Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomaly notebuk-cekani na mezipamet

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
P.Stiller
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 20 srp 2009 15:46

Pomaly notebuk-cekani na mezipamet

#1 Příspěvek od P.Stiller »

Logfile of random's system information tool 1.10 (written by random/random)
Run by still at 2018-06-14 12:53:53
Microsoft Windows 10 Home
System drive C: has 740 GB (79%) free of 938 GB
Total RAM: 3982 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:54:04, on 14.06.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0371)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
C:\Games\World_of_Tanks\WargamingGameUpdater.exe
C:\Users\still\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
C:\Program Files\trend micro\still.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPRadioMgr] C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
O4 - HKLM\..\Run: [RtlS5Wake] C:\PROGRA~2\Realtek\PCIEWI~1\RTLS5W~1\RtlS5Wake.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\still\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [World of Tanks] "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\still\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\still\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Realtek Semiconductor Corp. - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - HP Inc. - C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee Service Controller (mfemms) - McAfee LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12495 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
dashost.exe {d9d85df9-1ab9-469b-9e77c58e3ca8dbeb}
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp

C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
atieclxx
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\WLANExt.exe 2259963831088
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\syswow64\svchost.exe -k hpdevmgmt -s hpqddsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -s W32Time
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe"
C:\WINDOWS\System32\svchost.exe -k HPZ12
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\WINDOWS\System32\svchost.exe -k HPZ12
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks

c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\syswow64\svchost.exe -k hpdevmgmt -s hpqcxs08
c:\windows\system32\svchost.exe -k hpservice -s HPSLPSVC
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\HPCommRecovery\HPCommRecovery.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
szndesktop.exe default start
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Users\still\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe"
"C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe"
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SEMgrSvc
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15914.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\AUDIODG.EXE 0x70


C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\WINDOWS\servicing\TrustedInstaller.exe
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 740 744 752 8192 748
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k defragsvc
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\still\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForstill.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForstill (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-05-30 207024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06 440680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06 416104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-04-23 9217024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\still\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-05-02 1624224]
"World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe [2018-01-05 3139872]
"cz.seznam.software.autoupdate"=C:\Users\still\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\still\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-12-15 5263552]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [2017-12-14 575944]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2018-03-22 709152]
"HPRadioMgr"=C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [2017-10-31 324592]
"RtlS5Wake"=C:\PROGRA~2\Realtek\PCIEWI~1\RTLS5W~1\RtlS5Wake.exe [2017-06-26 1660760]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-06-14 12:53:54 ----D---- C:\Program Files\trend micro
2018-06-14 12:53:53 ----D---- C:\rsit
2018-06-14 11:49:25 ----D---- C:\AdwCleaner
2018-06-14 08:57:14 ----HD---- C:\$WINDOWS.~BT
2018-06-13 23:53:48 ----D---- C:\ProgramData\ESET
2018-06-13 23:53:35 ----D---- C:\Program Files\ESET
2018-06-13 23:46:51 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2018-06-13 23:05:30 ----HD---- C:\$SysReset
2018-06-13 16:04:29 ----D---- C:\WINDOWS\Panther
2018-06-12 23:34:19 ----ASH---- C:\swapfile.sys
2018-06-12 23:34:19 ----ASH---- C:\pagefile.sys
2018-06-12 23:34:17 ----ASH---- C:\hiberfil.sys
2018-06-12 22:00:41 ----D---- C:\Program Files (x86)\AMD
2018-06-12 22:00:38 ----D---- C:\Program Files\ATI Technologies
2018-05-19 20:22:27 ----D---- C:\Program Files (x86)\Steam
2018-05-19 20:03:19 ----D---- C:\Program Files (x86)\Rebellion
2018-05-18 20:10:07 ----A---- C:\WINDOWS\system32\Notifier.exe

======List of files/folders modified in the last 1 month======

2018-06-14 12:53:54 ----RD---- C:\Program Files
2018-06-14 12:53:17 ----D---- C:\WINDOWS\Temp
2018-06-14 12:53:13 ----D---- C:\WINDOWS\Prefetch
2018-06-14 12:53:08 ----RD---- C:\WINDOWS\Microsoft.NET
2018-06-14 12:30:04 ----D---- C:\WINDOWS\DeliveryOptimization
2018-06-14 12:26:37 ----D---- C:\WINDOWS\system32\Tasks
2018-06-14 12:23:16 ----D---- C:\WINDOWS\system32\sru
2018-06-14 11:33:42 ----D---- C:\WINDOWS\system32\SleepStudy
2018-06-14 08:32:06 ----HD---- C:\Program Files\WindowsApps
2018-06-14 08:20:43 ----D---- C:\WINDOWS\AppReadiness
2018-06-14 00:12:40 ----D---- C:\WINDOWS\system32\WDI
2018-06-14 00:08:48 ----AD---- C:\ProgramData\Avg
2018-06-14 00:08:46 ----D---- C:\Program Files (x86)\AVG
2018-06-14 00:08:42 ----D---- C:\WINDOWS\system32\drivers
2018-06-14 00:06:57 ----D---- C:\WINDOWS\system32\catroot2
2018-06-14 00:05:18 ----D---- C:\WINDOWS\system32\DriverStore
2018-06-14 00:05:18 ----D---- C:\WINDOWS\INF
2018-06-13 23:56:19 ----SHD---- C:\WINDOWS\Installer
2018-06-13 23:56:14 ----D---- C:\WINDOWS\system32\Microsoft
2018-06-13 23:55:41 ----HD---- C:\WINDOWS\ELAMBKUP
2018-06-13 23:55:36 ----HD---- C:\Config.Msi
2018-06-13 23:53:48 ----HD---- C:\ProgramData
2018-06-13 23:49:47 ----D---- C:\WINDOWS\System32
2018-06-13 23:48:55 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2018-06-13 23:46:51 ----D---- C:\WINDOWS\SysWOW64
2018-06-13 22:40:52 ----D---- C:\Users\still\AppData\Roaming\Seznam.cz
2018-06-13 22:37:38 ----D---- C:\WINDOWS
2018-06-13 22:26:49 ----D---- C:\WINDOWS\Registration
2018-06-13 22:26:33 ----D---- C:\Users\still\AppData\Roaming\TS3Client
2018-06-13 22:26:27 ----D---- C:\WINDOWS\system32\config
2018-06-13 18:04:11 ----D---- C:\WINDOWS\CbsTemp
2018-06-13 18:00:03 ----D---- C:\WINDOWS\system32\LogFiles
2018-06-13 15:28:56 ----D---- C:\Users\still\AppData\Roaming\DAEMON Tools Lite
2018-06-13 15:25:33 ----D---- C:\WINDOWS\debug
2018-06-13 15:25:32 ----D---- C:\WINDOWS\LiveKernelReports
2018-06-13 14:27:41 ----D---- C:\WINDOWS\system32\MRT
2018-06-13 14:26:17 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 14:15:35 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-06-13 09:26:21 ----SHD---- C:\System Volume Information
2018-06-13 08:39:07 ----D---- C:\ProgramData\AMD
2018-06-12 23:56:10 ----SD---- C:\Users\still\AppData\Roaming\Microsoft
2018-06-12 23:55:10 ----RSD---- C:\WINDOWS\Fonts
2018-06-12 23:55:10 ----D---- C:\WINDOWS\system32\WinBioDatabase
2018-06-12 23:55:09 ----D---- C:\WINDOWS\twain_32
2018-06-12 23:55:09 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2018-06-12 23:55:09 ----D---- C:\WINDOWS\SYSWOW64\drivers
2018-06-12 23:55:09 ----D---- C:\WINDOWS\system32\drivers\etc
2018-06-12 23:55:08 ----D---- C:\WINDOWS\system32\spool
2018-06-12 23:55:06 ----D---- C:\WINDOWS\system32\oobe
2018-06-12 23:54:53 ----D---- C:\WINDOWS\system32\NDF
2018-06-12 23:54:48 ----SD---- C:\ProgramData\Microsoft
2018-06-12 23:54:48 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-06-12 23:54:47 ----RD---- C:\Program Files (x86)
2018-06-12 23:54:47 ----D---- C:\Program Files (x86)\Microsoft.NET
2018-06-12 23:54:47 ----AD---- C:\Program Files (x86)\HP
2018-06-12 23:54:46 ----D---- C:\Program Files\Common Files\microsoft shared
2018-06-12 23:54:46 ----D---- C:\Program Files\Common Files
2018-06-12 23:54:46 ----D---- C:\Program Files (x86)\Common Files
2018-06-12 23:54:46 ----AD---- C:\Program Files\AMD
2018-06-12 23:54:45 ----HD---- C:\WINDOWS\system32\GroupPolicy
2018-06-12 23:54:45 ----D---- C:\WINDOWS\Tasks
2018-06-12 23:54:44 ----D---- C:\WINDOWS\system32\Recovery
2018-06-12 22:12:54 ----HD---- C:\ProgramData\Common Files
2018-06-12 22:12:41 ----D---- C:\ProgramData\Realtek
2018-06-12 22:01:12 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2018-06-12 21:32:26 ----RSD---- C:\WINDOWS\assembly
2018-06-12 20:39:27 ----D---- C:\AMD
2018-06-12 20:35:30 ----SHD---- C:\Recovery
2018-06-10 13:45:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-09 13:14:15 ----D---- C:\WINDOWS\system32\CatRoot
2018-06-09 13:04:50 ----D---- C:\SWSetup
2018-06-08 12:55:12 ----D---- C:\WINDOWS\WinSxS
2018-06-07 10:40:26 ----D---- C:\WINDOWS\Logs
2018-06-06 01:24:43 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-05-30 18:03:41 ----AD---- C:\Program Files (x86)\Microsoft Office
2018-05-18 19:44:08 ----D---- C:\WINDOWS\HP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdpsp;@oem0.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [2017-06-12 243048]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-03-30 59808]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2018-06-14 267304]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2018-06-14 200360]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-03-30 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2018-06-14 184184]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R3 AmdAS4;@oem31.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\WINDOWS\System32\drivers\AmdAS4.sys [2018-03-08 27016]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0319526.inf_amd64_958fe50acfef5f2a\atikmdag.sys [2018-03-08 36565896]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0319526.inf_amd64_958fe50acfef5f2a\atikmpag.sys [2018-03-08 520072]
R3 AtiHDAudioService;@oem21.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2017-04-18 101376]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
R3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-15 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 dtlitescsibus;@oem7.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-12-24 30264]
R3 dtliteusbbus;@oem2.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-12-24 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-04-23 5721088]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
R3 rt640x64;@oem35.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-04-23 1009128]
R3 RtkBtFilter;@oem12.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2017-07-20 723920]
R3 RTWlanE;@oem37.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2017-11-08 7895400]
R3 SmbDrv;SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [2017-08-24 45144]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2018-06-14 15872]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 amdkmcsp;@oem0.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [2017-06-12 101232]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-03-13 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 dg_ssudbus;@oem33.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 dot4;@oem5.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem10.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem5.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 H2OFFT;@oem34.inf,%WDF.SVCDESC%;WDF Insyde IO Device Driver; C:\WINDOWS\System32\drivers\H2OFFT64.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-05-08 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-03-30 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 RT8723DE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtl8723de.sys [2017-04-28 6763672]
S3 RTSUER;@oem9.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2017-04-27 420832]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2017-08-24 46680]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2017-10-26 155016]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2018-03-08 544136]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2017-04-14 134624]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_56d67;Uživatelská služba platformy připojených zařízení_56d67; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-05-24 8652976]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2018-06-14 2794224]
R2 HP Comm Recover;HP Comm Recovery; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [2016-10-07 1309184]
R2 HPJumpStartBridge;HP JumpStart Bridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [2017-05-23 471040]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2018-05-02 332656]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2017-07-13 628768]
R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2017-09-14 509904]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 OneSyncSvc_56d67;Hostitel synchronizace_56d67; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2018-04-23 324608]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-03-01 519152]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-12-15 3173568]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_56d67;Data kontaktů_56d67; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-13 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-13 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-09-29 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-13 143144]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_56d67;Tok zařízení_56d67; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-05-03 86016]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-01-18 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-13 153168]
S3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_56d67;Služba zasílání zpráv_56d67; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-05-24 212144]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_56d67;PrintWorkflow_56d67; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-03-30 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomaly notebuk-cekani na mezipamet

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

P.Stiller
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 20 srp 2009 15:46

Re: Pomaly notebuk-cekani na mezipamet

#3 Příspěvek od P.Stiller »

-------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-06-12.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-14-2018
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted ccjleegmemocfpghkhpjmiccjcacackp

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomaly notebuk-cekani na mezipamet

#4 Příspěvek od Rudy »

Toto je OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

P.Stiller
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 20 srp 2009 15:46

Re: Pomaly notebuk-cekani na mezipamet

#5 Příspěvek od P.Stiller »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by still (administrator) on LAPTOP-09SHGVMV (14-06-2018 14:32:35)
Running from C:\Users\still\Desktop
Loaded Profiles: still (Available Profiles: still)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(McAfee LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
() C:\Users\still\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Users\still\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\bcastdvr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2018-04-23] (Realtek Semiconductor)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709152 2018-03-22] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324592 2017-10-31] (HP)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek)
HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming.net)
HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\still\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\still\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263552 2017-12-15] (Disc Soft Ltd)
HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [575944 2017-12-14] (ZONER software)
HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\...\MountPoints2: {62d78f20-e7fd-11e7-994c-d46a6a441d70} - "F:\setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-03-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{23afc123-6360-4643-82bf-c6c43f59c11e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{38f74e50-a208-4950-aecc-2b0c78619210}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKLM -> {1117583D-586A-4358-B354-18823CF4CF5D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {1117583D-586A-4358-B354-18823CF4CF5D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1405063369-2110102350-2000997245-1001 -> {0F681667-B1B2-4DBA-9B9C-2FC32A71C57B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1405063369-2110102350-2000997245-1001 -> {1117583D-586A-4358-B354-18823CF4CF5D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1405063369-2110102350-2000997245-1001 -> {65824C22-FAD0-40CB-9277-7351D27F46DB} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1405063369-2110102350-2000997245-1001 -> {752DCB83-4624-4E09-803C-AF23CF773500} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1405063369-2110102350-2000997245-1001 -> {938E35DC-D4B0-497E-8FD1-5433C285E5D7} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1405063369-2110102350-2000997245-1001 -> {95F6E9C5-8CB4-4A5D-9EA9-8D94D6844934} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1405063369-2110102350-2000997245-1001 -> {AE3BE755-180D-4EA3-AA3B-5095B772F23F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1405063369-2110102350-2000997245-1001 -> {DA5F1534-743F-4F75-A046-AD7FCB3C649E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1405063369-2110102350-2000997245-1001 -> {E07021DC-5700-465F-8236-2FD6B1EAAA75} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1405063369-2110102350-2000997245-1001 -> {E34429FA-6C10-463D-8D3C-BC436C49CD6B} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-05-30] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-30] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/html/newTab.html"
CHR Profile: C:\Users\still\AppData\Local\Google\Chrome\User Data\Default [2018-06-14]
CHR Extension: (Prezentace) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-13]
CHR Extension: (Dokumenty) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-13]
CHR Extension: (Disk Google) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-13]
CHR Extension: (Seznam doplněk - Email) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-05-04]
CHR Extension: (YouTube) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-13]
CHR Extension: (Adobe Acrobat) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-12]
CHR Extension: (Tabulky) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-04]
CHR Extension: (Gmail) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-13]
CHR Extension: (Chrome Media Router) - C:\Users\still\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-14]
CHR HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-10-26] ()
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [134624 2017-04-14] (Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8652976 2018-05-24] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-13] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3173568 2017-12-15] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2794224 2018-06-14] (ESET)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [509904 2017-09-14] (McAfee LLC)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2018-04-23] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-08-24] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27016 2018-03-08] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0319526.inf_amd64_958fe50acfef5f2a\atikmdag.sys [36565896 2018-03-08] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0319526.inf_amd64_958fe50acfef5f2a\atikmpag.sys [520072 2018-03-08] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2017-04-18] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-24] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [267304 2018-06-14] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-06-14] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [200360 2018-06-14] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [184184 2018-06-14] (ESET)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1009128 2018-04-23] (Realtek )
S3 RT8723DE; C:\WINDOWS\System32\drivers\rtl8723de.sys [6763672 2017-04-28] (Realtek Semiconductor Corporation )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [723920 2017-07-20] (Realtek Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-04-27] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [7895400 2017-11-08] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [45144 2017-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [46680 2017-08-24] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30392 2017-10-31] (HP)
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-14 14:32 - 2018-06-14 14:33 - 000020980 _____ C:\Users\still\Desktop\FRST.txt
2018-06-14 14:32 - 2018-06-14 14:32 - 000000000 ____D C:\FRST
2018-06-14 14:31 - 2018-06-14 14:31 - 002413056 _____ (Farbar) C:\Users\still\Desktop\FRST64.exe
2018-06-14 12:53 - 2018-06-14 12:54 - 000000000 ____D C:\rsit
2018-06-14 12:53 - 2018-06-14 12:54 - 000000000 ____D C:\Program Files\trend micro
2018-06-14 12:37 - 2018-06-14 12:37 - 001222144 _____ C:\Users\still\Desktop\RSITx64.exe
2018-06-14 12:00 - 2018-06-14 12:00 - 000000000 ____D C:\Users\still\AppData\Local\ESET
2018-06-14 08:57 - 2018-06-14 08:58 - 000000000 ___HD C:\$WINDOWS.~BT
2018-06-13 23:53 - 2018-06-13 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-06-13 23:53 - 2018-06-13 23:53 - 000000000 ____D C:\ProgramData\ESET
2018-06-13 23:53 - 2018-06-13 23:53 - 000000000 ____D C:\Program Files\ESET
2018-06-13 23:14 - 2018-06-13 23:42 - 000000000 ____D C:\Users\still\Downloads\eset
2018-06-13 23:05 - 2018-06-13 23:05 - 000000000 ___HD C:\$SysReset
2018-06-13 16:04 - 2018-06-14 13:43 - 000000000 ____D C:\WINDOWS\Panther
2018-06-13 15:12 - 2018-06-13 15:13 - 015838840 _____ (Piriform Ltd) C:\Users\still\Downloads\ccsetup543.exe
2018-06-12 22:00 - 2018-06-12 22:00 - 000000000 ____D C:\Program Files\ATI Technologies
2018-06-12 22:00 - 2018-06-12 22:00 - 000000000 ____D C:\Program Files (x86)\AMD
2018-06-11 18:33 - 2018-06-13 13:47 - 000000000 ____D C:\Users\still\Downloads\zoufalky
2018-05-28 16:38 - 2018-05-28 16:38 - 000133767 _____ C:\Users\still\Downloads\Bělá nad Radbuzou cca rok 1900
2018-05-26 12:34 - 2018-05-26 12:34 - 000169332 _____ C:\Users\still\Downloads\3768573.pdf
2018-05-26 12:33 - 2018-05-26 12:33 - 000609460 _____ C:\Users\still\Downloads\5021208 (1).pdf
2018-05-26 12:33 - 2018-05-26 12:33 - 000609460 _____ C:\Users\still\Downloads\4984722.pdf
2018-05-26 12:33 - 2018-05-26 12:33 - 000609460 _____ C:\Users\still\Downloads\4932080.pdf
2018-05-26 12:33 - 2018-05-26 12:33 - 000609460 _____ C:\Users\still\Downloads\4932080 (1).pdf
2018-05-26 12:33 - 2018-05-26 12:33 - 000182412 _____ C:\Users\still\Downloads\4925942.pdf
2018-05-26 12:32 - 2018-05-26 12:32 - 000609460 _____ C:\Users\still\Downloads\5021208.pdf
2018-05-26 12:32 - 2018-05-26 12:32 - 000260886 _____ C:\Users\still\Downloads\32478739.pdf
2018-05-23 09:06 - 2018-05-23 09:06 - 000198883 _____ C:\Users\still\Downloads\6009804388 Pojistná smlouva.pdf
2018-05-23 09:04 - 2018-05-23 09:04 - 000840949 _____ C:\Users\still\Downloads\prilohy_49054.zip
2018-05-22 11:29 - 2018-05-22 11:29 - 000408501 _____ C:\Users\still\Downloads\36558902.pdf
2018-05-22 11:27 - 2018-05-22 11:27 - 000258222 _____ C:\Users\still\Downloads\36559836.pdf
2018-05-19 20:22 - 2018-05-19 20:22 - 000000000 ____D C:\Program Files (x86)\Steam
2018-05-19 20:19 - 2018-05-19 20:19 - 000000000 ____D C:\Users\still\AppData\Local\SniperV2
2018-05-19 20:18 - 2018-05-19 20:18 - 000000000 ____D C:\Users\still\AppData\Local\SKIDROW
2018-05-19 20:13 - 2018-06-12 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite V2
2018-05-19 20:13 - 2018-05-19 20:13 - 000001389 _____ C:\Users\Public\Desktop\Sniper Elite V2.lnk
2018-05-19 20:03 - 2018-05-19 20:03 - 000000000 ____D C:\Program Files (x86)\Rebellion
2018-05-18 20:10 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-18 19:10 - 2018-05-19 00:13 - 529989632 _____ C:\Users\still\Downloads\Sniper Elite V2.iso

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-14 13:43 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-06-14 13:30 - 2018-01-18 15:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-14 13:29 - 2017-10-05 03:31 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2018-06-14 13:29 - 2017-09-29 10:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-06-14 13:19 - 2018-01-18 14:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-14 12:13 - 2018-02-07 11:06 - 000007606 _____ C:\Users\still\AppData\Local\Resmon.ResmonCfg
2018-06-14 09:30 - 2018-01-18 15:27 - 000004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E5ECF6B8-4C53-4A00-A4FF-E1D290DB037B}
2018-06-14 08:59 - 2017-12-13 14:50 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-14 08:59 - 2017-12-13 14:50 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-14 08:33 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-14 08:32 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-14 00:08 - 2017-12-13 19:15 - 000000000 ____D C:\Users\still\AppData\Local\Avg
2018-06-14 00:08 - 2017-12-13 19:15 - 000000000 ____D C:\ProgramData\Avg
2018-06-14 00:05 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-06-14 00:04 - 2015-09-23 09:30 - 000267304 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-06-14 00:04 - 2015-09-23 09:30 - 000200360 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-06-14 00:04 - 2015-09-23 09:30 - 000184184 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfpr.sys
2018-06-14 00:04 - 2015-09-23 09:30 - 000015872 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2018-06-14 00:00 - 2018-03-07 12:39 - 000000000 ____D C:\Users\still\AppData\Local\CrashDumps
2018-06-13 23:55 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-06-13 23:48 - 2017-12-16 16:55 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-06-13 22:40 - 2017-12-14 14:55 - 000000000 ____D C:\Users\still\AppData\Roaming\Seznam.cz
2018-06-13 22:32 - 2018-01-18 14:47 - 000000000 ____D C:\Users\still
2018-06-13 22:26 - 2017-12-13 20:44 - 000000000 ____D C:\Users\still\AppData\Roaming\TS3Client
2018-06-13 22:26 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Registration
2018-06-13 22:24 - 2018-01-18 15:26 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2018-06-13 22:24 - 2018-01-18 15:26 - 000028578 _____ C:\WINDOWS\diagerr.xml
2018-06-13 18:32 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-13 15:28 - 2017-12-24 15:08 - 000000000 ____D C:\Users\still\AppData\Roaming\DAEMON Tools Lite
2018-06-13 15:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-13 14:35 - 2017-12-14 00:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-13 14:26 - 2017-12-14 00:50 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 14:15 - 2017-12-14 00:49 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-13 08:39 - 2018-01-12 18:10 - 000000000 ____D C:\ProgramData\AMD
2018-06-12 23:56 - 2018-04-02 12:05 - 000000000 ____D C:\Users\still\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2018-06-12 23:56 - 2017-12-13 14:10 - 000000000 ____D C:\Users\still\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2018-06-12 23:55 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-06-12 23:55 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-06-12 23:55 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-06-12 23:55 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-12 23:54 - 2018-03-04 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-06-12 23:54 - 2018-01-02 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firmware Update grStudio
2018-06-12 23:54 - 2017-12-24 15:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-06-12 23:54 - 2017-12-23 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhoenixRC
2018-06-12 23:54 - 2017-12-14 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-06-12 23:54 - 2017-12-13 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-06-12 23:54 - 2017-10-05 03:29 - 000000000 ____D C:\Program Files\AMD
2018-06-12 23:54 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-06-12 23:54 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-12 23:54 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-06-12 23:54 - 2017-05-18 03:41 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2018-06-12 23:54 - 2017-05-18 03:38 - 000000000 ____D C:\Program Files (x86)\HP
2018-06-12 23:54 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-06-12 23:34 - 2018-02-22 13:27 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForstill.job
2018-06-12 22:20 - 2018-01-18 15:23 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-06-12 22:12 - 2017-10-05 03:35 - 000000000 ____D C:\ProgramData\Realtek
2018-06-12 22:01 - 2017-04-01 07:38 - 001791056 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-06-12 21:59 - 2017-10-05 03:29 - 001702619 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2018-06-12 21:32 - 2018-03-08 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2018-06-12 20:39 - 2018-01-18 14:40 - 000000000 ____D C:\AMD
2018-06-11 20:33 - 2018-02-22 13:27 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForstill
2018-06-10 13:45 - 2018-01-18 14:46 - 002517340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-10 13:45 - 2017-09-30 16:31 - 001099504 _____ C:\WINDOWS\system32\perfh005.dat
2018-06-10 13:45 - 2017-09-30 16:31 - 000267990 _____ C:\WINDOWS\system32\perfc005.dat
2018-06-09 13:16 - 2017-05-18 03:44 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-06-09 13:16 - 2017-05-18 03:44 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-06-09 13:04 - 2017-05-18 12:23 - 000000000 ____D C:\SWSetup
2018-06-07 10:42 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-06-06 01:24 - 2018-05-09 04:09 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-06 01:24 - 2018-05-09 04:09 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-30 18:03 - 2017-05-18 03:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-05-19 19:47 - 2018-01-18 15:27 - 000004008 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-05-19 19:47 - 2018-01-18 15:27 - 000003776 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-05-18 19:48 - 2018-01-18 14:23 - 000466960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-18 19:44 - 2017-10-05 03:48 - 000000000 ____D C:\WINDOWS\HP
2018-05-18 19:42 - 2017-12-14 16:09 - 000000000 ____D C:\Users\still\Downloads\GRAUPNER
2018-05-17 14:02 - 2018-01-18 15:27 - 000003472 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-17 14:02 - 2018-01-18 15:27 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 19:59 - 2018-03-12 17:59 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-05-16 19:58 - 2018-03-12 17:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2018-02-07 11:06 - 2018-06-14 12:13 - 000007606 _____ () C:\Users\still\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-14 12:52

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomaly notebuk-cekani na mezipamet

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\...\MountPoints2: {62d78f20-e7fd-11e7-994c-d46a6a441d70} - "F:\setup.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

P.Stiller
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 20 srp 2009 15:46

Re: Pomaly notebuk-cekani na mezipamet

#7 Příspěvek od P.Stiller »

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by still (14-06-2018 16:17:21) Run:1
Running from C:\Users\still\Desktop
Loaded Profiles: still (Available Profiles: still)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\...\MountPoints2: {62d78f20-e7fd-11e7-994c-d46a6a441d70} - "F:\setup.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-1405063369-2110102350-2000997245-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62d78f20-e7fd-11e7-994c-d46a6a441d70}" => removed successfully
HKLM\Software\Classes\CLSID\{62d78f20-e7fd-11e7-994c-d46a6a441d70} => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 114190489 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 217749 B
Edge => 9728 B
Chrome => 154681902 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1016329 B
systemprofile32 => 0 B
LocalService => 7452 B
NetworkService => 1708 B
still => 10268719 B

RecycleBin => 0 B
EmptyTemp: => 276.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:21:55 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomaly notebuk-cekani na mezipamet

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

P.Stiller
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 20 srp 2009 15:46

Re: Pomaly notebuk-cekani na mezipamet

#9 Příspěvek od P.Stiller »

Rekl bych ze to bezi jak ma Dekuji Stiller

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomaly notebuk-cekani na mezipamet

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno