Restartlo pc a potom zacal mrznut windows

Zpráva

branno · #1 Příspěvek od **branno** » 28 srp 2019 13:53

Ahojte, prosim moze mi niekto pomoct? Zrazu mi zamrzol pc, modra obrazovka po restarte pytalo aktivaciu windowsu, pritom aktivovany bol, celkovo pocitac zacal mrznut, zmizla mi fotka z pracovnej plochy, prehliadac ani vypnut som prvykrat nemohol (horna lista nereagovala), celkovo windows zapinalo po restarte strasne dlho, pravdepodobne ide o nejaky virus, alebo systemovu chybu.

Pridavam log z rsit..
Pouzivam WIN 7 64bit, mam ho uz par rokov nainstalovany, doteraz ani raz som nemal problem.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Brano at 2019-08-28 14:52:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 128 GB (13%) free of 954 GB
Total RAM: 8144 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:53:03, on 28. 8. 2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
C:\Program Files (x86)\Internet Download Manager\IDMMsgHost.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Brano.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: STATISTICA Browser Helper - {990A8747-93BF-4EF7-B72E-94A6884B98C2} - C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: Web Accessibility Toolbar - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\PROGRA~2\ACCESS~1\ACCESS~1.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: Monitor Cartridge Alerts - HP DJ 2600 series.lnk = ?
O4 - Startup: Odoslanie do aplikácie OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Startup: Odoslanie do programu OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sparx Systems Keystore Service (Sparx Keystore) - Unknown owner - C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe

--
End of file - 13004 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x30c
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
atieclxx
taskeng.exe {58996817-5995-404E-80D5-F8BB34249109}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe"
WLIDSvcM.exe 1092
"taskhost.exe"
taskeng.exe {16B5CA23-F12F-4E88-8948-01096D1E5710}
"C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe"
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5fe69063-1d5a-4efc-978c-9e9bb271cce9 -SystemEventPortName:HostProcess-b7eb82d9-cfc9-44ee-90e9-97682f70f246 -IoCancelEventPortName:HostProcess-2fcde3c8-bcc1-46bc-91e1-cff98eb2f9d0 -NonStateChangingEventPortName:HostProcess-b817959a-d5bd-4e5a-ad76-1b0fe21d3183 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d96b7266-24f7-4049-80c6-5267947cc109 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url http://go.microsoft.com/fwlink/?LinkId= ... e=C004F009
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3756.0.1700387087\920761418" -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 3756 "\\.\pipe\gecko-crash-server-pipe.3756" 1140 gpu
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3756.14.1424859129\2111932668" -childID 3 -isForBrowser -prefsHandle 2992 -prefMapHandle 2996 -prefsLen 205 -prefMapSize 223289 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 3756 "\\.\pipe\gecko-crash-server-pipe.3756" 3024 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3756.27.656748568\237133525" -childID 4 -isForBrowser -prefsHandle 3400 -prefMapHandle 3404 -prefsLen 6058 -prefMapSize 223289 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 3756 "\\.\pipe\gecko-crash-server-pipe.3756" 3416 tab
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP DeskJet 2600 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN81S4B63V06PS;CONNECTION=USB;MONITOR=1;
"C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE" /tsr
taskeng.exe {3E164A38-2DE7-48F8-A020-122C134A7C10}
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files\ESET\ESET Smart Security\eguiproxy.exe" /hide
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Internet Download Manager\IDMMsgHost.exe" "C:\Program Files (x86)\Internet Download Manager\IDMMsgHostMoz.json" mozilla_cc3@internetdownloadmanager.com
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3756.62.522929712\2109729296" -childID 9 -isForBrowser -prefsHandle 4736 -prefMapHandle 4732 -prefsLen 6837 -prefMapSize 223289 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 3756 "\\.\pipe\gecko-crash-server-pipe.3756" 4748 tab
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3756.76.1031102709\1563403495" -childID 11 -isForBrowser -prefsHandle 4416 -prefMapHandle 4528 -prefsLen 6837 -prefMapSize 223289 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 3756 "\\.\pipe\gecko-crash-server-pipe.3756" 4072 tab
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe" /frequentupdate SCHEDULEDTASK displaylevel=False
"C:\Windows\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3756.83.917580915\664256768" -childID 12 -isForBrowser -prefsHandle 4280 -prefMapHandle 3580 -prefsLen 6886 -prefMapSize 223289 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 3756 "\\.\pipe\gecko-crash-server-pipe.3756" 5024 tab
taskeng.exe {108C8F72-B8F0-4EC2-A840-1C7955548386}
"C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe" /UA 19
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3756.90.403481713\1993559318" -childID 13 -isForBrowser -prefsHandle 4316 -prefMapHandle 9068 -prefsLen 6886 -prefMapSize 223289 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 3756 "\\.\pipe\gecko-crash-server-pipe.3756" 4712 tab
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Brano\Downloads\Programs\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate

=========Mozilla firefox=========

ProfilePath - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871

prefs.js - "browser.startup.homepage" - "www.google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.238 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.238 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-05-05 542264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26 221664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990A8747-93BF-4EF7-B72E-94A6884B98C2}]
STATISTICA Browser Helper - C:\Program Files\StatSoft\STATISTICA 12\StaBHO.dll [2014-04-19 286800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-08-02 971384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-05-05 461880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990A8747-93BF-4EF7-B72E-94A6884B98C2}]
STATISTICA Browser Helper - C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll [2014-04-18 238160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-08-02 685176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{11352A67-0178-46B1-8855-D50B2F81C054} - Web Accessibility Toolbar - C:\PROGRA~2\ACCESS~1\ACCESS~1.DLL [2007-06-19 427520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [2019-07-26 180448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CD Bremse"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-05-19 9773272]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2019-05-06 4064368]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-08-22 3210528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-02-15 2694320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28 500936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2017-05-19 9773272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /systray /nologon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-08-30 676608]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2017-04-11 225944]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-06-27 653648]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2017-03-23 2133216]

C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Monitor Cartridge Alerts - HP DJ 2600 series.lnk - C:\Windows\system32\RunDll32.exe
Odoslanie do aplikácie OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
Odoslanie do programu OneNote.lnk - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.bdmpeg"=bdmpega64.acm
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll

======File associations======

.js - edit -
.js - open - "C:\Program Files\JetBrains\PhpStorm 2018.2.4\bin\phpstorm64.exe" "%1"

======List of files/folders created in the last 1 month======

2019-08-28 14:52:51 ----D---- C:\rsit
2019-08-14 20:30:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2019-08-14 17:24:35 ----D---- C:\Program Files (x86)\Steam

======List of files/folders modified in the last 1 month======

2019-08-28 15:41:29 ----D---- C:\Windows\system32\LogFiles
2019-08-28 14:53:04 ----D---- C:\Windows\Temp
2019-08-28 14:52:58 ----D---- C:\Program Files\trend micro
2019-08-28 14:48:52 ----D---- C:\Windows\system32\Tasks
2019-08-28 14:47:10 ----D---- C:\Windows\Prefetch
2019-08-28 14:44:41 ----D---- C:\Windows\System32
2019-08-28 14:44:18 ----SHD---- C:\System Volume Information
2019-08-28 14:39:46 ----D---- C:\Windows
2019-08-28 11:06:44 ----D---- C:\Users\Brano\AppData\Roaming\DMCache
2019-08-26 16:17:30 ----D---- C:\Windows\system32\config
2019-08-17 20:36:28 ----D---- C:\Windows\Microsoft.NET
2019-08-17 20:02:48 ----SHD---- C:\Windows\Installer
2019-08-17 20:02:42 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-08-17 20:00:49 ----D---- C:\Program Files (x86)\Microsoft Office
2019-08-15 08:17:01 ----RD---- C:\Program Files (x86)
2019-08-15 08:17:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-08-14 22:08:29 ----D---- C:\Counter-Strike 1.6
2019-08-14 17:20:40 ----D---- C:\Program Files (x86)\Winamp
2019-08-14 17:14:30 ----RD---- C:\Program Files
2019-08-13 19:47:15 ----D---- C:\Windows\SysWOW64
2019-08-13 19:47:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-08-13 19:47:09 ----D---- C:\Windows\system32\Macromed
2019-08-13 19:47:04 ----D---- C:\Windows\SYSWOW64\Macromed
2019-08-09 21:50:59 ----D---- C:\Windows\inf
2019-08-09 21:50:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-08-09 21:43:51 ----D---- C:\Fraps
2019-08-04 13:48:00 ----D---- C:\Users\Brano\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-12-19 381440]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2019-07-26 149144]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2019-07-26 189232]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2019-07-26 113336]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2018-12-20 229296]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 47632]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-08-30 11833856]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-08-30 608768]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2012-08-20 138568]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2012-08-20 416072]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-04-24 96768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
S0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys []
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S3 aj4jdztv;aj4jdztv; C:\Windows\system32\drivers\aj4jdztv.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2018-01-12 120416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 158320]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2018-01-12 213088]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2017-08-30 27136]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2018-04-29 50136]
S4 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2018-04-29 82816]
S4 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2018-04-29 61520]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [2015-02-15 710320]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-08-30 241152]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 361984]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusti; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-08-08 11469920]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2019-07-26 2428848]
R2 Sparx Keystore;Sparx Systems Keystore Service; C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe [2014-05-19 446464]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 WsAppService;Wondershare Application Framework Service; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [2017-06-21 492768]
R2 WsDrvInst;Wondershare Driver Install Service; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [2017-06-22 118048]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-08-13 335416]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\elevation_service.exe [2019-08-06 1096176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-08-14 217632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 226304]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-01-25 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2017-03-04 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2019-08-22 1700128]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 28 srp 2019 14:40

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

branno · #3 Příspěvek od **branno** » 28 srp 2019 15:30

Zdravim, v priecinku AdCleaner som nasiel dva txt subory, jeden oznaceny C1 a druhy S1

C1

# AdwCleaner 7.0.6.0 - Logfile created on Tue Jan 16 22:48:58 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService

***** [ Files ] *****

Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll
Deleted: C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\searchplugins\google-lavasoft.xml
Deleted: C:\Users\All Users\Desktop\Free YouTube Downloader.lnk
Deleted: C:\Users\Brano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk
Deleted: C:\Users\Public\Desktop\Free YouTube Downloader.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
Deleted: [Key] - HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted: [Key] - HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Deleted: [Key] - HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [13452 B] - [2015/9/13 16:19:24]
C:/AdwCleaner/AdwCleaner[S1].txt - [4209 B] - [2015/9/13 16:17:44]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

S1

# AdwCleaner 7.0.6.0 - Logfile created on Tue Jan 16 22:48:39 2018
# Updated on 2017/21/12 by Malwarebytes
# Database: 01-16-2018.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.WebCompanion, C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService
PUP.Optional.WebCompanion, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService

***** [ Files ] *****

PUP.Optional.Legacy, C:\Windows\System32\lavasofttcpservice.dll
PUP.Optional.Legacy, C:\Windows\SysWOW64\lavasofttcpservice.dll
PUP.Optional.Legacy, C:\Windows\System32\LavasoftTcpServiceOff.ini
PUP.Optional.Legacy, C:\Windows\SysNative\LavasoftTcpServiceOff.ini
PUP.Optional.Legacy, C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
PUP.Optional.Legacy, C:\Windows\SysNative\LavasoftTcpService64.dll
PUP.Optional.Legacy, C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\searchplugins\google-lavasoft.xml
PUP.Optional.BestYouTubeDownloader, C:\Users\All Users\Desktop\Free YouTube Downloader.lnk
PUP.Optional.BestYouTubeDownloader, C:\Users\Brano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk
PUP.Optional.BestYouTubeDownloader, C:\Users\Public\Desktop\Free YouTube Downloader.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.OutBrowse, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
PUP.Optional.OutBrowse, [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
PUP.Optional.CrossRider, [Key] - HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.WebCompanion, [Key] - HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
PUP.Optional.WebCompanion, [Key] - HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
PUP.Optional.MultiPlug, [Key] - HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
PUP.Optional.MultiPlug, [Key] - HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [13452 B] - [2015/9/13 16:19:24]
C:/AdwCleaner/AdwCleaner[S1].txt - [12390 B] - [2015/9/13 16:17:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

Po ukonceni skenovania bola este moznost ulozit si vysledky, tak som dal a z toho je takyto log

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 28. 8. 2019
Čas skenovania: 16:01
Súbor denníka: 4f4da684-c99c-11e9-b917-c83a35db386a.json

-Údaje o softvéri-
Verzia: 3.8.3.2965
Verzia súčastí: 1.0.613
Aktualizovať verziu balíka: 1.0.12217
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x64
Systém súborov: NTFS
Používateľ: Brano-PC\Brano

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 332835
Zistené hrozby: 8
Hrozby umiestnené do karantény: 0
Uplynulý čas: 25 min, 23 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 1
PUP.Optional.YahooVNM, HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}, Bez zásahu používateľa, [6631], [245144],1.0.12217

Hodnota databázy Registry: 2
PUP.Optional.YahooVNM, HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|URL, Bez zásahu používateľa, [6631], [245144],1.0.12217
PUP.Optional.YahooVNM, HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|TOPRESULTURL, Bez zásahu používateľa, [6631], [245144],1.0.12217

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 5
Trojan.Agent.Trace, C:\WINDOWS\INF\NTVDM.INF, Bez zásahu používateľa, [3516], [248250],1.0.12217
Trojan.Downloader.E, C:\USERS\BRANO\APPDATA\ROAMING\SYSTEM32\PS.PS1, Bez zásahu používateľa, [3750], [634333],1.0.12217
PUP.Optional.OpenCandy, C:\USERS\BRANO\APPDATA\ROAMING\UTORRENT\UPDATES\3.4.3_40097.EXE, Bez zásahu používateľa, [1163], [157963],1.0.12217
HackTool.FilePatch, C:\USERS\BRANO\APPDATA\LOCAL\TEMP\RARSFX0\SETUP.EXE, Bez zásahu používateľa, [7635], [281135],1.0.12217
CrackTool.OnHax, C:\USERS\BRANO\DESKTOP\IDM + ACTIVATOR.RAR, Bez zásahu používateľa, [12706], [101952],1.0.12217

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)

(end)

Na zaver by som este dodal, ze ohladom toho, ze mi vybehuje hlaska ze musim si aktitovat windows (ktory som uz pred rokmi aktitoval) som nasiel nieco na oficialnej podpore windowsu, ze treba stopnut v services.msc sluzbu SoftwareProtection, tak som zvedavy ci aspon tento problem sa zatial vyriesi.

Co som si zatial este vsimol, tak tapetu na pracovnej ploche mi stale po par minutach zmaze bezdovodne.

#4 Příspěvek od **Rudy** » 28 srp 2019 15:54

Nalezené položky smažte a pak dejte nový log RSIT.

branno · #5 Příspěvek od **branno** » 28 srp 2019 15:58

Mam tam iba moznost vybrane dat do karanteny, nemam tam moznost zmazat, tak potom ako to vymazat?

#6 Příspěvek od **Rudy** » 28 srp 2019 16:56

OK, tak dejte do karantény, tam budou ty položky zcela neškodné.

branno · #7 Příspěvek od **branno** » 28 srp 2019 18:22

Potom v karantene sa to dalo natrvalo vymazat, cize vymazane.

Prikladám log, ale problem sa stale nevyriesil. Ked zapnem windows, tak mi stale nabehne hlaska, ze windows je nelegalny, pritom som si ho aktivoval pred asi 6 rokmi a bezproblemov ho pouzival doteraz, teraz chce product key vlozit novy, ziskat ho mam udajne tak, ze si zavolam na nejake cislo, ktore je ,,bezplatne".... Naposledy update na windowse som spravil v roku 2018, cize nechapem preco to nabieha, kedze v systeme nenastala ziadna zmena.
Celkovo aj mam pocit ze mrzne, resp. pomalsi ide windows, podstatne dlhsie spusta, vsetko to dnes nahle zacalo.
(ako som pisal na zaciatku, aj na oficialnej podpore Microsoftu sa to riesilo, spravil som podla ich navodu, ze som vypol sluzbu SoftwareProtection, ale nepomohlo to - tak ci nejde len o nejaky virus, dnes som par krat klikol na vyskakovaciu reklamu)

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 28. 8. 2019
Čas skenovania: 18:51
Súbor denníka: 2512b2a2-c9b4-11e9-abea-c83a35db386a.json

-Údaje o softvéri-
Verzia: 3.8.3.2965
Verzia súčastí: 1.0.613
Aktualizovať verziu balíka: 1.0.12221
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x64
Systém súborov: NTFS
Používateľ: Brano-PC\Brano

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 332828
Zistené hrozby: 0
Hrozby umiestnené do karantény: 0
Uplynulý čas: 26 min, 19 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 0
(Nezistili sa nijaké škodlivé položky)

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)

(end)

#8 Příspěvek od **Rudy** » 28 srp 2019 18:53

OK. Ten falšovaný soft: Pravděpodobně jste si nainstalovala nějakou aktualizaci, která to odhalila. Pokud je to tak (pokud nemáte orig. Windows), nemohu pokračovat, neboť nelegální Windows zde neřešíme (viz https://forum.viry.cz/viewtopic.php?f=12&t=115512 ). Máte-li sw pravý, budete muset řešit problém s tech. podporou MS.

branno · #9 Příspěvek od **branno** » 28 srp 2019 19:22

Vygooglil som si to cislo, vyzeralo byt prave, tak som tam zavolal a dobre urobil. Dali mi nove aktivacne cislo a windows je opat aktivovany a funkcny. Jediny mensi problem ostal, ze dlhsie spusta programy a celkovo trva dlhsie kym mozem pracovat vo windowse, toto by sa nejako nedalo prosim vas vyriesit? Respektive aspon vykonat nejaku este kontrolu pre istotu.
Kazdopadne dakujem zatial za vase pohotove odpovede a rady.

#10 Příspěvek od **Rudy** » 28 srp 2019 20:00

Jistě, budeme pokračovat. Dejte nový log RSIT.

branno · #11 Příspěvek od **branno** » 28 srp 2019 20:34

Nech sa paci,

Logfile of random's system information tool 1.10 (written by random/random)
Run by Brano at 2019-08-28 21:36:26
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 240 GB (25%) free of 954 GB
Total RAM: 8144 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:36:28, on 28. 8. 2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Brano.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: STATISTICA Browser Helper - {990A8747-93BF-4EF7-B72E-94A6884B98C2} - C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: Web Accessibility Toolbar - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\PROGRA~2\ACCESS~1\ACCESS~1.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: Monitor Cartridge Alerts - HP DJ 2600 series.lnk = ?
O4 - Startup: Odoslanie do aplikácie OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Startup: Odoslanie do programu OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sparx Systems Keystore Service (Sparx Keystore) - Unknown owner - C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe

--
End of file - 13164 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe"
"taskhost.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP DeskJet 2600 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN81S4B63V06PS;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Brano\AppData\Local\Steam\htmlcache" "-steampid=2220" "-buildid=1566431379" "-steamid=0" "-steamuniverse=Dev" "-clientui=C:\Program Files (x86)\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --num-raster-threads=4 --enable-direct-write --disablehighdpi --force-device-scale-factor=1 --device-scale-factor=1 "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Brano\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1566431379 --initial-client-data=0x164,0x168,0x16c,0x160,0x170,0x7fee0bff760,0x7fee0bff770,0x7fee0bff780
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=840,12233339310393517388,13088913426098883218,131072 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=sk-SK --force-device-scale-factor=1 --disablehighdpi --buildid=1566431379 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=5381838459167935113 --mojo-platform-channel-handle=860 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe"
WLIDSvcM.exe 2640
"C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-294d78fa-4e75-462d-9751-a39cd2c358dd -SystemEventPortName:HostProcess-6cf722a2-eba6-43ed-99c1-9b11329ba3e4 -IoCancelEventPortName:HostProcess-fc560f54-ebbf-44c4-87a8-bb886f51b4e6 -NonStateChangingEventPortName:HostProcess-4c38d75b-fa84-46f1-8da9-9fe630f7db31 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ad80c949-47fe-4cfd-9612-be19b0ff840e -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=840,12233339310393517388,13088913426098883218,131072 --service-pipe-token=6735117269734898961 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=sk --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --force-device-scale-factor=1 --disablehighdpi --buildid=1566431379 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=6735117269734898961 --renderer-client-id=4 --mojo-platform-channel-handle=1376 /prefetch:1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ESET\ESET Smart Security\eguiproxy.exe" /hide
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --force-device-scale-factor=1 --field-trial-handle=840,12233339310393517388,13088913426098883218,131072 --service-pipe-token=13889972267503863047 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=sk --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --force-device-scale-factor=1 --disablehighdpi --buildid=1566431379 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=13889972267503863047 --renderer-client-id=5 --mojo-platform-channel-handle=1836 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2644.0.2086193765\13386630" -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 2644 "\\.\pipe\gecko-crash-server-pipe.2644" 1412 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2644.3.518478183\570000040" -childID 1 -isForBrowser -prefsHandle 1616 -prefMapHandle 1612 -prefsLen 1 -prefMapSize 223230 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 2644 "\\.\pipe\gecko-crash-server-pipe.2644" 2052 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2644.20.443145850\1363918680" -childID 3 -isForBrowser -prefsHandle 3420 -prefMapHandle 3416 -prefsLen 6004 -prefMapSize 223230 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 2644 "\\.\pipe\gecko-crash-server-pipe.2644" 3468 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2644.265.823014030\1397781718" -childID 38 -isForBrowser -prefsHandle 8944 -prefMapHandle 8520 -prefsLen 8304 -prefMapSize 223230 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 2644 "\\.\pipe\gecko-crash-server-pipe.2644" 1804 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2644.419.1802560854\1490602300" -childID 60 -isForBrowser -prefsHandle 8648 -prefMapHandle 8392 -prefsLen 8477 -prefMapSize 223230 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 2644 "\\.\pipe\gecko-crash-server-pipe.2644" 8900 tab
C:\Windows\system32\wbem\wmiprvse.exe
taskhost.exe C:\Windows\system32\defrag.exe -c
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2644.426.2101777087\26450961" -childID 61 -isForBrowser -prefsHandle 2808 -prefMapHandle 4820 -prefsLen 8828 -prefMapSize 223230 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 2644 "\\.\pipe\gecko-crash-server-pipe.2644" 3780 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2644.433.740380937\161461326" -childID 62 -isForBrowser -prefsHandle 4760 -prefMapHandle 8680 -prefsLen 8828 -prefMapSize 223230 -parentBuildID 20190813150448 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 2644 "\\.\pipe\gecko-crash-server-pipe.2644" 4244 tab
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\AUDIODG.EXE 0x9c4
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Brano\Downloads\Programs\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate

=========Mozilla firefox=========

ProfilePath - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871

prefs.js - "browser.startup.homepage" - "www.google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.238 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.238 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-05-05 542264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26 221664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990A8747-93BF-4EF7-B72E-94A6884B98C2}]
STATISTICA Browser Helper - C:\Program Files\StatSoft\STATISTICA 12\StaBHO.dll [2014-04-19 286800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-08-02 971384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-05-05 461880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990A8747-93BF-4EF7-B72E-94A6884B98C2}]
STATISTICA Browser Helper - C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll [2014-04-18 238160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-08-02 685176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{11352A67-0178-46B1-8855-D50B2F81C054} - Web Accessibility Toolbar - C:\PROGRA~2\ACCESS~1\ACCESS~1.DLL [2007-06-19 427520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [2019-07-26 180448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CD Bremse"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-05-19 9773272]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2019-05-06 4064368]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-08-22 3210528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-02-15 2694320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28 500936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2017-05-19 9773272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /systray /nologon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-08-30 676608]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2017-04-11 225944]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-06-27 653648]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2017-03-23 2133216]

C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Monitor Cartridge Alerts - HP DJ 2600 series.lnk - C:\Windows\system32\RunDll32.exe
Odoslanie do aplikácie OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
Odoslanie do programu OneNote.lnk - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.bdmpeg"=bdmpega64.acm
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll

======File associations======

.js - edit -
.js - open - "C:\Program Files\JetBrains\PhpStorm 2018.2.4\bin\phpstorm64.exe" "%1"

======List of files/folders created in the last 1 month======

2019-08-28 20:19:59 ----A---- C:\Windows\system32\drivers\mbam.sys
2019-08-28 20:19:28 ----A---- C:\Windows\system32\drivers\farflt.sys
2019-08-28 20:19:19 ----A---- C:\Windows\system32\drivers\mwac.sys
2019-08-28 20:17:39 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2019-08-28 18:44:05 ----D---- C:\ProgramData\Microsoft Toolkit
2019-08-28 17:57:05 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2019-08-28 15:59:28 ----A---- C:\Windows\system32\drivers\mbae64.sys
2019-08-28 15:59:21 ----D---- C:\Program Files\Malwarebytes
2019-08-28 14:52:51 ----D---- C:\rsit
2019-08-14 20:30:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2019-08-14 17:24:35 ----D---- C:\Program Files (x86)\Steam

======List of files/folders modified in the last 1 month======

2019-08-28 21:36:27 ----D---- C:\Windows\Temp
2019-08-28 21:36:27 ----D---- C:\Program Files\trend micro
2019-08-28 21:36:03 ----D---- C:\Windows\Prefetch
2019-08-28 20:41:47 ----D---- C:\Windows\system32\config
2019-08-28 20:21:02 ----D---- C:\Windows\system32\Tasks
2019-08-28 20:19:59 ----D---- C:\Windows\system32\drivers
2019-08-28 20:17:42 ----D---- C:\Windows\System32
2019-08-28 20:15:00 ----D---- C:\Users\Brano\AppData\Roaming\DMCache
2019-08-28 18:44:05 ----HD---- C:\ProgramData
2019-08-28 17:53:13 ----D---- C:\Windows\SysWOW64
2019-08-28 17:53:03 ----D---- C:\Windows\inf
2019-08-28 17:53:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-08-28 17:13:08 ----D---- C:\AdwCleaner
2019-08-28 15:59:32 ----D---- C:\Windows
2019-08-28 15:59:21 ----RD---- C:\Program Files
2019-08-28 15:59:21 ----D---- C:\ProgramData\Malwarebytes
2019-08-28 15:41:29 ----D---- C:\Windows\system32\LogFiles
2019-08-28 14:44:18 ----SHD---- C:\System Volume Information
2019-08-17 20:36:28 ----D---- C:\Windows\Microsoft.NET
2019-08-17 20:02:48 ----SHD---- C:\Windows\Installer
2019-08-17 20:02:42 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-08-17 20:00:49 ----D---- C:\Program Files (x86)\Microsoft Office
2019-08-15 08:17:01 ----RD---- C:\Program Files (x86)
2019-08-15 08:17:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-08-14 22:08:29 ----D---- C:\Counter-Strike 1.6
2019-08-14 17:20:40 ----D---- C:\Program Files (x86)\Winamp
2019-08-13 19:47:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-08-13 19:47:09 ----D---- C:\Windows\system32\Macromed
2019-08-13 19:47:04 ----D---- C:\Windows\SYSWOW64\Macromed
2019-08-09 21:43:51 ----D---- C:\Fraps
2019-08-04 13:48:00 ----D---- C:\Users\Brano\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-12-19 381440]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2019-07-26 149144]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2019-07-26 189232]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2019-07-26 113336]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2019-01-08 153328]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2018-12-20 229296]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2019-08-28 199768]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 47632]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-08-30 11833856]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-08-30 608768]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2012-08-20 138568]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2012-08-20 416072]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-04-24 96768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2019-08-28 224408]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\DRIVERS\mbam.sys [2019-08-28 73584]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2019-08-28 275232]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2019-08-28 106344]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
S0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys []
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S3 alvmrvnx;alvmrvnx; C:\Windows\system32\drivers\alvmrvnx.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2018-01-12 120416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 158320]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2018-01-12 213088]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2017-08-30 27136]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2018-04-29 50136]
S4 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2018-04-29 82816]
S4 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2018-04-29 61520]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [2015-02-15 710320]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-08-30 241152]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 361984]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusti; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-08-08 11469920]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2019-07-26 2428848]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-06-26 6744288]
R2 Sparx Keystore;Sparx Systems Keystore Service; C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe [2014-05-19 446464]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 WsAppService;Wondershare Application Framework Service; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [2017-06-21 492768]
R2 WsDrvInst;Wondershare Driver Install Service; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [2017-06-22 118048]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2019-08-22 1700128]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-08-13 335416]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\elevation_service.exe [2019-08-06 1096176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-08-14 217632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 226304]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-01-25 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2017-03-04 5132888]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#12 Příspěvek od **Rudy** » 28 srp 2019 21:06

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]/64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CD Bremse"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= -
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

branno · #13 Příspěvek od **branno** » 29 srp 2019 12:11

Nech sa páči ->

All processes killed
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CD Bremse deleted successfully.
HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\"HP Software Update"|C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056] /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\""| - /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Brano
->Temp folder emptied: 13168499278 bytes
->Temporary Internet Files folder emptied: 13961742 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 1103399701 bytes
->Google Chrome cache emptied: 452617510 bytes
->Flash cache emptied: 2345 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Oco
->Temp folder emptied: 2593265 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 130955302 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2189830493 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 101666 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 11977559450 bytes

Total Files Cleaned = 27 695,00 mb

[EMPTYFLASH]

User: All Users

User: Brano
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Oco
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.21.0 log created on 08292019_130047

Files moved on Reboot...
C:\Users\Brano\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Brano\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\BRANO-PC-20190829-1218.log moved successfully.
C:\Windows\temp\mat-debug-1684.log moved successfully.
File C:\Windows\temp\officeclicktorun.exe_streamserver(20190829121824694).log not found!
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#14 Příspěvek od **Rudy** » 29 srp 2019 14:09

OK. Nastala nějaká změna?

branno · #15 Příspěvek od **branno** » 30 srp 2019 09:58

Stale to nejako dlhsie spusta, cize velmi nie. V msconfig som si aj vypol zbytocne programy pri starte.

VIRY.CZ

Restartlo pc a potom zacal mrznut windows

Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows

Re: Restartlo pc a potom zacal mrznut windows