R3 iwdbus;@oem6.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 MarvinBus;@oem13.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\Windows\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2018-04-28 112864]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2018-04-28 44768]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2018-04-28 102112]
R3 MEIx64;@oem3.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-12-19 99288]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTSPER;@oem11.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-01-03 465624]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S2 MLPTDR_Q;MLPTDR_Q; \??\C:\Windows\syswow64\MLPTDR_Q.SYS [2014-09-17 18848]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-04-28 46968]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwampfl;@oem1.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2013-09-04 166104]
S3 dg_ssudbus;@oem10.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 intaud_WaveExtensible;@oem5.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 Netaapl;@oem48.inf,%Netaapl.Service.DispName%;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2015-11-05 23040]
S3 RimUsb;@oem43.inf,%RimUsb.DeviceDesc%;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 ssudmdm;@oem18.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 ssudserd;@oem36.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 USBAAPL64;@oem47.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-11-05 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\apphostsvc.dll
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-09-22 83768]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-04-28 313640]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-05-21 314696]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-03-27 6479136]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-04-28 7603408]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-01-05 2319848]
S2 BcmBtRSupport;@oem1.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-09-04 2252504]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-30 143144]
S2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2018-04-23 51024]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-05-02 164864]
S2 Net Driver HPZ12;Net Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\System32\HPZinw12.dll
S2 Pml Driver HPZ12;Pml Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\System32\HPZipm12.dll
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-10-20 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-05-21 278344]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-30 143144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-06-05 1004960]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-11-01 651576]
S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2010-04-02 73728]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pooooomalý ntb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pooooomalý ntb
Ahoj 
Ak nepouzivas, odorucam odinstalovat Seznam Software (Seznam Listicka).
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Ak nepouzivas, odorucam odinstalovat Seznam Software (Seznam Listicka). Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Pooooomalý ntb
# -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build: 04-12-2018
# Database: 2018-04-27.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-28-2018
# Duration: 00:00:05
# OS: Windows 8.1 Pro
# Cleaned: 13
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
Deleted C:\Program Files (x86)\DriverToolkit
Deleted C:\Users\Ivka\AppData\Local\DriverToolkit
***** [ Files ] *****
Deleted C:\Users\Ivka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DriverUpdaterPro.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\Tasks\DRIVERTOOLKIT AUTORUN.job
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
Deleted HKCU\Software\DriverUpdaterPro
***** [ Chromium (and derivatives) ] *****
Deleted ????? ???????
Deleted ????????? — ??????
Deleted ????????? — ??????
Deleted ????? ???????
Deleted MSN Homepage & Bing Search Engine
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build: 04-12-2018
# Database: 2018-04-27.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-28-2018
# Duration: 00:00:05
# OS: Windows 8.1 Pro
# Cleaned: 13
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
Deleted C:\Program Files (x86)\DriverToolkit
Deleted C:\Users\Ivka\AppData\Local\DriverToolkit
***** [ Files ] *****
Deleted C:\Users\Ivka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DriverUpdaterPro.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\Tasks\DRIVERTOOLKIT AUTORUN.job
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
Deleted HKCU\Software\DriverUpdaterPro
***** [ Chromium (and derivatives) ] *****
Deleted ????? ???????
Deleted ????????? — ??????
Deleted ????????? — ??????
Deleted ????? ???????
Deleted MSN Homepage & Bing Search Engine
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
Re: Pooooomalý ntb
Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707 V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST. Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pooooomalý ntb
Omluva za vstup. prosím, abyste sem dával post s vaším problémem pouze 1x. To nám stačí. Kdo to má pak mazat?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?