Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zamzrlý notebook

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
Romiska
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 92
Registrován: 14 říj 2005 16:09

Zamzrlý notebook

#1 Příspěvek od Romiska »

Dobrý den, mohl bych poprosit o kontrolu a případně pomoc s notebookem, který je strašně pomalý ?

Zde je výpis, děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by HP at 2019-01-04 19:33:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 450 GB (65%) free of 692 GB
Total RAM: 3980 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:34:01, on 4.1.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19203)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\HP\AppData\Local\{FF517FD1-687C-40E5-A891-47A905947B1A}\OffersWizard.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\HP\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\Inf\MSASGui.exe
C:\windows\inf\msqtqt\msqtqt.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13879;https=127.0.0.1:13879
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NtVdmSrv] C:\windows\inf\ntvdm.vbe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [mncmhkrsnSrv] C:\windows\system32\mncmhkrsn.vbe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\HP\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\HP\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OffersWizard update] C:\Users\HP\AppData\Local\{FF517FD1-687C-40E5-A891-47A905947B1A}\OffersWizard.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Infigo Operator (InfigoOperator) - Unknown owner - C:\Program Files (x86)\Infigo\InfigoOperator.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\windows\SysWOW64\nethtsrv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\windows\SysWOW64\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\HP\AppData\Local\Torch\Update\TorchCrashHandler.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 16553 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
atieclxx
C:\windows\system32\WLANExt.exe 4531840
\??\C:\windows\system32\conhost.exe "13974822151101377822-1382156182544939995-1166518815567167165301281059207587277
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {F1B498CF-97C0-44A4-91CD-60E7214983BD}
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\System32\svchost.exe -k utcsvc
"c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\Infigo\InfigoOperator.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\Explorer.EXE
taskeng.exe {D403371E-4B5B-450E-8AAC-77B90D0A910F}
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\HP\AppData\Local\{FF517FD1-687C-40E5-A891-47A905947B1A}\OffersWizard.exe"
"C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
szndesktop.exe default start
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Users\HP\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe "-169946771714843742071531049191686139801-818911966-555594409-1006029164-1296092008
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
C:\windows\SysWOW64\nethtsrv.exe
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\windows\SysWOW64\PnkBstrA.exe
C:\windows\SysWOW64\PnkBstrB.exe
C:\windows\SysWOW64\netupdsrv.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\Users\HP\AppData\Local\Torch\Update\TorchCrashHandler.exe
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:3716
-Minimized
C:\windows\system32\wbem\wmiprvse.exe
C:\Windows\Inf\MSASGui.exe -o http://mint.bitminter.com:8332 -u daryl001_wrk004 -p hujavez111
C:\windows\inf\msqtqt\msqtqt.exe -o stratum+tcp://mint.bitminter.com:3333 -u kansasan_kansasboy -p desertpete
\??\C:\windows\system32\conhost.exe "16099972801696506266205562930726657568-8766597692128673307-1008374710-1366226162
\??\C:\windows\system32\conhost.exe "1319773836324058021-721169997-20960981231407469318-7216316586295601561296514596
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\servicing\TrustedInstaller.exe
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-508eed71-6c3d-4a82-91d4-28db7bb8e5f9 -SystemEventPortName:HostProcess-d9a978f3-d8c0-48bd-b05f-735889995676 -IoCancelEventPortName:HostProcess-2011582c-71db-4733-9687-2e4f48779996 -NonStateChangingEventPortName:HostProcess-d0570721-26a2-4e33-b2ba-7671188b2201 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:69342b49-ce2b-4d98-8a04-73faeb79da58 -DeviceGroupId:
"C:\windows\system32\makecab.exe" C:\windows\Logs\CBS\CbsPersist_20150831194508.log C:\windows\Logs\CBS\CbsPersist_20150831194508.cab
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
\??\C:\windows\system32\conhost.exe "669745783560976872266376943-194019711813054724231432973970-502516324-1069543864
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\MyPC Backup\BackupStack.exe"
C:\windows\system32\CompatTelRunner.exe
\??\C:\windows\system32\conhost.exe "201476069313160042282008553443-1598254484-985030594-1907026959-1780912188698333340
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MEPAIKJ4BkiNt+xH.1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Users\HP\AppData\Local\Google\Chrome\User Data\SwReporter\36.184.200\software_reporter_tool.exe" --session-id=sa5lBKpE5/63wJwSlp4Rj/VbSi7yR8yLZixchYzt --registry-suffix=URZA --srt-field-trial-group-name=NewCleanerUIExperiment
C:\windows\system32\sppsvc.exe
wmiadap.exe /F /T /R
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"c:\users\hp\appdata\local\google\chrome\user data\swreporter\36.184.200\software_reporter_tool.exe" --crash-handler "--database=c:\users\hp\appdata\local\Google\Software Reporter Tool" --url=https://clients2.google.com/cr/report --annotation=plat=Win32 --annotation=prod=ChromeFoil --annotation=ver=36.184.200 --initial-client-data=0x100,0x108,0x10c,0x104,0x110,0x13fb7bde0,0x13fb7bdf0,0x13fb7be00
"c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 52CCDC6B-5915-96D5-2ABD-DE0FC1E2BA53 -Reinvoke
"C:\Users\HP\Downloads\RSITx64.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\MyPC Backup\Updater.exe" service

======Scheduled tasks folder======

C:\windows\tasks\HPCeeScheduleForHP.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\67v6eavr.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://home.tb.ask.com/index.jhtml?ptb= ... wgodzyMAfw"
prefs.js - "keyword.URL" - "http://int.search.tb.ask.com/search/GGm ... searchfor="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\TorchVLC]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\HP\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\67v6eavr.default\extensions\
plugin@getwebcake.com
sko-extension@firma.seznam.cz
_4zMembers_@www.videodownloadconverter.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\67v6eavr.default\searchplugins\
ask-web-search.xml
Ask.xml
bingp.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22 122456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-08-08 1527496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-08-08 1527496]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-01-19 1016992]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2012-01-19 800416]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-03-26 170264]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-03-26 398616]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-03-26 439064]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2012-03-14 15232]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-03-05 1425408]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe []
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-08-26 2833504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
"cz.seznam.software.autoupdate"=C:\Users\HP\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\HP\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]
"OffersWizard update"=C:\Users\HP\AppData\Local\{FF517FD1-687C-40E5-A891-47A905947B1A}\OffersWizard.exe [2015-08-06 982016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-30 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-03-15 184704]
"File Sanitizer"=c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-22 12310616]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-08-08 1644744]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544]
"NtVdmSrv"=C:\windows\inf\ntvdm.vbe [2013-06-20 1219]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"mncmhkrsnSrv"=C:\windows\system32\mncmhkrsn.vbe []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-10-16 337184]
""= []
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2018-02-01 1194048]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe

C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-03-26 434688]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2019-01-04 19:33:39 ----D---- C:\rsit
2019-01-04 19:33:39 ----D---- C:\Program Files\trend micro
2018-12-17 23:01:38 ----A---- C:\windows\system32\mshtml.dll
2018-12-17 23:01:34 ----A---- C:\windows\SYSWOW64\mshtml.dll
2018-12-17 23:01:31 ----A---- C:\windows\system32\ieframe.dll
2018-12-17 23:01:29 ----A---- C:\windows\system32\wmp.dll
2018-12-17 23:01:27 ----A---- C:\windows\SYSWOW64\ieframe.dll
2018-12-17 23:01:26 ----A---- C:\windows\SYSWOW64\wmp.dll
2018-12-17 23:01:25 ----A---- C:\windows\system32\win32k.sys
2018-12-17 23:01:25 ----A---- C:\windows\system32\msxml3.dll
2018-12-17 23:01:25 ----A---- C:\windows\system32\jscript9.dll
2018-12-17 23:01:24 ----A---- C:\windows\SYSWOW64\msxml6.dll
2018-12-17 23:01:24 ----A---- C:\windows\system32\rpcrt4.dll
2018-12-17 23:01:24 ----A---- C:\windows\system32\ntoskrnl.exe
2018-12-17 23:01:23 ----A---- C:\windows\SYSWOW64\vbscript.dll
2018-12-17 23:01:23 ----A---- C:\windows\SYSWOW64\jscript.dll
2018-12-17 23:01:23 ----A---- C:\windows\system32\msxml6.dll
2018-12-17 23:01:23 ----A---- C:\windows\system32\jscript.dll
2018-12-17 23:01:22 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2018-12-17 23:01:21 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2018-12-17 23:01:21 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2018-12-17 23:01:21 ----A---- C:\windows\SYSWOW64\ntdll.dll
2018-12-17 23:01:21 ----A---- C:\windows\SYSWOW64\msxml3.dll
2018-12-17 23:01:21 ----A---- C:\windows\system32\vbscript.dll
2018-12-17 23:01:21 ----A---- C:\windows\system32\ntdll.dll
2018-12-17 23:01:21 ----A---- C:\windows\system32\gdi32.dll
2018-12-17 23:01:20 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2018-12-17 23:01:20 ----A---- C:\windows\system32\iedkcs32.dll
2018-12-17 23:01:19 ----A---- C:\windows\SYSWOW64\t2embed.dll
2018-12-17 23:01:19 ----A---- C:\windows\SYSWOW64\gdi32.dll
2018-12-17 23:01:19 ----A---- C:\windows\SYSWOW64\certcli.dll
2018-12-17 23:01:19 ----A---- C:\windows\SYSWOW64\atmfd.dll
2018-12-17 23:01:19 ----A---- C:\windows\system32\t2embed.dll
2018-12-17 23:01:19 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2018-12-17 23:01:19 ----A---- C:\windows\system32\hal.dll
2018-12-17 23:01:19 ----A---- C:\windows\system32\drivers\msrpc.sys
2018-12-17 23:01:19 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2018-12-17 23:01:19 ----A---- C:\windows\system32\drivers\ksecdd.sys
2018-12-17 23:01:19 ----A---- C:\windows\system32\certcli.dll
2018-12-17 23:01:19 ----A---- C:\windows\system32\atmfd.dll
2018-12-17 23:01:18 ----A---- C:\windows\system32\schannel.dll
2018-12-17 23:01:18 ----A---- C:\windows\system32\rstrui.exe
2018-12-17 23:01:18 ----A---- C:\windows\system32\lsasrv.dll
2018-12-17 23:01:18 ----A---- C:\windows\system32\conhost.exe
2018-12-17 23:01:18 ----A---- C:\windows\system32\advapi32.dll
2018-12-17 23:01:17 ----A---- C:\windows\SYSWOW64\wdigest.dll
2018-12-17 23:01:17 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2018-12-17 23:01:17 ----A---- C:\windows\SYSWOW64\schannel.dll
2018-12-17 23:01:17 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2018-12-17 23:01:17 ----A---- C:\windows\SYSWOW64\kerberos.dll
2018-12-17 23:01:17 ----A---- C:\windows\SYSWOW64\advapi32.dll
2018-12-17 23:01:17 ----A---- C:\windows\system32\winsrv.dll
2018-12-17 23:01:17 ----A---- C:\windows\system32\wdigest.dll
2018-12-17 23:01:17 ----A---- C:\windows\system32\TSpkg.dll
2018-12-17 23:01:17 ----A---- C:\windows\system32\srcore.dll
2018-12-17 23:01:17 ----A---- C:\windows\system32\smss.exe
2018-12-17 23:01:17 ----A---- C:\windows\system32\ncrypt.dll
2018-12-17 23:01:17 ----A---- C:\windows\system32\msv1_0.dll
2018-12-17 23:01:17 ----A---- C:\windows\system32\KernelBase.dll
2018-12-17 23:01:17 ----A---- C:\windows\system32\kernel32.dll
2018-12-17 23:01:17 ----A---- C:\windows\system32\kerberos.dll
2018-12-17 23:01:17 ----A---- C:\windows\system32\drivers\intelppm.sys
2018-12-17 23:01:16 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2018-12-17 23:01:16 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2018-12-17 23:01:16 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2018-12-17 23:01:16 ----A---- C:\windows\SYSWOW64\kernel32.dll
2018-12-17 23:01:16 ----A---- C:\windows\system32\rpchttp.dll
2018-12-17 23:01:16 ----A---- C:\windows\system32\drivers\processr.sys
2018-12-17 23:01:16 ----A---- C:\windows\system32\drivers\amdppm.sys
2018-12-17 23:01:16 ----A---- C:\windows\system32\drivers\amdk8.sys
2018-12-17 23:01:16 ----A---- C:\windows\system32\csrsrv.dll
2018-12-17 23:01:16 ----A---- C:\windows\system32\auditpol.exe
2018-12-17 23:01:16 ----A---- C:\windows\system32\appidapi.dll
2018-12-17 23:01:15 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2018-12-17 23:01:15 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2018-12-17 23:01:15 ----A---- C:\windows\SYSWOW64\jscript9.dll
2018-12-17 23:01:15 ----A---- C:\windows\SYSWOW64\auditpol.exe
2018-12-17 23:01:15 ----A---- C:\windows\SYSWOW64\appidapi.dll
2018-12-17 23:01:15 ----A---- C:\windows\system32\ntvdm64.dll
2018-12-17 23:01:15 ----A---- C:\windows\system32\mshtmlmedia.dll
2018-12-17 23:01:15 ----A---- C:\windows\system32\drivers\videoprt.sys
2018-12-17 23:01:15 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2018-12-17 23:01:15 ----A---- C:\windows\system32\appidsvc.dll
2018-12-17 23:01:14 ----A---- C:\windows\SYSWOW64\wininet.dll
2018-12-17 23:01:14 ----A---- C:\windows\SYSWOW64\sspicli.dll
2018-12-17 23:01:14 ----A---- C:\windows\SYSWOW64\setup16.exe
2018-12-17 23:01:14 ----A---- C:\windows\system32\wow64win.dll
2018-12-17 23:01:14 ----A---- C:\windows\system32\wininet.dll
2018-12-17 23:01:14 ----A---- C:\windows\system32\urlmon.dll
2018-12-17 23:01:14 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2018-12-17 23:01:13 ----A---- C:\windows\SYSWOW64\urlmon.dll
2018-12-17 23:01:13 ----A---- C:\windows\system32\wow64.dll
2018-12-17 23:01:13 ----A---- C:\windows\system32\sspicli.dll
2018-12-17 23:01:13 ----A---- C:\windows\system32\msfeeds.dll
2018-12-17 23:01:13 ----A---- C:\windows\system32\lsass.exe
2018-12-17 23:01:13 ----A---- C:\windows\system32\dxmasf.dll
2018-12-17 23:01:13 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2018-12-17 23:01:13 ----A---- C:\windows\system32\bcrypt.dll
2018-12-17 23:01:12 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2018-12-17 23:01:12 ----A---- C:\windows\system32\wow64cpu.dll
2018-12-17 23:01:12 ----A---- C:\windows\system32\sspisrv.dll
2018-12-17 23:01:12 ----A---- C:\windows\system32\spwmp.dll
2018-12-17 23:01:12 ----A---- C:\windows\system32\iertutil.dll
2018-12-17 23:01:12 ----A---- C:\windows\system32\cryptbase.dll
2018-12-17 23:01:11 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2018-12-17 23:01:11 ----A---- C:\windows\system32\wmploc.DLL
2018-12-17 23:01:11 ----A---- C:\windows\system32\drivers\appid.sys
2018-12-17 23:01:09 ----A---- C:\windows\SYSWOW64\spwmp.dll
2018-12-17 23:01:09 ----A---- C:\windows\SYSWOW64\bcrypt.dll
2018-12-17 23:01:09 ----A---- C:\windows\system32\srclient.dll
2018-12-17 23:01:09 ----A---- C:\windows\system32\setbcdlocale.dll
2018-12-17 23:01:09 ----A---- C:\windows\system32\secur32.dll
2018-12-17 23:01:08 ----A---- C:\windows\SYSWOW64\srclient.dll
2018-12-17 23:01:08 ----A---- C:\windows\SYSWOW64\secur32.dll
2018-12-17 23:01:08 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2018-12-17 23:01:08 ----A---- C:\windows\SYSWOW64\iertutil.dll
2018-12-17 23:01:08 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2018-12-17 23:01:08 ----A---- C:\windows\SYSWOW64\credssp.dll
2018-12-17 23:01:08 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2018-12-17 23:01:08 ----A---- C:\windows\system32\ieapfltr.dll
2018-12-17 23:01:08 ----A---- C:\windows\system32\credssp.dll
2018-12-17 23:01:08 ----A---- C:\windows\system32\appidpolicyconverter.exe
2018-12-17 23:01:08 ----A---- C:\windows\system32\apisetschema.dll
2018-12-17 23:01:07 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2018-12-17 23:01:07 ----A---- C:\windows\system32\ieui.dll
2018-12-17 23:01:07 ----A---- C:\windows\system32\dxtrans.dll
2018-12-17 23:01:07 ----A---- C:\windows\system32\appidcertstorecheck.exe
2018-12-17 23:01:06 ----A---- C:\windows\system32\webcheck.dll
2018-12-17 23:01:06 ----A---- C:\windows\system32\mshtmled.dll
2018-12-17 23:01:06 ----A---- C:\windows\system32\dxtmsft.dll
2018-12-17 23:01:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-17 23:01:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-12-17 23:01:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-17 23:01:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-12-17 23:01:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-17 23:01:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-12-17 23:01:05 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-12-17 23:01:05 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-17 23:01:05 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-17 23:01:05 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-12-17 23:01:05 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-12-17 23:01:05 ----A---- C:\windows\SYSWOW64\wow32.dll
2018-12-17 23:01:05 ----A---- C:\windows\SYSWOW64\webcheck.dll
2018-12-17 23:01:05 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2018-12-17 23:01:05 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2018-12-17 23:01:05 ----A---- C:\windows\SYSWOW64\ieui.dll
2018-12-17 23:01:05 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2018-12-17 23:01:05 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2018-12-17 23:01:05 ----A---- C:\windows\system32\occache.dll
2018-12-17 23:01:05 ----A---- C:\windows\system32\msrating.dll
2018-12-17 23:01:05 ----A---- C:\windows\system32\jsproxy.dll
2018-12-17 23:01:05 ----A---- C:\windows\system32\jscript9diag.dll
2018-12-17 23:01:05 ----A---- C:\windows\system32\inseng.dll
2018-12-17 23:01:05 ----A---- C:\windows\system32\ieUnatt.exe
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-12-17 23:01:04 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-12-17 23:01:04 ----A---- C:\windows\SYSWOW64\occache.dll
2018-12-17 23:01:04 ----A---- C:\windows\SYSWOW64\msrating.dll
2018-12-17 23:01:04 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2018-12-17 23:01:04 ----A---- C:\windows\SYSWOW64\instnm.exe
2018-12-17 23:01:04 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2018-12-17 23:01:04 ----A---- C:\windows\system32\MshtmlDac.dll
2018-12-17 23:01:04 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2018-12-17 23:01:04 ----A---- C:\windows\system32\iesetup.dll
2018-12-17 23:01:04 ----A---- C:\windows\system32\ieetwproxystub.dll
2018-12-17 23:01:04 ----A---- C:\windows\system32\ie4uinit.exe
2018-12-17 23:01:03 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-12-17 23:01:03 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-12-17 23:01:03 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-12-17 23:01:03 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-12-17 23:01:03 ----A---- C:\windows\SYSWOW64\user.exe
2018-12-17 23:01:03 ----A---- C:\windows\SYSWOW64\tzres.dll
2018-12-17 23:01:03 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2018-12-17 23:01:03 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-12-17 23:01:03 ----A---- C:\windows\SYSWOW64\inseng.dll
2018-12-17 23:01:03 ----A---- C:\windows\SYSWOW64\iesetup.dll
2018-12-17 23:01:03 ----A---- C:\windows\SYSWOW64\iernonce.dll
2018-12-17 23:01:03 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2018-12-17 23:01:03 ----A---- C:\windows\SYSWOW64\adtschema.dll
2018-12-17 23:01:03 ----A---- C:\windows\system32\tzres.dll
2018-12-17 23:01:03 ----A---- C:\windows\system32\lpk.dll
2018-12-17 23:01:03 ----A---- C:\windows\system32\iernonce.dll
2018-12-17 23:01:03 ----A---- C:\windows\system32\ieetwcollector.exe
2018-12-17 23:01:03 ----A---- C:\windows\system32\fontsub.dll
2018-12-17 23:01:03 ----A---- C:\windows\system32\adtschema.dll
2018-12-17 23:01:02 ----A---- C:\windows\SYSWOW64\msobjs.dll
2018-12-17 23:01:02 ----A---- C:\windows\SYSWOW64\msaudite.dll
2018-12-17 23:01:02 ----A---- C:\windows\SYSWOW64\lpk.dll
2018-12-17 23:01:02 ----A---- C:\windows\SYSWOW64\fontsub.dll
2018-12-17 23:01:02 ----A---- C:\windows\SYSWOW64\dciman32.dll
2018-12-17 23:01:02 ----A---- C:\windows\SYSWOW64\atmlib.dll
2018-12-17 23:01:02 ----A---- C:\windows\system32\msobjs.dll
2018-12-17 23:01:02 ----A---- C:\windows\system32\msaudite.dll
2018-12-17 23:01:02 ----A---- C:\windows\system32\dciman32.dll
2018-12-17 23:01:02 ----A---- C:\windows\system32\atmlib.dll
2018-12-17 23:01:01 ----A---- C:\windows\system32\ieetwcollectorres.dll
2018-12-17 23:01:00 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2018-12-17 23:01:00 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2018-12-17 23:01:00 ----A---- C:\windows\system32\msxml6r.dll
2018-12-17 23:01:00 ----A---- C:\windows\system32\msxml3r.dll
2018-12-17 22:07:49 ----D---- C:\ProgramData\McAfee Security Scan
2018-11-19 16:45:35 ----D---- C:\040520996158015f9aa6c2fc4e
2018-11-14 23:30:20 ----A---- C:\windows\SYSWOW64\itss.dll
2018-11-14 23:30:19 ----A---- C:\windows\system32\itss.dll
2018-11-14 23:30:18 ----A---- C:\windows\system32\themeui.dll
2018-11-14 23:30:15 ----A---- C:\windows\SYSWOW64\themeui.dll
2018-11-14 23:30:04 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2018-11-14 23:30:04 ----A---- C:\windows\system32\cdd.dll
2018-11-14 23:30:03 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2018-11-14 23:29:55 ----A---- C:\windows\system32\termsrv.dll
2018-11-14 23:29:53 ----A---- C:\windows\system32\drivers\ntfs.sys
2018-11-14 23:29:49 ----A---- C:\windows\system32\ole32.dll
2018-11-14 23:29:49 ----A---- C:\windows\system32\mssrch.dll
2018-11-14 23:29:49 ----A---- C:\windows\system32\aeinv.dll
2018-11-14 23:29:48 ----A---- C:\windows\system32\tquery.dll
2018-11-14 23:29:47 ----A---- C:\windows\SYSWOW64\tquery.dll
2018-11-14 23:29:47 ----A---- C:\windows\SYSWOW64\ole32.dll
2018-11-14 23:29:47 ----A---- C:\windows\SYSWOW64\mssrch.dll
2018-11-14 23:29:47 ----A---- C:\windows\SYSWOW64\msrd3x40.dll
2018-11-14 23:29:47 ----A---- C:\windows\system32\UtcResources.dll
2018-11-14 23:29:46 ----A---- C:\windows\system32\diagtrack.dll
2018-11-14 23:29:45 ----A---- C:\windows\SYSWOW64\itircl.dll
2018-11-14 23:29:45 ----A---- C:\windows\system32\rpcss.dll
2018-11-14 23:29:45 ----A---- C:\windows\system32\itircl.dll
2018-11-14 23:29:45 ----A---- C:\windows\system32\CompatTelRunner.exe
2018-11-14 23:29:44 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2018-11-14 23:29:44 ----A---- C:\windows\system32\SearchIndexer.exe
2018-11-14 23:29:43 ----A---- C:\windows\system32\mssvp.dll
2018-11-14 23:29:42 ----A---- C:\windows\system32\scrobj.dll
2018-11-14 23:29:42 ----A---- C:\windows\system32\mssphtb.dll
2018-11-14 23:29:41 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2018-11-14 23:29:41 ----A---- C:\windows\SYSWOW64\mssph.dll
2018-11-14 23:29:40 ----A---- C:\windows\SYSWOW64\scrobj.dll
2018-11-14 23:29:40 ----A---- C:\windows\system32\SearchProtocolHost.exe
2018-11-14 23:29:39 ----A---- C:\windows\SYSWOW64\SearchFilterHost.exe
2018-11-14 23:29:39 ----A---- C:\windows\system32\SearchFilterHost.exe
2018-11-14 23:29:39 ----A---- C:\windows\system32\mssph.dll
2018-11-14 23:29:39 ----A---- C:\windows\system32\d3d10warp.dll
2018-11-14 23:29:38 ----A---- C:\windows\SYSWOW64\wshcon.dll
2018-11-14 23:29:38 ----A---- C:\windows\SYSWOW64\wscript.exe
2018-11-14 23:29:38 ----A---- C:\windows\SYSWOW64\scrrun.dll
2018-11-14 23:29:38 ----A---- C:\windows\system32\scrrun.dll
2018-11-14 23:29:37 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2018-11-14 23:29:37 ----A---- C:\windows\SYSWOW64\cscript.exe
2018-11-14 23:29:36 ----A---- C:\windows\SYSWOW64\dispex.dll
2018-11-14 23:29:36 ----A---- C:\windows\system32\wscript.exe
2018-11-14 23:29:36 ----A---- C:\windows\system32\mssprxy.dll
2018-11-14 23:29:36 ----A---- C:\windows\system32\dispex.dll
2018-11-14 23:29:36 ----A---- C:\windows\system32\cscript.exe
2018-11-14 23:29:35 ----A---- C:\windows\SYSWOW64\mssvp.dll
2018-11-14 23:29:35 ----A---- C:\windows\SYSWOW64\comcat.dll
2018-11-14 23:29:35 ----A---- C:\windows\system32\wshcon.dll
2018-11-14 23:29:35 ----A---- C:\windows\system32\mssitlb.dll
2018-11-14 23:29:35 ----A---- C:\windows\system32\comcat.dll
2018-11-14 23:29:34 ----A---- C:\windows\SYSWOW64\mssphtb.dll
2018-11-14 23:29:34 ----A---- C:\windows\SYSWOW64\mssitlb.dll
2018-11-14 23:29:34 ----A---- C:\windows\system32\msshooks.dll
2018-11-14 23:29:34 ----A---- C:\windows\system32\msscntrs.dll
2018-11-14 23:29:33 ----A---- C:\windows\SYSWOW64\oleres.dll
2018-11-14 23:29:33 ----A---- C:\windows\SYSWOW64\mssprxy.dll
2018-11-14 23:29:33 ----A---- C:\windows\SYSWOW64\msshooks.dll
2018-11-14 23:29:33 ----A---- C:\windows\SYSWOW64\msscntrs.dll
2018-11-14 23:29:33 ----A---- C:\windows\system32\oleres.dll

======List of files/folders modified in the last 3 months======

2019-01-04 19:33:57 ----D---- C:\windows\System32
2019-01-04 19:33:57 ----D---- C:\windows\inf
2019-01-04 19:33:57 ----A---- C:\windows\system32\PerfStringBackup.INI
2019-01-04 19:33:39 ----RD---- C:\Program Files
2019-01-04 19:33:24 ----D---- C:\windows\Temp
2019-01-04 19:30:52 ----D---- C:\Users\HP\AppData\Roaming\Seznam.cz
2019-01-04 19:29:49 ----D---- C:\Users\HP\AppData\Roaming\Skype
2019-01-04 19:28:15 ----D---- C:\windows\system32\config
2019-01-04 19:28:14 ----D---- C:\ProgramData\PDFC
2019-01-04 19:27:26 ----D---- C:\ProgramData\TorchCrashHandler
2019-01-04 19:22:58 ----A---- C:\windows\SYSWOW64\log.txt
2019-01-04 19:22:45 ----D---- C:\Users\HP\AppData\Roaming\SoftGrid Client
2019-01-04 19:22:43 ----D---- C:\windows\Prefetch
2019-01-04 19:19:37 ----D---- C:\Program Files (x86)\VideoLAN
2019-01-04 19:13:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2019-01-04 19:13:23 ----D---- C:\Windows
2019-01-04 19:13:21 ----SHD---- C:\windows\Installer
2019-01-04 19:12:43 ----SHD---- C:\System Volume Information
2019-01-04 19:05:59 ----D---- C:\windows\Microsoft.NET
2019-01-04 19:00:16 ----D---- C:\windows\winsxs
2019-01-04 17:38:33 ----RSD---- C:\windows\assembly
2019-01-04 17:36:14 ----D---- C:\Program Files\Internet Explorer
2019-01-04 17:36:11 ----D---- C:\Program Files\Windows Media Player
2019-01-04 17:36:09 ----D---- C:\Program Files (x86)\Internet Explorer
2019-01-04 17:36:08 ----D---- C:\windows\SYSWOW64\cs-CZ
2019-01-04 17:36:08 ----D---- C:\Program Files (x86)\Windows Media Player
2019-01-04 17:36:05 ----D---- C:\windows\SYSWOW64\en-US
2019-01-04 17:36:04 ----D---- C:\windows\SysWOW64
2019-01-04 17:35:45 ----D---- C:\windows\system32\drivers
2019-01-04 17:35:43 ----D---- C:\windows\system32\cs-CZ
2019-01-04 17:35:37 ----D---- C:\windows\system32\en-US
2019-01-04 17:35:12 ----D---- C:\windows\AppPatch
2019-01-04 17:35:06 ----D---- C:\windows\system32\Boot
2019-01-04 17:35:02 ----D---- C:\windows\system32\DriverStore
2019-01-04 17:33:51 ----D---- C:\windows\system32\catroot2
2019-01-04 17:26:40 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2019-01-04 17:24:42 ----D---- C:\windows\system32\Macromed
2019-01-04 17:24:37 ----D---- C:\windows\system32\Tasks
2019-01-04 17:24:18 ----D---- C:\windows\SYSWOW64\Macromed
2019-01-04 17:22:34 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2018-12-17 22:08:05 ----D---- C:\Program Files\McAfee Security Scan
2018-12-17 22:07:50 ----HD---- C:\ProgramData
2018-12-10 23:04:09 ----N---- C:\windows\system32\MpSigStub.exe
2018-11-25 08:31:20 ----D---- C:\windows\SYSWOW64\migration
2018-11-25 08:30:06 ----D---- C:\windows\system32\migration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\windows\system32\DRIVERS\amdkmpfd.sys [2012-03-20 32896]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-03-16 30488]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2013-03-27 91432]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2013-03-27 158760]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-16 283200]
R1 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-03-16 43800]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-03-29 10859008]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-03-29 328704]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2012-01-19 36000]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2013-10-21 4022272]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2012-01-19 339616]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2012-01-19 110752]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2012-01-19 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2012-01-19 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2012-01-19 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2012-01-19 280992]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-01-19 550560]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2012-04-17 80384]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2012-03-26 14748416]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2015-04-22 176880]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2015-05-10 708200]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2012-03-26 2891512]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-03-05 536064]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2017-08-26 572504]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 ezkdisei;ezkdisei; \??\C:\windows\system32\drivers\ezkdisei.sys []
S1 ioujrgaz;ioujrgaz; \??\C:\windows\system32\drivers\ioujrgaz.sys []
S1 nethfdrv;nethfdrv; \??\C:\windows\system32\drivers\nethfdrv.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2012-01-31 64312]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-03-26 14748416]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2012-03-29 235520]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-01-19 106144]
R2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-11-13 53320]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-04-28 493904]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPFSService;File Sanitizer for HP ProtectTools; c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-03-16 33560]
R2 InfigoOperator;Infigo Operator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [2015-01-28 19720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2013-03-27 1327104]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-28 12784]
R2 NetHttpService;Network HTTP Support Service; C:\windows\SysWOW64\nethtsrv.exe [2015-07-31 350208]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2018-02-01 1795136]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2012-12-21 75064]
R2 PnkBstrB;PnkBstrB; C:\windows\syswow64\PnkBstrB.exe [2012-12-24 214520]
R2 ServiceUpdater;Network Support Service Updater; C:\windows\SysWOW64\netupdsrv.exe [2015-07-31 191488]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880]
R2 TorchCrashHandler;Torch Crash Handler; C:\Users\HP\AppData\Local\Torch\Update\TorchCrashHandler.exe [2014-10-29 1217032]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-11-02 2365792]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-03-20 2694224]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-15 1420160]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-26 276248]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-01-31 477056]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2018-11-13 116224]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [2018-12-11 405392]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-11-20 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zamzrlý notebook

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Romiska
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 92
Registrován: 14 říj 2005 16:09

Re: Zamzrlý notebook

#3 Příspěvek od Romiska »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-04-2019
# Duration: 00:00:18
# OS: Windows 7 Home Premium
# Scanned: 32243
# Detected: 141


***** [ Services ] *****

PUP.Optional.Legacy torchcrashhandler
PUP.Optional.Legacy ServiceUpdater
PUP.Optional.Legacy NetHttpService
PUP.Optional.Legacy BackupStack

***** [ Folders ] *****

Adware.Yontoo C:\ProgramData\Tarma Installer
PUP.Adware.Heuristic C:\Users\HP\AppData\Local\30409
PUP.MyWebSearch.Heuristic C:\Program Files (x86)\GAMINGWONDERLAND CHROME EXTENSION
PUP.Optional.Ask C:\ProgramData\Ask
PUP.Optional.Betcat C:\Users\HP\AppData\Roaming\Betcat
PUP.Optional.Legacy C:\Users\HP\AppData\Local\Temp\APNLogs
PUP.Optional.Legacy C:\ProgramData\torchcrashhandler
PUP.Optional.Legacy C:\Users\HP\AppData\Local\torch
PUP.Optional.Legacy C:\Users\HP\AppData\Local\imeshkoyotesoftmoviestoolbar
PUP.Optional.Legacy C:\Users\HP\AppData\LocalLow\imeshkoyotesoftmoviestoolbar
PUP.Optional.MyPCBackup C:\Program Files (x86)\MyPC Backup
PUP.Optional.MyPCBackup C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
PUP.Optional.OpenCandy C:\Users\HP\AppData\Roaming\OpenCandy
PUP.Optional.SoftwareUpdater.A C:\Users\HP\AppData\Local\SwvUpdater
PUP.Optional.Yontoo C:\Users\HP\AppData\Roaming\Web Cake

***** [ Files ] *****

PUP.Optional.Legacy C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\67v6eavr.default\searchplugins\bingp.xml
PUP.Optional.Legacy C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\67v6eavr.default\searchplugins\Ask.xml
PUP.Optional.Legacy C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\67v6eavr.default\searchplugins\ask-web-search.xml
PUP.Optional.Legacy C:\Windows\SysWOW64\installd.exe
PUP.Optional.Legacy C:\Windows\SysWOW64\hfpapi.dll
PUP.Optional.Legacy C:\Program Files (x86)\Common Files\config\uninstinethnfd.exe
PUP.Optional.Legacy C:\Windows\SysWOW64\hfnapi.dll
PUP.Optional.MyPCBackup C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
PUP.Optional.NetworkUpdate C:\Windows\SysWOW64\netupdsrv.exe
PUP.Optional.NetworkUpdate C:\Windows\SysWOW64\nethtsrv.exe
PUP.Optional.Reimage C:\Users\HP\Downloads\ReimageRepair.exe
PUP.Optional.Torch C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
PUP.Optional.Torch C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.MyPCBackup C:\Windows\System32\Tasks\LaunchSignup

***** [ Registry ] *****

PUP.MyWebSearch.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GamingWonderland Chrome Extension Uninstall
PUP.Optional.ASK.Gen HKCU\Software\APNDTX
PUP.Optional.Amonetize HKLM\Software\Classes\Updater.AmiUpd
PUP.Optional.Amonetize.A HKLM\Software\Wow6432Node\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
PUP.Optional.Amonetize.A HKLM\Software\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
PUP.Optional.Amonetize.A HKLM\Software\Wow6432Node\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
PUP.Optional.Amonetize.A HKLM\Software\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
PUP.Optional.BetterSurf HKLM\Software\Wow6432Node\Better-Surf
PUP.Optional.BetterSurf HKLM\Software\Wow6432Node\BetterSurf
PUP.Optional.DataMngr.AppFlsh HKCU\Software\DataMngr
PUP.Optional.DataMngr.AppFlsh HKLM\Software\Wow6432Node\DataMngr
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|OffersWizard update
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Better Surf Plus
PUP.Optional.Legacy HKCU\Software\imeshkoyotesoftmoviestoolbar
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
PUP.Optional.Legacy HKCU\Software\torch
PUP.Optional.Legacy HKLM\Software\Wow6432Node\torch
PUP.Optional.Legacy HKLM\Software\Tarma Installer
PUP.Optional.Legacy HKLM\Software\Wow6432Node\MediaViewV1
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Video Player
PUP.Optional.Legacy HKLM\Software\Wow6432Node\WebexpEnhancedV1
PUP.Optional.Legacy HKLM\Software\Wow6432Node\VideoPlayerV3
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaaigjndjblmpeckabiffcpogflfgl
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaafeopjhkcolncjbedbhofpocmdbn
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Clients\StartMenuInternet\Torch
PUP.Optional.Legacy HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
PUP.Optional.Legacy HKLM\Software\Wow6432Node\MozillaPlugins\TorchVLC
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\Applications\Torch.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D222DDD1-4EEC-4FC1-B06D-A4B9F8D48EE2}
PUP.Optional.Legacy HKLM\Software\Classes\dream.capture
PUP.Optional.Legacy HKLM\System\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService
PUP.Optional.MyPCBackup HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA90B5C5-DD4B-4BE2-AA63-EF6A8B51F193}
PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA90B5C5-DD4B-4BE2-AA63-EF6A8B51F193}
PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
PUP.Optional.OffersWizard HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
PUP.Optional.Revizer.PrxySvrRST HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4279202749-943463868-844345460-1001\Software\OffersWizard
PUP.Optional.Revizer.PrxySvrRST HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\OffersWizard
PUP.Optional.Revizer.PrxySvrRST HKCU\Software\OffersWizard
PUP.Optional.SearchProtect HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
PUP.Optional.SearchProtect HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
PUP.Optional.Torch HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5F14E84B-23D2-482D-9D6A-76C72C9D34F3}
PUP.Optional.Webexp HKLM\Software\Wow6432Node\Webexp Enhanced
PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Bandoo.AppFlsh Movies App
PUP.Optional.Ilivid iLivid
PUP.Optional.Legacy MSN Homepage & Bing Search Engine
PUP.Optional.Legacy bopakagnckmlgajfccecajhnimjiiedh

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zamzrlý notebook

#4 Příspěvek od Rudy »

OK Teď dejte logy FRST+Addition: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Romiska
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 92
Registrován: 14 říj 2005 16:09

Re: Zamzrlý notebook

#5 Příspěvek od Romiska »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2019
Ran by HP (administrator) on HP-HP (04-01-2019 22:23:14)
Running from C:\Users\HP\Downloads
Loaded Profiles: HP (Available Profiles: HP)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Windows\inf\MSASGui.exe
() C:\Windows\inf\msqtqt\msqtqt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\HP\Downloads\FRST64 (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [Printsrv] => c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184704 2012-03-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-22] (Hewlett-Packard)
HKLM-x32\...\Run: [NtVdmSrv] => C:\windows\inf\ntvdm.vbe [1219 2013-06-20] ()
HKLM-x32\...\Run: [Printsrv] => c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-05] ()
HKLM-x32\...\Run: [mncmhkrsnSrv] => C:\windows\SysWOW64\mncmhkrsn.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2018-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-04] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2012-01-31] (Hewlett-Packard Company)
HKU\S-1-5-21-4279202749-943463868-844345460-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-4279202749-943463868-844345460-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd)
HKU\S-1-5-21-4279202749-943463868-844345460-1001\...\MountPoints2: {5d0d3937-d3c7-11e2-b65a-74e543670da0} - H:\Startme.exe
HKLM\...\Drivers32-x32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-19] (Fox Magic Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Windows Mail\WinMail.exe [2009-07-14] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-04] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{438363A8-F486-4C37-834C-4955773CB3D3}] -> msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files (x86)\Windows Mail\WinMail.exe [2009-07-14] (Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-01-19] (Atheros Commnucations)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-01-19] (Atheros Commnucations)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2012-04-28] (DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{D75A25CD-0CCA-4C3C-A5E6-94039CC03B72}] -> C:\windows\system32\DPLic.dll [2012-04-28] (DigitalPersona, Inc.)
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2012-12-21]
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13876;https=127.0.0.1:13876
ProxyServer: [S-1-5-21-4279202749-943463868-844345460-1001] => http=127.0.0.1:13879;https=127.0.0.1:13879
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FC532D7F-C48A-415D-B2E1-A5B2CF13DF40}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-4279202749-943463868-844345460-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-4279202749-943463868-844345460-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
URLSearchHook: HKU\S-1-5-21-4279202749-943463868-844345460-1001 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=20&systemid=410&v=a15946-461&apn_uid=2923130445814533&apn_dtid=BND410&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=20&systemid=410&v=a15946-461&apn_uid=2923130445814533&apn_dtid=BND410&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {748A25E1-B3D8-4FD1-AC2A-5CB79758C36A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=e394155a-4020-4829-9a9f-b01a3a8eaee4&apn_sauid=F2DBC5FE-61C8-4744-8F45-BDE043BB3B71
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=20&systemid=410&v=a15946-461&apn_uid=2923130445814533&apn_dtid=BND410&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {F9962541-76F7-4C97-A668-CD68AB3483BC} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22] (Hewlett-Packard)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19] (Atheros Commnucations)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\67v6eavr.default [2019-01-04]
FF user.js: detected! => C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\67v6eavr.default\user.js [2019-01-04]
FF Homepage: Mozilla\Firefox\Profiles\67v6eavr.default -> hxxp://home.tb.ask.com/index.jhtml?ptb=D5E7D774-4F21-4866-B617-8C2E83E867A9&n=780d0b06&p2=^HJ^xdm007^YYA^cz&si=CKfxiezvtMICFUr4wgodzyMAfw
FF Extension: (Firefox Hotfix) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\67v6eavr.default\Extensions\firefox-hotfix@mozilla.org.xpi [2017-01-01] [Legacy]
FF Extension: (VideoDownloadConverter) - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\67v6eavr.default\Extensions\_4zMembers_@www.videodownloadconverter.com [2016-03-18] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha966.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha966\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta394.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta394\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha159.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha159\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha416.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha416\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha420.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha420\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha6793.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6793\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home396.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home396\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode743.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode743\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release841.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release841\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha763.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha763\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2015-04-22] [Legacy] [not signed]
FF HKU\S-1-5-21-4279202749-943463868-844345460-1001\...\Firefox\Extensions: [{85A9DD51-C7AB-8CCB-1BF6-9AF83F578FE1}] - C:\Program Files (x86)\ver2OffersWizard\190.xpi => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-04] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2019-01-04]
CHR Extension: (Disk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (Seznam doplněk - Email) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-11-26]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Bing) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-01-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (AdBlock) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-01-04]
CHR Extension: (Skype) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-20]
CHR Extension: (New window with tabs open) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcnjneakpboeehbdelhbbngnkdbhmikg [2017-01-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-08]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-04]
CHR HKU\S-1-5-21-4279202749-943463868-844345460-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaaigjndjblmpeckabiffcpogflfgl] - C:\Users\HP\AppData\Local\imeshkoyotesoftmoviestoolbar\GC\toolbar.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [aplpilpcjieglgfgfamoanlojbjiacap] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode743\ch\MediaBuzzV1mode743.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bcodfnhfdjbjdlgefnocjnddlkfpkihk] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha966\ch\WebexpEnhancedV1alpha966.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cebmkknjfbodglifaocebakbbkpbafpn] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha763\ch\TrustMediaViewerV1alpha763.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eajkbpchnjjpgpgpmmpadhknfkfcodnh] - C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\GamingWonderland@mindspark.com <not found>
CHR HKLM-x32\...\Chrome\Extension: [elkegfahbfnglehibahalhalelepljck] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6793\ch\MediaViewV1alpha6793.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [emcpffkjccpmkkjpgcjhogejhoaoljid] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha420\ch\MediaViewV1alpha420.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fjgohbnbmilnlenamemkbdefcpagpopk] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta394\ch\VideoPlayerV3beta394.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [klhffgpnkibhialdcgnjcnciogbhhjco] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha416\ch\MediaViewerV1alpha416.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mehppllcjblajlpeeiipfcelehcmpild] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home396\ch\MediaWatchV1home396.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-04] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-04] (AVAST Software)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-04-28] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-01-31] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
S2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [19720 2015-01-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-03-27] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-28] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1795136 2018-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75064 2012-12-21] ()
R2 PnkBstrB; C:\windows\SysWOW64\PnkBstrB.exe [214520 2012-12-24] ()
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37304 2019-01-04] (AVAST Software)
S3 aswArPot; C:\windows\System32\drivers\aswArPot.sys [203488 2019-01-04] (AVAST Software)
S3 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-04] (AVAST Software)
S3 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [196264 2019-01-04] (AVAST Software)
S3 aswblog; C:\windows\System32\drivers\aswblog.sys [320888 2019-01-04] (AVAST Software)
S3 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [58160 2019-01-04] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [239808 2019-01-04] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46584 2019-01-04] (AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42488 2019-01-04] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [166472 2019-01-04] (AVAST Software)
S3 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111992 2019-01-04] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [88144 2019-01-04] (AVAST Software)
S3 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1034056 2019-01-04] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [474648 2019-01-04] (AVAST Software)
S3 aswStm; C:\windows\System32\drivers\aswStm.sys [218056 2019-01-04] (AVAST Software)
S3 aswVmm; C:\windows\System32\drivers\aswVmm.sys [380144 2019-01-04] (AVAST Software)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-16] (DT Soft Ltd)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91432 2013-03-27] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-03-27] (McAfee, Inc.)
R1 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-27] (Microsoft Corporation)
R3 SPUVCbv; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2891512 2012-03-26] (Sunplus Technology)
U3 aswbdisk; no ImagePath
S1 ezkdisei; \??\C:\windows\system32\drivers\ezkdisei.sys [X]
S1 ioujrgaz; \??\C:\windows\system32\drivers\ioujrgaz.sys [X]
S1 nethfdrv; \??\C:\windows\system32\drivers\nethfdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-04 22:22 - 2019-01-04 22:23 - 000037890 _____ C:\Users\HP\Downloads\Addition.txt
2019-01-04 22:22 - 2019-01-04 22:23 - 000031701 _____ C:\Users\HP\Downloads\FRST.txt
2019-01-04 22:19 - 2019-01-04 22:22 - 000037891 _____ C:\Users\HP\Desktop\Addition.txt
2019-01-04 22:12 - 2019-01-04 22:23 - 000000000 ____D C:\FRST
2019-01-04 22:12 - 2019-01-04 22:22 - 000071997 _____ C:\Users\HP\Desktop\FRST.txt
2019-01-04 22:10 - 2019-01-04 22:11 - 002426368 _____ (Farbar) C:\Users\HP\Downloads\FRST64 (1).exe
2019-01-04 22:09 - 2019-01-04 22:10 - 002426368 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2019-01-04 21:40 - 2019-01-04 21:40 - 000015943 _____ C:\Users\HP\Documents\AdwCleaner[S00].txt
2019-01-04 21:39 - 2019-01-04 21:40 - 007320272 _____ (Malwarebytes) C:\Users\HP\Downloads\adwcleaner_7.2.6.0 (1).exe
2019-01-04 21:37 - 2019-01-04 21:58 - 000000000 ____D C:\AdwCleaner
2019-01-04 21:36 - 2019-01-04 21:37 - 007320272 _____ (Malwarebytes) C:\Users\HP\Desktop\adwcleaner_7.2.6.0.exe
2019-01-04 21:19 - 2019-01-04 21:19 - 000000000 ____D C:\Users\HP\AppData\Roaming\AVAST Software
2019-01-04 21:18 - 2019-01-04 21:18 - 000000000 ____D C:\Users\HP\AppData\Local\CEF
2019-01-04 21:08 - 2019-01-04 21:08 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-04 21:08 - 2019-01-04 21:08 - 000002003 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2019-01-04 21:08 - 2019-01-04 21:08 - 000000000 ____D C:\Users\HP\AppData\Local\AVAST Software
2019-01-04 21:08 - 2019-01-04 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-01-04 21:05 - 2019-01-04 21:05 - 000000000 ____D C:\windows\System32\Tasks\Avast Software
2019-01-04 21:04 - 2019-01-04 21:04 - 000003910 _____ C:\windows\System32\Tasks\Avast Emergency Update
2019-01-04 21:03 - 2019-01-04 21:01 - 000474648 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2019-01-04 21:03 - 2019-01-04 21:01 - 000380144 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2019-01-04 21:03 - 2019-01-04 21:01 - 000239808 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2019-01-04 21:03 - 2019-01-04 21:01 - 000218056 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2019-01-04 21:03 - 2019-01-04 21:01 - 000203488 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2019-01-04 21:03 - 2019-01-04 21:01 - 000166472 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2019-01-04 21:03 - 2019-01-04 21:01 - 000111992 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2019-01-04 21:03 - 2019-01-04 21:01 - 000088144 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2019-01-04 21:03 - 2019-01-04 21:01 - 000046584 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2019-01-04 21:03 - 2019-01-04 21:00 - 001034056 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2019-01-04 21:03 - 2019-01-04 21:00 - 000042488 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2019-01-04 21:03 - 2019-01-04 21:00 - 000037304 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2019-01-04 21:03 - 2019-01-04 20:59 - 000320888 _____ (AVAST Software) C:\windows\system32\Drivers\aswblog.sys
2019-01-04 21:03 - 2019-01-04 20:59 - 000220688 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2019-01-04 21:03 - 2019-01-04 20:59 - 000196264 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2019-01-04 21:03 - 2019-01-04 20:59 - 000058160 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2019-01-04 21:02 - 2019-01-04 21:00 - 000361352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2019-01-04 21:01 - 2019-01-04 21:01 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-01-04 20:59 - 2019-01-04 20:59 - 000002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-04 20:59 - 2019-01-04 20:59 - 000002255 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-01-04 20:57 - 2019-01-04 20:57 - 000880208 _____ (Google Inc.) C:\Users\HP\Downloads\ChromeSetup (1).exe
2019-01-04 20:56 - 2019-01-04 21:01 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-04 20:56 - 2019-01-04 20:56 - 000003870 _____ C:\windows\System32\Tasks\CCleaner Update
2019-01-04 20:56 - 2019-01-04 20:56 - 000002796 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2019-01-04 20:56 - 2019-01-04 20:56 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-04 20:56 - 2019-01-04 20:56 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-01-04 20:56 - 2019-01-04 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-04 20:56 - 2019-01-04 20:56 - 000000000 ____D C:\Program Files\CCleaner
2019-01-04 20:56 - 2019-01-04 20:56 - 000000000 ____D C:\Program Files\AVAST Software
2019-01-04 20:53 - 2019-01-04 20:54 - 018177128 _____ (Piriform Software Ltd) C:\Users\HP\Downloads\ccsetup550.exe
2019-01-04 19:53 - 2019-01-04 19:54 - 001222144 _____ C:\Users\HP\Downloads\RSITx64 (2).exe
2019-01-04 19:53 - 2019-01-04 19:53 - 001222144 _____ C:\Users\HP\Downloads\RSITx64 (1).exe
2019-01-04 19:43 - 2019-01-04 19:43 - 000078290 _____ C:\Users\HP\Documents\výs.txt
2019-01-04 19:43 - 2019-01-04 19:43 - 000022227 _____ C:\Users\HP\Documents\info.txt
2019-01-04 19:33 - 2019-01-04 19:54 - 000000000 ____D C:\Program Files\trend micro
2019-01-04 19:33 - 2019-01-04 19:34 - 000000000 ____D C:\rsit
2019-01-04 19:32 - 2019-01-04 19:33 - 001222144 _____ C:\Users\HP\Downloads\RSITx64.exe
2019-01-04 19:03 - 2019-01-04 19:22 - 000000000 ____D C:\Users\HP\Documents\Bluetooth Folder
2018-12-17 23:01 - 2018-12-06 03:39 - 003227648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-12-17 23:01 - 2018-11-28 23:02 - 014635520 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2018-12-17 23:01 - 2018-11-28 23:02 - 012574720 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2018-12-17 23:01 - 2018-11-28 23:02 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2018-12-17 23:01 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2018-12-17 23:01 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2018-12-17 23:01 - 2018-11-28 22:50 - 012574208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2018-12-17 23:01 - 2018-11-28 22:50 - 011411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2018-12-17 23:01 - 2018-11-28 22:38 - 000008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2018-12-17 23:01 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2018-12-17 23:01 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2018-12-17 23:01 - 2018-11-15 20:46 - 000397088 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-12-17 23:01 - 2018-11-15 19:55 - 000348976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-12-17 23:01 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-12-17 23:01 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-12-17 23:01 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-12-17 23:01 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-12-17 23:01 - 2018-11-13 05:54 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-12-17 23:01 - 2018-11-13 05:54 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-12-17 23:01 - 2018-11-13 05:42 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-12-17 23:01 - 2018-11-13 05:41 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-12-17 23:01 - 2018-11-13 05:40 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-12-17 23:01 - 2018-11-13 05:40 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-12-17 23:01 - 2018-11-13 05:39 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-12-17 23:01 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-12-17 23:01 - 2018-11-13 05:33 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-12-17 23:01 - 2018-11-13 05:32 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-12-17 23:01 - 2018-11-13 05:30 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-12-17 23:01 - 2018-11-13 05:28 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-12-17 23:01 - 2018-11-13 05:28 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-12-17 23:01 - 2018-11-13 05:28 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-12-17 23:01 - 2018-11-13 05:28 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-12-17 23:01 - 2018-11-13 05:26 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2018-12-17 23:01 - 2018-11-13 05:21 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-12-17 23:01 - 2018-11-13 05:18 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-12-17 23:01 - 2018-11-13 05:13 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2018-12-17 23:01 - 2018-11-13 05:13 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2018-12-17 23:01 - 2018-11-13 05:13 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2018-12-17 23:01 - 2018-11-13 05:12 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-12-17 23:01 - 2018-11-13 05:11 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-12-17 23:01 - 2018-11-13 05:11 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-12-17 23:01 - 2018-11-13 05:10 - 002295808 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-12-17 23:01 - 2018-11-13 05:10 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-12-17 23:01 - 2018-11-13 05:07 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-12-17 23:01 - 2018-11-13 05:07 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2018-12-17 23:01 - 2018-11-13 05:06 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-12-17 23:01 - 2018-11-13 05:06 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2018-12-17 23:01 - 2018-11-13 05:05 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2018-12-17 23:01 - 2018-11-13 05:05 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-12-17 23:01 - 2018-11-13 05:04 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-12-17 23:01 - 2018-11-13 05:03 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-12-17 23:01 - 2018-11-13 05:03 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-12-17 23:01 - 2018-11-13 05:03 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2018-12-17 23:01 - 2018-11-13 04:55 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2018-12-17 23:01 - 2018-11-13 04:53 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-12-17 23:01 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-12-17 23:01 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-12-17 23:01 - 2018-11-13 04:51 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-12-17 23:01 - 2018-11-13 04:51 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-12-17 23:01 - 2018-11-13 04:50 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-12-17 23:01 - 2018-11-13 04:50 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2018-12-17 23:01 - 2018-11-13 04:50 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2018-12-17 23:01 - 2018-11-13 04:49 - 002136064 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-12-17 23:01 - 2018-11-13 04:47 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2018-12-17 23:01 - 2018-11-13 04:47 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-12-17 23:01 - 2018-11-13 04:46 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-12-17 23:01 - 2018-11-13 04:44 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2018-12-17 23:01 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-12-17 23:01 - 2018-11-13 04:39 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2018-12-17 23:01 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-12-17 23:01 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-12-17 23:01 - 2018-11-13 04:37 - 002059776 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-12-17 23:01 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-12-17 23:01 - 2018-11-13 04:36 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2018-12-17 23:01 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-12-17 23:01 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-12-17 23:01 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-12-17 23:01 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-12-17 23:01 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-12-17 23:01 - 2018-11-11 18:19 - 000631680 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-12-17 23:01 - 2018-11-11 18:02 - 000262376 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-12-17 23:01 - 2018-11-11 18:01 - 005551848 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-12-17 23:01 - 2018-11-11 18:01 - 000708328 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-12-17 23:01 - 2018-11-11 18:01 - 000366824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2018-12-17 23:01 - 2018-11-11 18:01 - 000154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-12-17 23:01 - 2018-11-11 18:01 - 000095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-12-17 23:01 - 2018-11-11 18:00 - 001664360 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2018-12-17 23:01 - 2018-11-11 17:58 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:49 - 004054760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2018-12-17 23:01 - 2018-11-11 17:49 - 003960040 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2018-12-17 23:01 - 2018-11-11 17:47 - 001314104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000275968 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2018-12-17 23:01 - 2018-11-11 17:45 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:25 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-12-17 23:01 - 2018-11-11 17:25 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-12-17 23:01 - 2018-11-11 17:25 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-12-17 23:01 - 2018-11-11 17:24 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-12-17 23:01 - 2018-11-11 17:20 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2018-12-17 23:01 - 2018-11-11 17:20 - 000129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-12-17 23:01 - 2018-11-11 17:19 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-12-17 23:01 - 2018-11-11 17:19 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2018-12-17 23:01 - 2018-11-11 17:16 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-12-17 23:01 - 2018-11-11 17:16 - 000160768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-12-17 23:01 - 2018-11-11 17:16 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-12-17 23:01 - 2018-11-11 17:15 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-12-17 23:01 - 2018-11-11 17:15 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2018-12-17 23:01 - 2018-11-11 17:15 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2018-12-17 23:01 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2018-12-17 23:01 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2018-12-17 23:01 - 2018-11-11 17:15 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-12-17 23:01 - 2018-11-11 17:15 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2018-12-17 23:01 - 2018-11-11 17:15 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2018-12-17 23:01 - 2018-11-11 17:15 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2018-12-17 23:01 - 2018-11-11 17:15 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2018-12-17 23:01 - 2018-11-11 17:14 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2018-12-17 23:01 - 2018-11-11 17:13 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:13 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:13 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-12-17 23:01 - 2018-11-11 17:13 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-12-17 23:01 - 2018-11-08 17:58 - 002009600 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-12-17 23:01 - 2018-11-08 17:58 - 001889280 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-12-17 23:01 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2018-12-17 23:01 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2018-12-17 23:01 - 2018-11-08 17:43 - 001391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-12-17 23:01 - 2018-11-08 17:43 - 001241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-12-17 23:01 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2018-12-17 23:01 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2018-12-17 23:01 - 2018-11-06 05:36 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2018-12-17 23:01 - 2018-11-06 05:20 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2018-12-17 23:01 - 2018-10-06 17:03 - 000383720 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2018-12-17 23:01 - 2018-10-06 16:59 - 000151552 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-12-17 23:01 - 2018-10-06 16:59 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2018-12-17 23:01 - 2018-10-06 16:58 - 000100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2018-12-17 23:01 - 2018-10-06 16:58 - 000046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2018-12-17 23:01 - 2018-10-06 16:58 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2018-12-17 23:01 - 2018-10-06 16:50 - 000309480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2018-12-17 23:01 - 2018-10-06 16:44 - 000111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-12-17 23:01 - 2018-10-06 16:44 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2018-12-17 23:01 - 2018-10-06 16:43 - 000071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2018-12-17 23:01 - 2018-10-06 16:43 - 000010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2018-12-17 23:01 - 2018-10-06 16:16 - 000034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2018-12-17 22:08 - 2018-12-17 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2018-12-17 22:07 - 2018-12-17 22:08 - 000000000 ____D C:\ProgramData\McAfee Security Scan

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-04 22:14 - 2009-07-14 05:45 - 000028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-04 22:14 - 2009-07-14 05:45 - 000028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-04 22:09 - 2012-04-17 05:18 - 000671668 _____ C:\windows\system32\perfh005.dat
2019-01-04 22:09 - 2012-04-17 05:18 - 000142938 _____ C:\windows\system32\perfc005.dat
2019-01-04 22:09 - 2009-07-14 06:13 - 001592698 _____ C:\windows\system32\PerfStringBackup.INI
2019-01-04 22:09 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2019-01-04 22:04 - 2012-04-17 06:33 - 000000000 ____D C:\ProgramData\PDFC
2019-01-04 22:02 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-01-04 21:33 - 2012-12-16 13:25 - 000000000 ____D C:\Users\HP\AppData\Roaming\DAEMON Tools Lite
2019-01-04 21:32 - 2012-12-13 17:22 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2019-01-04 21:32 - 2012-12-04 19:44 - 000000000 ____D C:\windows\Minidump
2019-01-04 21:32 - 2011-02-11 06:14 - 000000000 ____D C:\windows\Panther
2019-01-04 20:59 - 2012-11-25 12:47 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-04 20:41 - 2015-12-26 12:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-01-04 20:38 - 2012-11-13 15:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\ArcSoft
2019-01-04 20:38 - 2012-07-17 03:31 - 000000000 ____D C:\Program Files (x86)\Arcsoft
2019-01-04 20:35 - 2012-11-25 12:46 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-04 20:35 - 2012-11-25 12:46 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-04 20:35 - 2012-07-17 03:46 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2019-01-04 20:30 - 2013-02-02 17:21 - 000000000 ____D C:\ProgramData\Apple Computer
2019-01-04 20:30 - 2013-02-02 17:21 - 000000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2019-01-04 20:24 - 2013-01-06 14:58 - 000000000 ____D C:\Users\HP\AppData\Local\PokerStars
2019-01-04 20:24 - 2013-01-06 14:58 - 000000000 ____D C:\Program Files (x86)\PokerStars
2019-01-04 20:23 - 2013-07-08 20:07 - 000000000 ____D C:\Users\HP\AppData\Roaming\Seznam.cz
2019-01-04 20:22 - 2013-07-08 20:08 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2019-01-04 20:17 - 2012-12-21 12:12 - 000000000 ____D C:\Program Files (x86)\Activision
2019-01-04 20:17 - 2012-04-17 06:42 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-01-04 20:03 - 2012-07-17 03:57 - 000000000 ____D C:\ProgramData\WinZip
2019-01-04 20:03 - 2012-04-17 06:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2019-01-04 20:01 - 2012-07-17 03:55 - 000000000 ____D C:\ProgramData\Skype
2019-01-04 20:00 - 2012-11-15 07:05 - 000000000 ____D C:\Users\HP\AppData\Roaming\Skype
2019-01-04 19:22 - 2012-11-26 17:13 - 000000000 ____D C:\Users\HP\AppData\Roaming\SoftGrid Client
2019-01-04 19:19 - 2013-07-08 20:28 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2019-01-04 19:18 - 2013-01-18 16:40 - 000000000 ____D C:\Users\mamka
2019-01-04 19:03 - 2009-07-14 06:09 - 000000000 ____D C:\windows\System32\Tasks\WPD
2019-01-04 19:02 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-01-04 18:57 - 2009-07-14 05:45 - 000267368 _____ C:\windows\system32\FNTCACHE.DAT
2019-01-04 17:26 - 2012-04-17 06:24 - 001568348 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2019-01-04 17:24 - 2013-01-18 17:17 - 000000000 ____D C:\windows\system32\Macromed
2019-01-04 17:24 - 2012-04-17 06:34 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-12-17 22:51 - 2018-08-29 21:51 - 000003168 _____ C:\windows\System32\Tasks\HPCeeScheduleForHP
2018-12-17 22:51 - 2018-08-29 21:51 - 000000320 _____ C:\windows\Tasks\HPCeeScheduleForHP.job
2018-12-17 22:08 - 2015-11-11 14:11 - 000000000 ____D C:\Program Files\McAfee Security Scan
2018-12-10 23:04 - 2010-11-21 04:27 - 000592616 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-08-05 21:38 - 2014-08-05 21:38 - 000000000 _____ () C:\Users\HP\AppData\Local\{6672820D-F504-4787-8578-7BBB00DCDA34}
2017-01-14 22:25 - 2017-01-14 22:25 - 000000000 _____ () C:\Users\HP\AppData\Local\{CEA56BF9-9D77-432D-9DB7-C5DEEC4F0D0F}

Some files in TEMP:
====================
2019-01-04 20:09 - 2006-10-17 04:20 - 000253952 _____ (Electronic Arts Inc.) C:\Users\HP\AppData\Local\Temp\eauninstall.exe
2019-01-04 20:09 - 2006-09-23 05:10 - 000073728 _____ (Electronic Arts Inc.) C:\Users\HP\AppData\Local\Temp\Need for Speed Carbon_uninst.exe
2019-01-04 20:24 - 2013-01-06 14:58 - 000352256 _____ () C:\Users\HP\AppData\Local\Temp\_unps.exe
2015-06-09 19:00 - 2019-01-04 20:22 - 000534528 _____ () C:\Users\HP\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-10 01:18

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by HP (04-01-2019 22:23:48)
Running from C:\Users\HP\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-31 13:42:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4279202749-943463868-844345460-500 - Administrator - Disabled)
Guest (S-1-5-21-4279202749-943463868-844345460-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4279202749-943463868-844345460-1003 - Limited - Enabled)
HP (S-1-5-21-4279202749-943463868-844345460-1001 - Administrator - Enabled) => C:\Users\HP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Avast Antivirus (Disabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Avast Antivirus (Disabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{8642397F-CF08-6B30-A477-A039BBAA511E}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.38 - ArcSoft)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.120 - Atheros)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1025 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{C13E90B0-4E1C-11DB-6784-0152EAA218BE}) (Version: 1.3 - Activision)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.0.0.4 - Hewlett-Packard Company)
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.41.36204 - Hewlett-Packard Company)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 4.5.4 (HKLM-x32\...\{550BFF6E-7376-11E1-99EA-984BE15F174E}) (Version: 4.5.4.6487 - Evernote Corp.)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 7.2.1.4548 - Hewlett-Packard Company) Hidden
Face Recognition for HP ProtectTools (HKLM\...\Face Recognition for HP ProtectTools) (Version: 7.2.1.4548 - Hewlett-Packard Company)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{5B4F3B85-83F0-4BBF-9052-7A38B6B09634}) (Version: 5.0.8.0 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{22706ADC-74A1-43A0-ABAE-47F84966B909}) (Version: 4.2.50.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{A351CC1B-C92C-4F37-8109-9F6D33ACF5EF}) (Version: 1.1.1.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 8.1.1.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.8.12 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{7F7E2060-7212-4A53-9875-55173E4BA3F0}) (Version: 5.0.21.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.1.1199 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{658A8756-7B1E-44FD-A434-D777DD906232}) (Version: 8.5.2.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 3.0.0.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6392.0 - IDT)
Infigo (HKLM-x32\...\Infigo) (Version: 1.28.0.4 - MAVIN LOG, S.L.)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.895.1 - McAfee, Inc.)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1012 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft 1.4 Free Full Download version for Windows (HKLM-x32\...\{27FC7515-C484-8EDD-138A-4C8AB096036B}_is1) (Version: for Windows - )
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.33 - PDF Complete, Inc)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Privacy Manager for HP ProtectTools (HKLM\...\{CA2F6FAD-D8CD-42C1-B04D-6E5B1B1CFDCC}) (Version: 7.0.0.865 - Hewlett-Packard Company)
PX Profile Update (HKLM-x32\...\{89FC4558-3689-C109-772E-3A6D5B96F019}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.30.042 - Portrait Displays, Inc.) Hidden
SevenZip (HKLM-x32\...\SevenZip) (Version: 9.20 - SevenZip)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company)
Validity Fingerprint Sensor Driver (HKLM\...\{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}) (Version: 4.4.213.0 - Validity Sensors, Inc.)
VLC Media Player 1.00 (HKLM-x32\...\VLC Media Player 1.00) (Version: - )
VLC MEDIA player cz plna verze zdarma version for Windows (HKLM-x32\...\{3DB29091-B9B9-6676-7717-3AFC66AA18C8}_is1) (Version: for Windows - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-04] (AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-01-19] (Atheros Commnucations)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-04] (AVAST Software)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2011-06-15] (Microsoft Corporation)
ContextMenuHandlers1: [ShredContextMenu] -> {85EFA470-665A-4322-AB1E-1EB9C70F61C8} => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll [2013-03-06] ()
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2011-06-15] (Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-04] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-01-19] (Atheros Commnucations)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2011-06-15] (Microsoft Corporation)
ContextMenuHandlers4: [ShredContextMenu] -> {85EFA470-665A-4322-AB1E-1EB9C70F61C8} => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll [2013-03-06] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-03-30] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2012-03-26] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-04] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A0DE397-599C-4388-8571-7F7F5820462F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {0D1197E6-695D-444F-9786-09006C3EB04D} - System32\Tasks\{159BF8D0-8089-46B0-AA2E-DB4641170514} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\VLC MEDIA player cz plna verze zdarma\VLC MEDIA player cz plna verze zdarma.exe" -d "C:\Program Files (x86)\VLC MEDIA player cz plna verze zdarma"
Task: {1FC9BC09-90B9-4D6A-A42B-9EC3D2C0372A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-04] (AVAST Software)
Task: {25BA6C07-2BD3-4287-BBEF-C5AFD70A6F81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {49FDD32A-161D-4909-9A9F-6F05F1CEAECF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-28] (Piriform Software Ltd)
Task: {4B4C8554-B43F-4423-987C-446FC1EC27F1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-28] (Piriform Ltd)
Task: {5248C0A4-0EBB-47FA-BAB7-DEDFF3E20192} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5E0F3C7E-A6F7-49A9-A989-068A30D95F97} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-28] (Microsoft Corporation)
Task: {5FD65B43-906B-4D8F-A639-31F57AA4A828} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {734D1CB9-7CF8-41DB-9503-3AD49A0AA70F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-04] (AVAST Software)
Task: {80BF2D85-4DBC-48F3-BD7F-15E5F7C00A70} - System32\Tasks\HPCeeScheduleForHP => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {CD9641CE-DDBD-4337-AEBA-88CFC86BA528} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {FD1F6005-C6A3-457E-A5C8-BBA1D39721E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2013-11-04] (Hewlett-Packard Company)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\HPCeeScheduleForHP.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SevenZip 9.20\Visit SevenZip website.lnk -> hxxp://www.sevenzip.info

==================== Loaded Modules (Whitelisted) ==============

2012-01-17 15:57 - 2012-01-17 15:57 - 000298368 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2013-03-27 11:11 - 2013-03-27 11:11 - 003346432 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2010-09-06 12:18 - 2010-09-06 12:18 - 001412608 _____ () C:\windows\system32\LIBEAY32.dll
2013-03-27 10:26 - 2013-03-27 10:26 - 000141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2019-01-04 21:00 - 2019-01-04 21:00 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-04 21:10 - 2019-01-04 21:10 - 006914704 _____ () C:\Program Files\AVAST Software\Avast\defs\19010402\algo64.dll
2019-01-04 21:00 - 2019-01-04 21:00 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-04 21:01 - 2019-01-04 21:01 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-04 21:00 - 2019-01-04 21:00 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2012-03-26 13:33 - 2012-03-26 13:33 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-03-27 10:28 - 2013-03-27 10:28 - 001327104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2012-12-21 12:57 - 2012-12-21 12:57 - 000075064 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-12-21 12:58 - 2012-12-24 14:18 - 000214520 _____ () C:\windows\SysWOW64\PnkBstrB.exe
2013-07-08 20:06 - 2013-04-05 11:26 - 000528398 _____ () C:\Windows\Inf\MSASGui.exe
2013-07-08 20:06 - 2013-06-07 12:45 - 000568334 ____S () C:\windows\inf\msqtqt\msqtqt.exe
2019-01-04 21:08 - 2019-01-04 21:08 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-12-26 21:20 - 2011-12-26 21:20 - 000016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-03-30 07:07 - 2012-03-30 07:07 - 000369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-10 22:26 - 2012-02-10 22:26 - 001083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2012-07-17 03:28 - 2012-03-28 18:38 - 000128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2018-12-17 23:30 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-17 23:30 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2013-03-27 10:54 - 2013-03-27 10:54 - 002854912 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-03-27 10:26 - 2013-03-27 10:26 - 000126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-03-27 10:52 - 2013-03-27 10:52 - 003035136 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2013-03-27 10:57 - 2013-03-27 10:57 - 002867200 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-03-27 10:55 - 2013-03-27 10:55 - 000053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-03-27 10:30 - 2013-03-27 10:30 - 002043904 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-03-27 10:31 - 2013-03-27 10:31 - 001949696 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-07-08 20:06 - 2013-04-05 11:26 - 000192512 _____ () C:\Windows\Inf\libidn-11.dll
2013-07-08 20:06 - 2013-04-05 11:26 - 000084992 _____ () C:\Windows\Inf\zlib1.dll
2013-07-08 20:06 - 2013-06-07 12:45 - 000279955 ____S () C:\windows\inf\msqtqt\libidn-11.dll
2013-07-08 20:06 - 2013-06-07 12:45 - 000084992 ____S () C:\windows\inf\msqtqt\zlib1.dll
2011-04-08 17:57 - 2011-04-08 17:57 - 000514570 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2018-12-17 22:58 - 2018-12-17 22:58 - 000172032 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\118f9da258169b8fde161d724c8ca1d9\IsdiInterop.ni.dll
2012-04-17 06:27 - 2012-02-02 02:25 - 000059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-07-17 03:27 - 2012-03-28 18:18 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-12-17 22:08 - 000000905 _____ C:\windows\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\
HKU\S-1-5-21-4279202749-943463868-844345460-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{55CEFC87-AC98-4A27-A207-DAC2E96FE653}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe No File
FirewallRules: [UDP Query User{83EE544A-DD9D-486D-8AA4-900E6E6DA3C6}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe No File
FirewallRules: [{25FD30A3-B072-40A3-9E27-BFFC12E1B4D9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{38E343BE-EC35-4B02-82B1-F8A646D75D4C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{FD9C0F9B-0116-42B9-8FA6-178C53CF8900}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{63DA5F75-A8AF-4758-A8D6-E53222BA0464}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{1705641F-147B-414A-90A8-013743954C84}] => (Allow) C:\Users\HP\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe No File
FirewallRules: [TCP Query User{C9479993-3702-4550-AD3A-48549371F4AC}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe No File
FirewallRules: [UDP Query User{5FC65131-06C5-49B8-96A3-A2FAB814956D}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Block) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe No File
FirewallRules: [TCP Query User{1F3A3F80-DA05-490E-9C60-D73E6CDDD846}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe No File
FirewallRules: [UDP Query User{17883CE3-C242-4257-B86E-D741EE30975E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe No File
FirewallRules: [{DC494A31-5A66-4C26-AF16-58A475A46780}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{36421443-AC1C-4884-98ED-87E39C340BFA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{86461E52-3051-426B-9A94-26CE7F7DA12C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{A99D4D8D-3DBA-449A-ADC6-7A0744993214}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{EEC66B44-077F-4F83-9EC2-E7E3831F602D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

==================== Restore Points =========================

28-10-2018 15:38:55 Windows Update
14-11-2018 23:31:39 Windows Update
19-11-2018 16:34:19 Windows Update
25-11-2018 08:47:25 Windows Update
26-11-2018 19:10:12 Windows Update
17-12-2018 23:02:02 Windows Update
04-01-2019 17:11:37 Windows Update
04-01-2019 19:10:33 Removed Call of Duty(R) 2
04-01-2019 19:56:30 Removed Skype™ 7.0
04-01-2019 20:01:33 Removed WinZip 15.0
04-01-2019 20:05:52 Odebráno: TuneUp Utilities 2013
04-01-2019 20:08:01 Odebráno: TuneUp Utilities Language Pack (cs-CZ)
04-01-2019 20:14:40 Removed Prototype(TM)
04-01-2019 20:25:27 Removed iTunes
04-01-2019 20:31:07 Removed Apple Application Support
04-01-2019 20:32:14 Removed Apple Software Update
04-01-2019 20:33:21 Removed ArcSoft TotalMedia.
04-01-2019 20:38:31 Removed Apple Mobile Device Support

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: nethfdrv
Description: nethfdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nethfdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2019 10:04:40 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
Registrace balíčku technologie Klikni a spusť se nezdařila.

Error: (01/04/2019 10:04:39 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {tid=111C}
Aplikaci Application Virtualization Client se nepodařilo připojit k adrese URL datového proudu http://c2r.microsoft.com/ConsumerC2R/cs ... 4.5000.sft (návratový kód 2460420A-40002EFD, původní návratový kód 2460420A-40002EFD).

Error: (01/04/2019 09:11:48 PM) (Source: NetHttpService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/04/2019 08:57:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (2384) WebCacheLocal: Při otevírání souboru protokolu C:\Users\HP\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (01/04/2019 08:57:16 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (2384) WebCacheLocal: Pokus o otevření souboru C:\Users\HP\AppData\Local\Microsoft\Windows\WebCache\V01.log jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (01/04/2019 08:57:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (2384) WebCacheLocal: Při otevírání souboru protokolu C:\Users\HP\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (01/04/2019 08:57:06 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (2384) WebCacheLocal: Pokus o otevření souboru C:\Users\HP\AppData\Local\Microsoft\Windows\WebCache\V01.log jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (01/04/2019 08:48:53 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
Registrace balíčku technologie Klikni a spusť se nezdařila.


System errors:
=============
Error: (01/04/2019 10:04:31 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: Microsoft Antimalware – funkce ochrany v reálném čase selhala z důvodu chyby.

Funkce: Monitorování chování

Kód chyby: 0x80004005

Popis chyby: Nespecifikovaná chyba

Důvod: Ovladač filtru vyžaduje pro svou funkci aktuální stroj. Chcete-li povolit ochranu v reálném čase, je nutné nainstalovat nejnovější aktualizace definic.

Error: (01/04/2019 10:04:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
nethfdrv

Error: (01/04/2019 10:03:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Infigo Operator neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/04/2019 10:03:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Infigo Operator bylo dosaženo časového limitu (30000 ms).

Error: (01/04/2019 10:00:19 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (01/04/2019 10:00:19 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (01/04/2019 10:00:11 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Microsoft Antimalware Service se po přijetí pokynu pro vypnutí neukončila správně.

Error: (01/04/2019 09:59:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\system32\athihvs.dll


CodeIntegrity:
===================================

Date: 2015-02-12 08:12:10.585
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-02-12 08:12:10.445
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-02-12 08:05:20.497
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-02-12 08:05:20.357
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-02-07 18:01:02.664
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-02-07 18:01:02.502
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-02-07 17:54:22.460
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-02-07 17:54:22.304
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nethfdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz
Percentage of memory in use: 68%
Total physical RAM: 3979.6 MB
Available physical RAM: 1257.48 MB
Total Virtual: 7957.34 MB
Available Virtual: 4473.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:675.97 GB) (Free:557.15 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.97 GB) FAT32
Drive g: (HP_RECOVERY) (Fixed) (Total:20.37 GB) (Free:3.11 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{db2abe77-cfb4-11e1-ba25-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 25955A44)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=676 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zamzrlý notebook

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [NtVdmSrv] => C:\windows\inf\ntvdm.vbe [1219 2013-06-20] ()
C:\windows\inf\ntvdm.vbe
HKLM-x32\...\Run: [mncmhkrsnSrv] => C:\windows\SysWOW64\mncmhkrsn.vbe [7670 2014-03-05] ()
C:\windows\SysWOW64\mncmhkrsn.vbe
HKU\S-1-5-21-4279202749-943463868-844345460-1001\...\MountPoints2: {5d0d3937-d3c7-11e2-b65a-74e543670da0} - H:\Startme.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
HKU\S-1-5-21-4279202749-943463868-844345460-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
URLSearchHook: HKU\S-1-5-21-4279202749-943463868-844345460-1001 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search.ask.com/sr?src=ieb&gc ... nrs=AGA&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search.ask.com/sr?src=ieb&gc ... nrs=AGA&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {748A25E1-B3D8-4FD1-AC2A-5CB79758C36A} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=e394155a-4020-4829-9a9f-b01a3a8eaee4&apn_sauid=F2DBC5FE-61C8-4744-8F45-BDE043BB3B71
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search.ask.com/sr?src=ieb&gc ... nrs=AGA&q={searchTerms}
FF Homepage: Mozilla\Firefox\Profiles\67v6eavr.default -> hxxp://home.tb.ask.com/index.jhtml?ptb= ... 0d0b06&p2=^HJ^xdm007^YYA^cz&si=CKfxiezvtMICFUr4wgodzyMAfw
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha966.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha966\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta394.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta394\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha159.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha159\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha416.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha416\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha420.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha420\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha6793.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6793\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home396.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home396\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode743.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode743\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release841.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release841\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha763.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha763\ff => not found
FF HKU\S-1-5-21-4279202749-943463868-844345460-1001\...\Firefox\Extensions: [{85A9DD51-C7AB-8CCB-1BF6-9AF83F578FE1}] - C:\Program Files (x86)\ver2OffersWizard\190.xpi => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__ ... M__&query={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [aaaaaigjndjblmpeckabiffcpogflfgl] - C:\Users\HP\AppData\Local\imeshkoyotesoftmoviestoolbar\GC\toolbar.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [aplpilpcjieglgfgfamoanlojbjiacap] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode743\ch\MediaBuzzV1mode743.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bcodfnhfdjbjdlgefnocjnddlkfpkihk] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha966\ch\WebexpEnhancedV1alpha966.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cebmkknjfbodglifaocebakbbkpbafpn] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha763\ch\TrustMediaViewerV1alpha763.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eajkbpchnjjpgpgpmmpadhknfkfcodnh] - C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\GamingWonderland@mindspark.com <not found>
CHR HKLM-x32\...\Chrome\Extension: [elkegfahbfnglehibahalhalelepljck] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6793\ch\MediaViewV1alpha6793.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [emcpffkjccpmkkjpgcjhogejhoaoljid] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha420\ch\MediaViewV1alpha420.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fjgohbnbmilnlenamemkbdefcpagpopk] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta394\ch\VideoPlayerV3beta394.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [klhffgpnkibhialdcgnjcnciogbhhjco] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha416\ch\MediaViewerV1alpha416.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mehppllcjblajlpeeiipfcelehcmpild] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home396\ch\MediaWatchV1home396.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
U3 aswbdisk; no ImagePath
S1 ezkdisei; \??\C:\windows\system32\drivers\ezkdisei.sys [X]
S1 ioujrgaz; \??\C:\windows\system32\drivers\ioujrgaz.sys [X]
S1 nethfdrv; \??\C:\windows\system32\drivers\nethfdrv.sys [X]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\ProgramData\McAfee Security Scan
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
C:\Users\HP\AppData\Local\Temp
Task: {0D1197E6-695D-444F-9786-09006C3EB04D} - System32\Tasks\{159BF8D0-8089-46B0-AA2E-DB4641170514} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\VLC MEDIA player cz plna verze zdarma\VLC MEDIA player cz plna verze zdarma.exe" -d "C:\Program Files (x86)\VLC MEDIA player cz plna verze zdarma"
Task: {25BA6C07-2BD3-4287-BBEF-C5AFD70A6F81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5248C0A4-0EBB-47FA-BAB7-DEDFF3E20192} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
C:\windows\inf\msqtqt\msqtqt.exe
C:\Windows\Inf\MSASGui.exe
FirewallRules: [{25FD30A3-B072-40A3-9E27-BFFC12E1B4D9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{38E343BE-EC35-4B02-82B1-F8A646D75D4C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{FD9C0F9B-0116-42B9-8FA6-178C53CF8900}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{63DA5F75-A8AF-4758-A8D6-E53222BA0464}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
C:\Program Files (x86)\Bonjour

EmptyTemp:
Hosts:
End
Uložte do C:\Users\HP\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Romiska
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 92
Registrován: 14 říj 2005 16:09

Re: Zamzrlý notebook

#7 Příspěvek od Romiska »

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by HP (05-01-2019 12:15:27) Run:1
Running from C:\Users\HP\Downloads
Loaded Profiles: HP (Available Profiles: HP)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [NtVdmSrv] => C:\windows\inf\ntvdm.vbe [1219 2013-06-20] ()
C:\windows\inf\ntvdm.vbe
HKLM-x32\...\Run: [mncmhkrsnSrv] => C:\windows\SysWOW64\mncmhkrsn.vbe [7670 2014-03-05] ()
C:\windows\SysWOW64\mncmhkrsn.vbe
HKU\S-1-5-21-4279202749-943463868-844345460-1001\...\MountPoints2: {5d0d3937-d3c7-11e2-b65a-74e543670da0} - H:\Startme.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\McAfee Security Scan
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
HKU\S-1-5-21-4279202749-943463868-844345460-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDF
URLSearchHook: HKU\S-1-5-21-4279202749-943463868-844345460-1001 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search.ask.com/sr?src=ieb&gc ... nrs=AGA&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search.ask.com/sr?src=ieb&gc ... nrs=AGA&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {748A25E1-B3D8-4FD1-AC2A-5CB79758C36A} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=e394155a-4020-4829-9a9f-b01a3a8eaee4&apn_sauid=F2DBC5FE-61C8-4744-8F45-BDE043BB3B71
SearchScopes: HKU\S-1-5-21-4279202749-943463868-844345460-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search.ask.com/sr?src=ieb&gc ... nrs=AGA&q={searchTerms}
FF Homepage: Mozilla\Firefox\Profiles\67v6eavr.default -> hxxp://home.tb.ask.com/index.jhtml?ptb= ... 0d0b06&p2=^HJ^xdm007^YYA^cz&si=CKfxiezvtMICFUr4wgodzyMAfw
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha966.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha966\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta394.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta394\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha159.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha159\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha416.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha416\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha420.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha420\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha6793.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6793\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home396.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home396\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode743.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode743\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release841.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release841\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha763.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha763\ff => not found
FF HKU\S-1-5-21-4279202749-943463868-844345460-1001\...\Firefox\Extensions: [{85A9DD51-C7AB-8CCB-1BF6-9AF83F578FE1}] - C:\Program Files (x86)\ver2OffersWizard\190.xpi => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__ ... M__&query={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [aaaaaigjndjblmpeckabiffcpogflfgl] - C:\Users\HP\AppData\Local\imeshkoyotesoftmoviestoolbar\GC\toolbar.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [aplpilpcjieglgfgfamoanlojbjiacap] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode743\ch\MediaBuzzV1mode743.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bcodfnhfdjbjdlgefnocjnddlkfpkihk] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha966\ch\WebexpEnhancedV1alpha966.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cebmkknjfbodglifaocebakbbkpbafpn] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha763\ch\TrustMediaViewerV1alpha763.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eajkbpchnjjpgpgpmmpadhknfkfcodnh] - C:\Program Files (x86)\GamingWonderland Chrome Extension\bar\GamingWonderland@mindspark.com <not found>
CHR HKLM-x32\...\Chrome\Extension: [elkegfahbfnglehibahalhalelepljck] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha6793\ch\MediaViewV1alpha6793.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [emcpffkjccpmkkjpgcjhogejhoaoljid] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha420\ch\MediaViewV1alpha420.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fjgohbnbmilnlenamemkbdefcpagpopk] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta394\ch\VideoPlayerV3beta394.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [klhffgpnkibhialdcgnjcnciogbhhjco] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha416\ch\MediaViewerV1alpha416.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mehppllcjblajlpeeiipfcelehcmpild] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home396\ch\MediaWatchV1home396.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx <not found>
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-28] (Microsoft Corporation)
U3 aswbdisk; no ImagePath
S1 ezkdisei; \??\C:\windows\system32\drivers\ezkdisei.sys [X]
S1 ioujrgaz; \??\C:\windows\system32\drivers\ioujrgaz.sys [X]
S1 nethfdrv; \??\C:\windows\system32\drivers\nethfdrv.sys [X]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\ProgramData\McAfee Security Scan
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
C:\Users\HP\AppData\Local\Temp
Task: {0D1197E6-695D-444F-9786-09006C3EB04D} - System32\Tasks\{159BF8D0-8089-46B0-AA2E-DB4641170514} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\VLC MEDIA player cz plna verze zdarma\VLC MEDIA player cz plna verze zdarma.exe" -d "C:\Program Files (x86)\VLC MEDIA player cz plna verze zdarma"
Task: {25BA6C07-2BD3-4287-BBEF-C5AFD70A6F81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5248C0A4-0EBB-47FA-BAB7-DEDFF3E20192} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
C:\windows\inf\msqtqt\msqtqt.exe
C:\Windows\Inf\MSASGui.exe
FirewallRules: [{25FD30A3-B072-40A3-9E27-BFFC12E1B4D9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{38E343BE-EC35-4B02-82B1-F8A646D75D4C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{FD9C0F9B-0116-42B9-8FA6-178C53CF8900}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{63DA5F75-A8AF-4758-A8D6-E53222BA0464}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
C:\Program Files (x86)\Bonjour

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv" => removed successfully
C:\windows\inf\ntvdm.vbe => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mncmhkrsnSrv" => removed successfully
C:\windows\SysWOW64\mncmhkrsn.vbe => moved successfully
HKU\S-1-5-21-4279202749-943463868-844345460-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d0d3937-d3c7-11e2-b65a-74e543670da0} => removed successfully
HKLM\Software\Classes\CLSID\{5d0d3937-d3c7-11e2-b65a-74e543670da0} => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera => removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe => moved successfully
C:\Program Files\McAfee Security Scan => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" => not found
HKU\S-1-5-21-4279202749-943463868-844345460-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-4279202749-943463868-844345460-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => removed successfully
HKLM\Software\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} => removed successfully
HKLM\Software\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} => not found
"HKU\S-1-5-21-4279202749-943463868-844345460-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-4279202749-943463868-844345460-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-4279202749-943463868-844345460-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => removed successfully
HKLM\Software\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => not found
HKU\S-1-5-21-4279202749-943463868-844345460-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{748A25E1-B3D8-4FD1-AC2A-5CB79758C36A} => removed successfully
HKLM\Software\Classes\CLSID\{748A25E1-B3D8-4FD1-AC2A-5CB79758C36A} => not found
HKU\S-1-5-21-4279202749-943463868-844345460-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} => removed successfully
HKLM\Software\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} => not found
"Firefox homepage" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\xz123@ya456.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\12x3q@3244516.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@bettersurfplus.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha966.net" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta394.net" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaPlayerV1alpha159.net" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaViewerV1alpha416.net" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaViewV1alpha420.net" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaViewV1alpha6793.net" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaWatchV1home396.net" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@MediaBuzzV1mode743.net" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@RichMediaViewV1release841.net" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@TrustMediaViewerV1alpha763.net" => removed successfully
"HKU\S-1-5-21-4279202749-943463868-844345460-1001\Software\Mozilla\Firefox\Extensions\\{85A9DD51-C7AB-8CCB-1BF6-9AF83F578FE1}" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaaigjndjblmpeckabiffcpogflfgl => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aplpilpcjieglgfgfamoanlojbjiacap => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bcodfnhfdjbjdlgefnocjnddlkfpkihk => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cebmkknjfbodglifaocebakbbkpbafpn => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eajkbpchnjjpgpgpmmpadhknfkfcodnh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\elkegfahbfnglehibahalhalelepljck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\emcpffkjccpmkkjpgcjhogejhoaoljid => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjgohbnbmilnlenamemkbdefcpagpopk => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\klhffgpnkibhialdcgnjcnciogbhhjco => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mehppllcjblajlpeeiipfcelehcmpild => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco => removed successfully
HKLM\System\CurrentControlSet\Services\McComponentHostService => removed successfully
McComponentHostService => service removed successfully
MsMpSvc => Unable to stop service.
HKLM\System\CurrentControlSet\Services\MsMpSvc => removed successfully
MsMpSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\ezkdisei => removed successfully
ezkdisei => service removed successfully
HKLM\System\CurrentControlSet\Services\ioujrgaz => removed successfully
ioujrgaz => service removed successfully
HKLM\System\CurrentControlSet\Services\nethfdrv => removed successfully
nethfdrv => service removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus => moved successfully
C:\ProgramData\McAfee Security Scan => moved successfully
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 => moved successfully

"C:\Users\HP\AppData\Local\Temp" folder move:

Could not move "C:\Users\HP\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D1197E6-695D-444F-9786-09006C3EB04D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D1197E6-695D-444F-9786-09006C3EB04D}" => removed successfully
C:\windows\System32\Tasks\{159BF8D0-8089-46B0-AA2E-DB4641170514} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{159BF8D0-8089-46B0-AA2E-DB4641170514}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{25BA6C07-2BD3-4287-BBEF-C5AFD70A6F81}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25BA6C07-2BD3-4287-BBEF-C5AFD70A6F81}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5248C0A4-0EBB-47FA-BAB7-DEDFF3E20192}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5248C0A4-0EBB-47FA-BAB7-DEDFF3E20192}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\windows\inf\msqtqt\msqtqt.exe => moved successfully
C:\Windows\Inf\MSASGui.exe => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{25FD30A3-B072-40A3-9E27-BFFC12E1B4D9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38E343BE-EC35-4B02-82B1-F8A646D75D4C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD9C0F9B-0116-42B9-8FA6-178C53CF8900}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63DA5F75-A8AF-4758-A8D6-E53222BA0464}" => removed successfully
C:\Program Files (x86)\Bonjour => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4532562 B
Java, Flash, Steam htmlcache => 609 B
Windows/system/drivers => 579977988 B
Edge => 0 B
Chrome => 28414848 B
Firefox => 5287528 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42337178 B
systemprofile32 => 4282226 B
LocalService => 49632 B
NetworkService => 251876664 B
HP => 6388576 B

RecycleBin => 0 B
EmptyTemp: => 888.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-01-2019 12:19:35)

C:\Users\HP\AppData\Local\Temp => moved successfully

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 12:19:35 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zamzrlý notebook

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět