Velmi pomalý PC

[r0ach]

Ahoj,
chtěl bych poprosit o kontrolu PC. Je velice zasekaný s pomalou odezvou.
Přikládám výpis z RSIT.
Děkuju.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Věra at 2017-01-06 20:07:17
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 115 GB (25%) free of 458 GB
Total RAM: 3982 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:07:24, on 6. 1. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Věra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Razor Web - {2e22e1c9-9ddb-40da-85c7-0753217fff76} - C:\Program Files (x86)\Razor Web\Extensions\2e22e1c9-9ddb-40da-85c7-0753217fff76.dll (file missing)
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9571 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 362271757376
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {0b8a3b5c-604a-47f7-a482dab59491f8a6}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"

C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
taskhostex.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory="Profile 1"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Věra\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x120
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-features=MetricsReporting<MetricsAndCrashSampling --force-fieldtrials=MetricsAndCrashSampling/OutOfReportingSample/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --gpu-driver-date=1-20-2014 --mojo-application-channel-token=94D7946F5024DAB1176C2154FD1B1D5A --mojo-platform-channel-handle=1128 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-features=MetricsReporting<MetricsAndCrashSampling --force-fieldtrials=MetricsAndCrashSampling/OutOfReportingSample/ --primordial-pipe-token=9D054487A870FAEBC5B2F25584EFF359 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=9D054487A870FAEBC5B2F25584EFF359 --channel="3288.4.331399113\150492797" --mojo-platform-channel-handle=4580 /prefetch:1
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9a5fe7bc-9359-4450-b3e9-d92f75e8503d -SystemEventPortName:HostProcess-51ad0c06-104e-43eb-aeb1-b757c3df2122 -IoCancelEventPortName:HostProcess-91b8f374-def8-4ab2-99c9-b775d6750ad5 -NonStateChangingEventPortName:HostProcess-28897a99-b907-4668-9fa7-7e6494126dec -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:296e5356-5eb4-4444-954c-24129a680a8b -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-features=MetricsReporting<MetricsAndCrashSampling --force-fieldtrials=MetricsAndCrashSampling/OutOfReportingSample/ --primordial-pipe-token=E577378E587D449467F9FC262EB7CF9D --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=E577378E587D449467F9FC262EB7CF9D --channel="3288.5.1294119162\42619776" --mojo-platform-channel-handle=2872 /prefetch:1
"C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe" /d speedup
wmiadap.exe /F /T /R
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 1FE208C1-F727-FDBB-0F10-278A9479B13D -Reinvoke

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

"C:\Users\Věra\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files\Java\jre1.8.0_40\bin\jp2launcher.exe" -secure -javaws -jre "C:\Program Files\Java\jre1.8.0_40" -vma LWNsYXNzcGF0aABDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNDBcbGliXGRlcGxveS5qYXIALURqYXZhLnNlY3VyaXR5LnBvbGljeT1maWxlOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF80MFxsaWJcc2VjdXJpdHlcamF2YXdzLnBvbGljeQAtRHRydXN0UHJveHk9dHJ1ZQAtWHZlcmlmeTpyZW1vdGUALURqbmxweC5ob21lPUM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF80MFxiaW4ALURqYXZhLnNlY3VyaXR5Lm1hbmFnZXIALURzdW4uYXd0Lndhcm11cD10cnVlAC1YYm9vdGNsYXNzcGF0aC9hOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF80MFxsaWJcamF2YXdzLmphcjtDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNDBcbGliXGRlcGxveS5qYXI7QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZTEuOC4wXzQwXGxpYlxwbHVnaW4uamFyAC1Eam5scHguanZtPUM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF80MFxiaW5camF2YXcuZXhl -ma LVNTVkJhc2VsaW5lVXBkYXRlAC1ub3RXZWJKYXZh

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForVěra.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForVěra (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11 229064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-05 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-27 2351920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-05 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2e22e1c9-9ddb-40da-85c7-0753217fff76}]
Razor Web - C:\Program Files (x86)\Razor Web\Extensions\2e22e1c9-9ddb-40da-85c7-0753217fff76.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-18 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-18 771568]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-02-18 770544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-01-14 7510896]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2803440]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2015-04-01 1092296]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-05-08 8322328]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-03-07 335232]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2015-06-29 653576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-02-18 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2017-01-06 20:05:55 ----D---- C:\rsit
2017-01-06 20:05:55 ----D---- C:\Program Files\trend micro
2017-01-02 19:31:00 ----D---- C:\Program Files (x86)\GUME232.tmp
2017-01-02 19:31:00 ----A---- C:\Program Files (x86)\GUTE243.tmp
2016-11-13 13:19:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-09 19:30:50 ----A---- C:\Windows\system32\mshtml.dll
2016-11-09 19:30:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-09 19:30:48 ----A---- C:\Windows\system32\ieframe.dll
2016-11-09 19:30:47 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-09 19:30:46 ----A---- C:\Windows\system32\jscript9.dll
2016-11-09 19:30:45 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-09 19:30:45 ----A---- C:\Windows\system32\win32k.sys
2016-11-09 19:30:44 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-09 19:30:42 ----A---- C:\Windows\system32\wininet.dll
2016-11-09 19:30:42 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-09 19:30:41 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-09 19:30:41 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-09 19:30:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-09 19:30:40 ----A---- C:\Windows\system32\urlmon.dll
2016-11-09 19:30:40 ----A---- C:\Windows\system32\iertutil.dll
2016-11-09 19:30:39 ----A---- C:\Windows\system32\ole32.dll
2016-11-09 19:30:39 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-09 19:30:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-09 19:30:37 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-11-09 19:30:36 ----A---- C:\Windows\system32\drivers\refs.sys
2016-11-09 19:30:35 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2016-11-09 19:30:35 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2016-11-09 19:30:35 ----A---- C:\Windows\system32\win32spl.dll
2016-11-09 19:30:35 ----A---- C:\Windows\system32\SessEnv.dll
2016-11-09 19:30:35 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-11-09 19:30:34 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-09 19:30:34 ----A---- C:\Windows\system32\vmrdvcore.dll
2016-11-09 19:30:34 ----A---- C:\Windows\system32\msdtcprx.dll
2016-11-09 19:30:34 ----A---- C:\Windows\system32\drivers\clfs.sys
2016-11-09 19:30:33 ----A---- C:\Windows\system32\msctf.dll
2016-11-09 19:30:33 ----A---- C:\Windows\system32\mfsvr.dll
2016-11-09 19:30:32 ----A---- C:\Windows\system32\pdh.dll
2016-11-09 19:30:32 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-09 19:30:32 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2016-11-09 19:30:31 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-09 19:30:31 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-09 19:30:31 ----A---- C:\Windows\system32\atmfd.dll
2016-11-09 19:30:30 ----A---- C:\Windows\SYSWOW64\pdh.dll
2016-11-09 19:30:30 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-09 19:30:30 ----A---- C:\Windows\system32\DafPrintProvider.dll
2016-11-09 19:30:29 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-09 19:30:29 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-11-09 19:30:29 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-09 19:30:29 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-09 19:30:28 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-09 19:30:28 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2016-11-09 19:30:27 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-09 19:30:27 ----A---- C:\Windows\system32\localspl.dll
2016-11-09 19:30:27 ----A---- C:\Windows\system32\iscsiexe.dll
2016-11-09 19:30:26 ----A---- C:\Windows\SYSWOW64\iscsiwmi.dll
2016-11-09 19:30:26 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-09 19:30:26 ----A---- C:\Windows\system32\iscsiwmi.dll
2016-11-09 19:30:26 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-09 19:30:25 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-11-09 19:30:25 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-09 19:30:25 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-09 19:30:23 ----A---- C:\Windows\SYSWOW64\iscsidsc.dll
2016-11-09 19:30:23 ----A---- C:\Windows\system32\xolehlp.dll
2016-11-09 19:30:23 ----A---- C:\Windows\system32\iscsidsc.dll
2016-11-09 19:30:23 ----A---- C:\Windows\system32\dab.dll
2016-11-09 19:30:21 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-09 19:30:20 ----A---- C:\Windows\system32\input.dll
2016-11-09 19:30:17 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-09 19:30:17 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-09 19:30:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-09 19:30:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-09 19:30:14 ----A---- C:\Windows\SYSWOW64\xolehlp.dll
2016-11-09 19:30:14 ----A---- C:\Windows\system32\webcheck.dll
2016-11-09 19:30:12 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-09 19:30:08 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-09 19:30:08 ----A---- C:\Windows\system32\netlogon.dll
2016-11-09 19:30:08 ----A---- C:\Windows\system32\certcli.dll
2016-11-09 19:30:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-09 19:30:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-09 19:30:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-09 19:30:05 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-09 19:30:04 ----A---- C:\Windows\system32\iepeers.dll
2016-11-09 19:30:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-09 19:30:03 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-09 19:30:03 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-11-09 19:30:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-09 19:30:03 ----A---- C:\Windows\system32\vbscript.dll
2016-11-09 19:30:03 ----A---- C:\Windows\system32\jscript.dll
2016-11-09 19:30:03 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-09 19:30:03 ----A---- C:\Windows\system32\atmlib.dll
2016-11-09 19:30:02 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-10-16 16:41:31 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-16 16:41:31 ----A---- C:\Windows\system32\appraiser.dll
2016-10-16 16:41:31 ----A---- C:\Windows\system32\aeinv.dll
2016-10-16 16:41:31 ----A---- C:\Windows\system32\acmigration.dll
2016-10-16 16:41:30 ----A---- C:\Windows\system32\generaltel.dll
2016-10-16 16:41:30 ----A---- C:\Windows\system32\devinv.dll
2016-10-16 16:41:30 ----A---- C:\Windows\system32\aepic.dll
2016-10-16 16:41:29 ----A---- C:\Windows\system32\invagent.dll
2016-10-16 16:41:29 ----A---- C:\Windows\system32\centel.dll
2016-10-16 16:41:24 ----A---- C:\Windows\system32\shell32.dll
2016-10-16 16:41:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-16 16:41:20 ----A---- C:\Windows\system32\twinui.dll
2016-10-16 16:41:19 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-10-16 16:41:18 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-16 16:41:18 ----A---- C:\Windows\explorer.exe
2016-10-16 16:41:17 ----A---- C:\Windows\SYSWOW64\RestoreOptIn.exe
2016-10-16 16:41:17 ----A---- C:\Windows\system32\RestoreOptIn.exe
2016-10-12 17:42:46 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2016-10-12 17:42:46 ----A---- C:\Windows\system32\actxprxy.dll
2016-10-12 17:42:45 ----A---- C:\Windows\system32\wmp.dll
2016-10-12 17:42:44 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-12 17:42:39 ----A---- C:\Windows\system32\esent.dll
2016-10-12 17:42:38 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-10-12 17:42:36 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-12 17:42:36 ----A---- C:\Windows\system32\authui.dll
2016-10-12 17:42:35 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-12 17:42:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-12 17:42:35 ----A---- C:\Windows\system32\d3d11.dll
2016-10-12 17:42:34 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-10-12 17:42:34 ----A---- C:\Windows\system32\DWrite.dll
2016-10-12 17:42:32 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2016-10-12 17:42:31 ----A---- C:\Windows\system32\FntCache.dll
2016-10-12 17:42:29 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-12 17:42:28 ----A---- C:\Windows\system32\ntshrui.dll
2016-10-12 17:42:27 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2016-10-12 17:42:27 ----A---- C:\Windows\system32\wbengine.exe
2016-10-12 17:42:27 ----A---- C:\Windows\system32\GdiPlus.dll
2016-10-12 17:42:27 ----A---- C:\Windows\system32\drivers\spaceport.sys
2016-10-12 17:42:27 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-12 17:42:26 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2016-10-12 17:42:26 ----A---- C:\Windows\system32\winload.exe
2016-10-12 17:42:25 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-12 17:42:25 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-12 17:42:25 ----A---- C:\Windows\system32\drivers\parport.sys
2016-10-12 17:42:23 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2016-10-12 17:42:23 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-10-12 17:42:23 ----A---- C:\Windows\system32\PlayToDevice.dll
2016-10-12 17:42:21 ----A---- C:\Windows\SYSWOW64\PlayToDevice.dll
2016-10-12 17:42:21 ----A---- C:\Windows\system32\drivers\tm.sys
2016-10-12 17:42:20 ----A---- C:\Windows\system32\winresume.exe
2016-10-12 17:42:20 ----A---- C:\Windows\system32\rastapi.dll
2016-10-12 17:42:19 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-12 17:42:19 ----A---- C:\Windows\system32\twinui.appcore.dll
2016-10-12 17:42:19 ----A---- C:\Windows\system32\drivers\vwifimp.sys
2016-10-12 17:42:19 ----A---- C:\Windows\system32\drivers\serial.sys
2016-10-12 17:42:19 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-12 17:42:18 ----A---- C:\Windows\SYSWOW64\offreg.dll
2016-10-12 17:42:18 ----A---- C:\Windows\system32\offreg.dll
2016-10-12 17:42:18 ----A---- C:\Windows\system32\drivers\vwifibus.sys
2016-10-12 17:42:18 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-12 17:42:17 ----A---- C:\Windows\system32\drivers\serenum.sys
2016-10-12 17:42:11 ----A---- C:\Windows\system32\drivers\vwififlt.sys

======List of files/folders modified in the last 3 months======

2017-01-06 20:07:19 ----D---- C:\Windows\Prefetch
2017-01-06 20:06:01 ----D---- C:\Windows\Temp
2017-01-06 20:05:55 ----RD---- C:\Program Files
2017-01-06 19:59:28 ----D---- C:\Windows\AppReadiness
2017-01-06 19:59:25 ----HD---- C:\Program Files\WindowsApps
2017-01-06 19:58:11 ----D---- C:\Windows\system32\sru
2017-01-02 22:01:44 ----D---- C:\Windows\system32\Tasks
2017-01-02 22:01:43 ----D---- C:\Windows\Tasks
2017-01-02 20:33:53 ----D---- C:\Windows\system32\config
2017-01-02 19:47:02 ----D---- C:\Users\Věra\AppData\Roaming\vlc
2017-01-02 19:32:46 ----D---- C:\Program Files (x86)\Opera
2017-01-02 19:31:00 ----RD---- C:\Program Files (x86)
2017-01-02 16:33:50 ----RD---- C:\Windows\System32
2017-01-02 16:33:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-20 12:01:48 ----D---- C:\Windows\Microsoft.NET
2016-11-17 13:40:24 ----D---- C:\Windows\Inf
2016-11-16 19:49:01 ----SHD---- C:\System Volume Information
2016-11-15 20:17:52 ----SHD---- C:\Windows\Installer
2016-11-15 20:17:18 ----RSD---- C:\Windows\assembly
2016-11-15 20:17:13 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-11-15 20:15:26 ----D---- C:\Program Files\Microsoft Office 15
2016-11-13 14:41:53 ----D---- C:\Windows\system32\MRT
2016-11-13 14:35:38 ----AC---- C:\Windows\system32\MRT.exe
2016-11-13 13:19:53 ----D---- C:\Windows\WinSxS
2016-11-13 13:19:49 ----D---- C:\Windows\SysWOW64
2016-11-09 23:52:25 ----RD---- C:\Windows\ToastData
2016-11-09 23:52:13 ----D---- C:\Program Files\Internet Explorer
2016-11-09 23:52:13 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 23:52:12 ----D---- C:\Windows\SYSWOW64\migration
2016-11-09 23:52:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-09 23:52:11 ----D---- C:\Windows\system32\migration
2016-11-09 23:52:11 ----D---- C:\Windows\system32\cs-CZ
2016-11-09 23:52:01 ----D---- C:\Windows\system32\drivers
2016-11-09 23:51:56 ----D---- C:\Windows\system32\DriverStore
2016-11-09 20:18:08 ----D---- C:\Windows\CbsTemp
2016-11-09 19:22:42 ----D---- C:\Windows\system32\catroot2
2016-11-03 17:51:01 ----D---- C:\Windows\rescache
2016-10-28 02:22:26 ----N---- C:\Windows\system32\MpSigStub.exe
2016-10-17 15:54:19 ----SD---- C:\Windows\system32\CompatTel
2016-10-17 15:54:19 ----D---- C:\Windows\system32\appraiser
2016-10-17 15:54:14 ----D---- C:\Windows
2016-10-16 17:33:53 ----D---- C:\Windows\Logs
2016-10-12 22:27:04 ----D---- C:\Windows\system32\Boot
2016-10-12 22:27:00 ----D---- C:\Windows\apppatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2014-10-10 241368]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2014-01-23 29464]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 vrvd5;vrvd5; C:\Windows\system32\DRIVERS\vrvd5.sys [2015-12-25 13344]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 clwvd;@oem21.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dtlitescsibus;@oem67.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-07-08 30264]
R3 GPIO;@oem14.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-02-18 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-01-15 3837144]
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-02-18 450520]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 RSP2STOR;@oem16.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-01-04 291544]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-01-28 839896]
R3 RTWlanE;@oem6.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-03-22 3379416]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-13 31472]
R3 SynTP;@oem18.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 542448]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-11-06 632168]
S3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
S3 dg_ssudbus;@oem79.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 nmwcd;@oem68.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem72.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 rssasnt;rssasnt; \??\C:\Users\Public\Documents\RSupport\rcc50\rssas64.sys []
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-12-13 29936]
S3 ssudmdm;@oem81.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2016-10-04 3040496]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-08-15 29728]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2015-06-29 602888]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-02-18 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[r0ach]

# AdwCleaner v6.042 - Log vytvořen 06/01/2017 v 21:34:46
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-06.1 [Server]
# Operační systém : Windows 8.1 Connected (X64)
# Uživatelské jméno : Věra - RUNKA
# Spuštěno z : C:\Users\Věra\Desktop\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\Věra\AppData\Roaming\RHEng
[-] Složka smazána: C:\ProgramData\apn
[#] Složka smazána po restartu: C:\ProgramData\Application Data\apn


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{2E22E1C9-9DDB-40DA-85C7-0753217FFF76}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E22E1C9-9DDB-40DA-85C7-0753217FFF76}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2E22E1C9-9DDB-40DA-85C7-0753217FFF76}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2E22E1C9-9DDB-40DA-85C7-0753217FFF76}
[-] Klíč smazán: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Klíč smazán po restartu: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Prohlížeče ] *****

[-] [C:\Users\Věra\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Smazáno: fcfenmboojpjinhpgggodefccipikbpd


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1845 Bajty] - [06/01/2017 21:34:46]
C:\AdwCleaner\AdwCleaner[S0].txt - [2210 Bajty] - [06/01/2017 21:33:14]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1991 Bajty] ##########

[Rudy]

Dejte nový log RSIT.

[r0ach]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Věra at 2017-01-06 22:31:07
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 115 GB (25%) free of 458 GB
Total RAM: 3982 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:31:14, on 6. 1. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Věra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9335 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 907993751776
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {9ac9bf1b-0e34-4596-a203d327f9c39848}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"

C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Explorer.EXE
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory="Profile 1"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Věra\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x11c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/MaterialDesignUserManager/Enabled/MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_67/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --gpu-driver-date=1-20-2014 --mojo-application-channel-token=C689D4CA7D2D8514FE4957E3703309AB --mojo-platform-channel-handle=1108 --ignored=" --type=renderer " /prefetch:2
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/MaterialDesignUserManager/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_67/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=CD61E85C819257BA59BC5B9B3E18218B --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=CD61E85C819257BA59BC5B9B3E18218B --channel="2988.2.381352998\515719995" --mojo-platform-channel-handle=2424 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/MaterialDesignUserManager/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_67/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=DD1C13BC7961C59BCE4596C6766EB01D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=DD1C13BC7961C59BCE4596C6766EB01D --channel="2988.3.693628505\1969394099" --mojo-platform-channel-handle=4108 /prefetch:1
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
taskhost.exe $(Arg0)
taskhostex.exe Idle
taskhost.exe IdleSyncMaintenance
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\svchost.exe -k defragsvc

"C:\Users\Věra\Downloads\RSITx64.exe"

taskeng.exe {5E5C0589-F6B3-4511-BEB8-A35703AA1340}
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForVěra.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForVěra (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11 229064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-05 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01 2351920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-05 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-18 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-18 771568]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-02-18 770544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-01-14 7510896]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2803440]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2015-04-01 1092296]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-05-08 8322328]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-03-07 335232]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2015-06-29 653576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-02-18 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2017-01-06 21:30:14 ----D---- C:\AdwCleaner
2017-01-06 21:15:52 ----A---- C:\Windows\SYSWOW64\aspnet_counters.dll
2017-01-06 21:15:51 ----A---- C:\Windows\system32\aspnet_counters.dll
2017-01-06 21:15:35 ----A---- C:\Windows\SYSWOW64\msvcp120_clr0400.dll
2017-01-06 21:15:35 ----A---- C:\Windows\system32\msvcp120_clr0400.dll
2017-01-06 21:15:28 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2017-01-06 21:15:28 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2017-01-06 20:27:40 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2017-01-06 20:27:40 ----A---- C:\Windows\SYSWOW64\GlobCollationHost.dll
2017-01-06 20:27:40 ----A---- C:\Windows\system32\Windows.Globalization.dll
2017-01-06 20:27:40 ----A---- C:\Windows\system32\mshtml.dll
2017-01-06 20:27:40 ----A---- C:\Windows\system32\GlobCollationHost.dll
2017-01-06 20:27:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-01-06 20:27:37 ----A---- C:\Windows\system32\ieframe.dll
2017-01-06 20:27:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-01-06 20:27:34 ----A---- C:\Windows\system32\jscript9.dll
2017-01-06 20:27:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-01-06 20:27:32 ----A---- C:\Windows\system32\win32k.sys
2017-01-06 20:27:31 ----A---- C:\Windows\system32\rdpcorets.dll
2017-01-06 20:27:29 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-01-06 20:27:28 ----A---- C:\Windows\system32\wininet.dll
2017-01-06 20:27:28 ----A---- C:\Windows\system32\msi.dll
2017-01-06 20:27:28 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-01-06 20:27:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-01-06 20:27:27 ----A---- C:\Windows\system32\authui.dll
2017-01-06 20:27:26 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-01-06 20:27:26 ----A---- C:\Windows\system32\crypt32.dll
2017-01-06 20:27:25 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-01-06 20:27:25 ----A---- C:\Windows\system32\drivers\http.sys
2017-01-06 20:27:25 ----A---- C:\Windows\system32\drivers\cmimcext.sys
2017-01-06 20:27:24 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2017-01-06 20:27:24 ----A---- C:\Windows\system32\gdi32.dll
2017-01-06 20:27:24 ----A---- C:\Windows\system32\drivers\refs.sys
2017-01-06 20:27:24 ----A---- C:\Windows\system32\drivers\cng.sys
2017-01-06 20:27:23 ----A---- C:\Windows\system32\wintrust.dll
2017-01-06 20:27:23 ----A---- C:\Windows\system32\drivers\spaceport.sys
2017-01-06 20:27:23 ----A---- C:\Windows\system32\drivers\clfs.sys
2017-01-06 20:27:23 ----A---- C:\Windows\system32\dnsapi.dll
2017-01-06 20:27:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-01-06 20:27:22 ----A---- C:\Windows\system32\user32.dll
2017-01-06 20:27:22 ----A---- C:\Windows\system32\drivers\storport.sys
2017-01-06 20:27:22 ----A---- C:\Windows\system32\bcrypt.dll
2017-01-06 20:27:21 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2017-01-06 20:27:21 ----A---- C:\Windows\system32\TpmTasks.dll
2017-01-06 20:27:21 ----A---- C:\Windows\system32\shsetup.dll
2017-01-06 20:27:21 ----A---- C:\Windows\system32\d3d10level9.dll
2017-01-06 20:27:21 ----A---- C:\Windows\system32\ActionQueue.dll
2017-01-06 20:27:20 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-01-06 20:27:20 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2017-01-06 20:27:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-01-06 20:27:19 ----A---- C:\Windows\system32\apisetschema.dll
2017-01-06 20:27:18 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-01-06 20:27:17 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-01-06 20:27:17 ----A---- C:\Windows\system32\urlmon.dll
2017-01-06 20:27:16 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-01-06 20:27:16 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-01-06 20:27:16 ----A---- C:\Windows\system32\certcli.dll
2017-01-06 20:27:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-01-06 20:27:14 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-01-06 20:27:14 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-01-06 20:27:14 ----A---- C:\Windows\system32\vbscript.dll
2017-01-06 20:27:14 ----A---- C:\Windows\system32\msfeeds.dll
2017-01-06 20:27:14 ----A---- C:\Windows\system32\jscript.dll
2017-01-06 20:27:14 ----A---- C:\Windows\system32\inetcomm.dll
2017-01-06 20:27:14 ----A---- C:\Windows\system32\ieapfltr.dll
2017-01-06 20:27:13 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-01-06 20:27:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-01-06 20:05:55 ----D---- C:\rsit
2017-01-06 20:05:55 ----D---- C:\Program Files\trend micro
2017-01-02 19:31:00 ----D---- C:\Program Files (x86)\GUME232.tmp
2017-01-02 19:31:00 ----A---- C:\Program Files (x86)\GUTE243.tmp
2016-11-13 13:19:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-09 19:30:44 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-09 19:30:42 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-09 19:30:41 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-09 19:30:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-09 19:30:40 ----A---- C:\Windows\system32\iertutil.dll
2016-11-09 19:30:39 ----A---- C:\Windows\system32\ole32.dll
2016-11-09 19:30:39 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-09 19:30:37 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-11-09 19:30:35 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2016-11-09 19:30:35 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2016-11-09 19:30:35 ----A---- C:\Windows\system32\win32spl.dll
2016-11-09 19:30:35 ----A---- C:\Windows\system32\SessEnv.dll
2016-11-09 19:30:35 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-11-09 19:30:34 ----A---- C:\Windows\system32\vmrdvcore.dll
2016-11-09 19:30:34 ----A---- C:\Windows\system32\msdtcprx.dll
2016-11-09 19:30:33 ----A---- C:\Windows\system32\msctf.dll
2016-11-09 19:30:33 ----A---- C:\Windows\system32\mfsvr.dll
2016-11-09 19:30:32 ----A---- C:\Windows\system32\pdh.dll
2016-11-09 19:30:32 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-09 19:30:32 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2016-11-09 19:30:31 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-09 19:30:31 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-09 19:30:31 ----A---- C:\Windows\system32\atmfd.dll
2016-11-09 19:30:30 ----A---- C:\Windows\SYSWOW64\pdh.dll
2016-11-09 19:30:30 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-09 19:30:30 ----A---- C:\Windows\system32\DafPrintProvider.dll
2016-11-09 19:30:29 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-09 19:30:29 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-11-09 19:30:29 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-09 19:30:28 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-09 19:30:28 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2016-11-09 19:30:27 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-09 19:30:27 ----A---- C:\Windows\system32\localspl.dll
2016-11-09 19:30:27 ----A---- C:\Windows\system32\iscsiexe.dll
2016-11-09 19:30:26 ----A---- C:\Windows\SYSWOW64\iscsiwmi.dll
2016-11-09 19:30:26 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-09 19:30:26 ----A---- C:\Windows\system32\iscsiwmi.dll
2016-11-09 19:30:25 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-11-09 19:30:25 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-09 19:30:25 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-09 19:30:23 ----A---- C:\Windows\SYSWOW64\iscsidsc.dll
2016-11-09 19:30:23 ----A---- C:\Windows\system32\xolehlp.dll
2016-11-09 19:30:23 ----A---- C:\Windows\system32\iscsidsc.dll
2016-11-09 19:30:23 ----A---- C:\Windows\system32\dab.dll
2016-11-09 19:30:21 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-09 19:30:20 ----A---- C:\Windows\system32\input.dll
2016-11-09 19:30:17 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-09 19:30:17 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-09 19:30:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-09 19:30:14 ----A---- C:\Windows\SYSWOW64\xolehlp.dll
2016-11-09 19:30:14 ----A---- C:\Windows\system32\webcheck.dll
2016-11-09 19:30:12 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-09 19:30:08 ----A---- C:\Windows\system32\netlogon.dll
2016-11-09 19:30:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-09 19:30:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-09 19:30:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-09 19:30:05 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-09 19:30:04 ----A---- C:\Windows\system32\iepeers.dll
2016-11-09 19:30:03 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-11-09 19:30:03 ----A---- C:\Windows\system32\atmlib.dll
2016-11-09 19:30:02 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-10-16 16:41:31 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-16 16:41:31 ----A---- C:\Windows\system32\appraiser.dll
2016-10-16 16:41:31 ----A---- C:\Windows\system32\aeinv.dll
2016-10-16 16:41:31 ----A---- C:\Windows\system32\acmigration.dll
2016-10-16 16:41:30 ----A---- C:\Windows\system32\generaltel.dll
2016-10-16 16:41:30 ----A---- C:\Windows\system32\devinv.dll
2016-10-16 16:41:30 ----A---- C:\Windows\system32\aepic.dll
2016-10-16 16:41:29 ----A---- C:\Windows\system32\invagent.dll
2016-10-16 16:41:29 ----A---- C:\Windows\system32\centel.dll
2016-10-16 16:41:24 ----A---- C:\Windows\system32\shell32.dll
2016-10-16 16:41:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-16 16:41:20 ----A---- C:\Windows\system32\twinui.dll
2016-10-16 16:41:19 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-10-16 16:41:18 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-16 16:41:18 ----A---- C:\Windows\explorer.exe
2016-10-16 16:41:17 ----A---- C:\Windows\SYSWOW64\RestoreOptIn.exe
2016-10-16 16:41:17 ----A---- C:\Windows\system32\RestoreOptIn.exe
2016-10-12 17:42:46 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2016-10-12 17:42:46 ----A---- C:\Windows\system32\actxprxy.dll
2016-10-12 17:42:45 ----A---- C:\Windows\system32\wmp.dll
2016-10-12 17:42:44 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-12 17:42:39 ----A---- C:\Windows\system32\esent.dll
2016-10-12 17:42:38 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-10-12 17:42:35 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-12 17:42:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-12 17:42:35 ----A---- C:\Windows\system32\d3d11.dll
2016-10-12 17:42:34 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-10-12 17:42:34 ----A---- C:\Windows\system32\DWrite.dll
2016-10-12 17:42:32 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2016-10-12 17:42:31 ----A---- C:\Windows\system32\FntCache.dll
2016-10-12 17:42:29 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-12 17:42:28 ----A---- C:\Windows\system32\ntshrui.dll
2016-10-12 17:42:27 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2016-10-12 17:42:27 ----A---- C:\Windows\system32\wbengine.exe
2016-10-12 17:42:27 ----A---- C:\Windows\system32\GdiPlus.dll
2016-10-12 17:42:27 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-12 17:42:26 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2016-10-12 17:42:26 ----A---- C:\Windows\system32\winload.exe
2016-10-12 17:42:25 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-12 17:42:25 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-12 17:42:25 ----A---- C:\Windows\system32\drivers\parport.sys
2016-10-12 17:42:23 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2016-10-12 17:42:23 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-10-12 17:42:23 ----A---- C:\Windows\system32\PlayToDevice.dll
2016-10-12 17:42:21 ----A---- C:\Windows\SYSWOW64\PlayToDevice.dll
2016-10-12 17:42:21 ----A---- C:\Windows\system32\drivers\tm.sys
2016-10-12 17:42:20 ----A---- C:\Windows\system32\winresume.exe
2016-10-12 17:42:20 ----A---- C:\Windows\system32\rastapi.dll
2016-10-12 17:42:19 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-12 17:42:19 ----A---- C:\Windows\system32\twinui.appcore.dll
2016-10-12 17:42:19 ----A---- C:\Windows\system32\drivers\vwifimp.sys
2016-10-12 17:42:19 ----A---- C:\Windows\system32\drivers\serial.sys
2016-10-12 17:42:19 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-12 17:42:18 ----A---- C:\Windows\SYSWOW64\offreg.dll
2016-10-12 17:42:18 ----A---- C:\Windows\system32\offreg.dll
2016-10-12 17:42:18 ----A---- C:\Windows\system32\drivers\vwifibus.sys
2016-10-12 17:42:18 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-12 17:42:17 ----A---- C:\Windows\system32\drivers\serenum.sys
2016-10-12 17:42:11 ----A---- C:\Windows\system32\drivers\vwififlt.sys

======List of files/folders modified in the last 3 months======

2017-01-06 22:31:14 ----D---- C:\Windows\Prefetch
2017-01-06 22:31:05 ----D---- C:\Windows\Temp
2017-01-06 22:23:16 ----D---- C:\Windows\Microsoft.NET
2017-01-06 22:13:17 ----D---- C:\Windows\rescache
2017-01-06 22:12:18 ----RSD---- C:\Windows\assembly
2017-01-06 22:09:03 ----SHD---- C:\System Volume Information
2017-01-06 22:08:40 ----D---- C:\Windows\system32\sru
2017-01-06 21:56:50 ----D---- C:\Windows\system32\config
2017-01-06 21:50:04 ----RD---- C:\Windows\System32
2017-01-06 21:50:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-06 21:44:54 ----D---- C:\Windows\WinSxS
2017-01-06 21:44:51 ----D---- C:\Windows\SysWOW64
2017-01-06 21:44:21 ----D---- C:\Windows\system32\DriverStore
2017-01-06 21:44:04 ----D---- C:\Windows\Inf
2017-01-06 21:37:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-01-06 21:37:05 ----D---- C:\Windows\system32\wbem
2017-01-06 21:37:05 ----D---- C:\Windows\system32\oobe
2017-01-06 21:37:05 ----D---- C:\Windows\system32\drivers
2017-01-06 21:37:05 ----D---- C:\Windows\system32\cs-CZ
2017-01-06 21:34:35 ----HD---- C:\ProgramData
2017-01-06 21:29:16 ----D---- C:\Windows\AppReadiness
2017-01-06 21:29:15 ----HD---- C:\Program Files\WindowsApps
2017-01-06 21:23:33 ----D---- C:\Windows\CbsTemp
2017-01-06 21:18:16 ----D---- C:\Windows\system32\MRT
2017-01-06 21:18:09 ----AC---- C:\Windows\system32\MRT.exe
2017-01-06 20:29:18 ----D---- C:\Windows\system32\Tasks
2017-01-06 20:20:15 ----SHD---- C:\Windows\Installer
2017-01-06 20:19:46 ----D---- C:\Windows\system32\catroot2
2017-01-06 20:19:25 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-01-06 20:16:49 ----D---- C:\Program Files\Microsoft Office 15
2017-01-06 20:05:55 ----RD---- C:\Program Files
2017-01-02 22:01:43 ----D---- C:\Windows\Tasks
2017-01-02 19:47:02 ----D---- C:\Users\Věra\AppData\Roaming\vlc
2017-01-02 19:32:46 ----D---- C:\Program Files (x86)\Opera
2017-01-02 19:31:00 ----RD---- C:\Program Files (x86)
2016-11-09 23:52:25 ----RD---- C:\Windows\ToastData
2016-11-09 23:52:13 ----D---- C:\Program Files\Internet Explorer
2016-11-09 23:52:13 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 23:52:12 ----D---- C:\Windows\SYSWOW64\migration
2016-11-09 23:52:11 ----D---- C:\Windows\system32\migration
2016-10-28 02:22:26 ----N---- C:\Windows\system32\MpSigStub.exe
2016-10-17 15:54:19 ----SD---- C:\Windows\system32\CompatTel
2016-10-17 15:54:19 ----D---- C:\Windows\system32\appraiser
2016-10-17 15:54:14 ----D---- C:\Windows
2016-10-16 17:33:53 ----D---- C:\Windows\Logs
2016-10-12 22:27:04 ----D---- C:\Windows\system32\Boot
2016-10-12 22:27:00 ----D---- C:\Windows\apppatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2014-10-10 241368]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2014-01-23 29464]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 vrvd5;vrvd5; C:\Windows\system32\DRIVERS\vrvd5.sys [2015-12-25 13344]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 clwvd;@oem21.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dtlitescsibus;@oem67.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-07-08 30264]
R3 GPIO;@oem14.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-02-18 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-01-15 3837144]
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-02-18 450520]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 RSP2STOR;@oem16.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-01-04 291544]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-01-28 839896]
R3 RTWlanE;@oem6.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-03-22 3379416]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-13 31472]
R3 SynTP;@oem18.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 542448]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-11-06 632168]
S3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
S3 dg_ssudbus;@oem79.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 nmwcd;@oem68.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem72.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 rssasnt;rssasnt; \??\C:\Users\Public\Documents\RSupport\rcc50\rssas64.sys []
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-12-13 29936]
S3 ssudmdm;@oem81.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2016-11-01 3042032]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2015-06-29 602888]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-10-20 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-02-18 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptatemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[r0ach]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Věra at 2017-01-08 23:14:58
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 115 GB (25%) free of 458 GB
Total RAM: 3982 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:15:05, on 8. 1. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Věra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9123 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 957633540896
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {c6aa1cfb-a79b-41c8-ae1209db31ce1dc6}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"

C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskhostex.exe
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory="Profile 1"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Věra\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x120
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/MaterialDesignUserManager/Enabled/MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_67/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,20,34,51,60 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --gpu-driver-date=1-20-2014 --mojo-application-channel-token=D08F8E3E9433729A39FED7133C223111 --mojo-platform-channel-handle=1124 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/MaterialDesignUserManager/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_67/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=A4F128E7E86F82AC75876E1262CEAC23 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=A4F128E7E86F82AC75876E1262CEAC23 --channel="3892.0.791330368\269771957" --mojo-platform-channel-handle=2024 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*MediaFoundationH264Encoding<MediaFoundationH264Encoding,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/MaterialDesignUserManager/Enabled/*MediaFoundationH264Encoding/Default/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_67/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=91850B9E26D50A23445D912ECDE4A7D9 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=91850B9E26D50A23445D912ECDE4A7D9 --channel="3892.2.78254179\897797131" --mojo-platform-channel-handle=2536 /prefetch:1
"C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe"

"C:\Users\Věra\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\HPCeeScheduleForVěra.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForVěra (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11 229064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-05 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01 2351920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-05 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-18 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-18 771568]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-02-18 770544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-01-14 7510896]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2803440]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2015-04-01 1092296]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-05-08 8322328]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2015-06-29 653576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-02-18 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2017-01-08 23:10:54 ----D---- C:\_OTM
2017-01-06 21:30:14 ----D---- C:\AdwCleaner
2017-01-06 21:15:52 ----A---- C:\Windows\SYSWOW64\aspnet_counters.dll
2017-01-06 21:15:51 ----A---- C:\Windows\system32\aspnet_counters.dll
2017-01-06 21:15:35 ----A---- C:\Windows\SYSWOW64\msvcp120_clr0400.dll
2017-01-06 21:15:35 ----A---- C:\Windows\system32\msvcp120_clr0400.dll
2017-01-06 21:15:28 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2017-01-06 21:15:28 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2017-01-06 20:27:40 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2017-01-06 20:27:40 ----A---- C:\Windows\SYSWOW64\GlobCollationHost.dll
2017-01-06 20:27:40 ----A---- C:\Windows\system32\Windows.Globalization.dll
2017-01-06 20:27:40 ----A---- C:\Windows\system32\mshtml.dll
2017-01-06 20:27:40 ----A---- C:\Windows\system32\GlobCollationHost.dll
2017-01-06 20:27:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-01-06 20:27:37 ----A---- C:\Windows\system32\ieframe.dll
2017-01-06 20:27:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-01-06 20:27:34 ----A---- C:\Windows\system32\jscript9.dll
2017-01-06 20:27:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-01-06 20:27:32 ----A---- C:\Windows\system32\win32k.sys
2017-01-06 20:27:31 ----A---- C:\Windows\system32\rdpcorets.dll
2017-01-06 20:27:29 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-01-06 20:27:28 ----A---- C:\Windows\system32\wininet.dll
2017-01-06 20:27:28 ----A---- C:\Windows\system32\msi.dll
2017-01-06 20:27:28 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-01-06 20:27:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-01-06 20:27:27 ----A---- C:\Windows\system32\authui.dll
2017-01-06 20:27:26 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-01-06 20:27:26 ----A---- C:\Windows\system32\crypt32.dll
2017-01-06 20:27:25 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-01-06 20:27:25 ----A---- C:\Windows\system32\drivers\http.sys
2017-01-06 20:27:25 ----A---- C:\Windows\system32\drivers\cmimcext.sys
2017-01-06 20:27:24 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2017-01-06 20:27:24 ----A---- C:\Windows\system32\gdi32.dll
2017-01-06 20:27:24 ----A---- C:\Windows\system32\drivers\refs.sys
2017-01-06 20:27:24 ----A---- C:\Windows\system32\drivers\cng.sys
2017-01-06 20:27:23 ----A---- C:\Windows\system32\wintrust.dll
2017-01-06 20:27:23 ----A---- C:\Windows\system32\drivers\spaceport.sys
2017-01-06 20:27:23 ----A---- C:\Windows\system32\drivers\clfs.sys
2017-01-06 20:27:23 ----A---- C:\Windows\system32\dnsapi.dll
2017-01-06 20:27:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-01-06 20:27:22 ----A---- C:\Windows\system32\user32.dll
2017-01-06 20:27:22 ----A---- C:\Windows\system32\drivers\storport.sys
2017-01-06 20:27:22 ----A---- C:\Windows\system32\bcrypt.dll
2017-01-06 20:27:21 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2017-01-06 20:27:21 ----A---- C:\Windows\system32\TpmTasks.dll
2017-01-06 20:27:21 ----A---- C:\Windows\system32\shsetup.dll
2017-01-06 20:27:21 ----A---- C:\Windows\system32\d3d10level9.dll
2017-01-06 20:27:21 ----A---- C:\Windows\system32\ActionQueue.dll
2017-01-06 20:27:20 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-01-06 20:27:20 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2017-01-06 20:27:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-01-06 20:27:19 ----A---- C:\Windows\system32\apisetschema.dll
2017-01-06 20:27:18 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-01-06 20:27:17 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-01-06 20:27:17 ----A---- C:\Windows\system32\urlmon.dll
2017-01-06 20:27:16 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-01-06 20:27:16 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-01-06 20:27:16 ----A---- C:\Windows\system32\certcli.dll
2017-01-06 20:27:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-01-06 20:27:14 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-01-06 20:27:14 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-01-06 20:27:14 ----A---- C:\Windows\system32\vbscript.dll
2017-01-06 20:27:14 ----A---- C:\Windows\system32\msfeeds.dll
2017-01-06 20:27:14 ----A---- C:\Windows\system32\jscript.dll
2017-01-06 20:27:14 ----A---- C:\Windows\system32\inetcomm.dll
2017-01-06 20:27:14 ----A---- C:\Windows\system32\ieapfltr.dll
2017-01-06 20:27:13 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-01-06 20:27:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-01-06 20:05:55 ----D---- C:\rsit
2017-01-06 20:05:55 ----D---- C:\Program Files\trend micro
2017-01-02 19:31:00 ----D---- C:\Program Files (x86)\GUME232.tmp
2017-01-02 19:31:00 ----A---- C:\Program Files (x86)\GUTE243.tmp
2016-11-13 13:19:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-09 19:30:44 ----A---- C:\Windows\system32\diagtrack.dll
2016-11-09 19:30:42 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-09 19:30:41 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-09 19:30:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-09 19:30:40 ----A---- C:\Windows\system32\iertutil.dll
2016-11-09 19:30:39 ----A---- C:\Windows\system32\ole32.dll
2016-11-09 19:30:39 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-09 19:30:37 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-11-09 19:30:35 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2016-11-09 19:30:35 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2016-11-09 19:30:35 ----A---- C:\Windows\system32\win32spl.dll
2016-11-09 19:30:35 ----A---- C:\Windows\system32\SessEnv.dll
2016-11-09 19:30:35 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-11-09 19:30:34 ----A---- C:\Windows\system32\vmrdvcore.dll
2016-11-09 19:30:34 ----A---- C:\Windows\system32\msdtcprx.dll
2016-11-09 19:30:33 ----A---- C:\Windows\system32\msctf.dll
2016-11-09 19:30:33 ----A---- C:\Windows\system32\mfsvr.dll
2016-11-09 19:30:32 ----A---- C:\Windows\system32\pdh.dll
2016-11-09 19:30:32 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-09 19:30:32 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2016-11-09 19:30:31 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-09 19:30:31 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-09 19:30:31 ----A---- C:\Windows\system32\atmfd.dll
2016-11-09 19:30:30 ----A---- C:\Windows\SYSWOW64\pdh.dll
2016-11-09 19:30:30 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-09 19:30:30 ----A---- C:\Windows\system32\DafPrintProvider.dll
2016-11-09 19:30:29 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-09 19:30:29 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-11-09 19:30:29 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-09 19:30:28 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-09 19:30:28 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2016-11-09 19:30:27 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-09 19:30:27 ----A---- C:\Windows\system32\localspl.dll
2016-11-09 19:30:27 ----A---- C:\Windows\system32\iscsiexe.dll
2016-11-09 19:30:26 ----A---- C:\Windows\SYSWOW64\iscsiwmi.dll
2016-11-09 19:30:26 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-09 19:30:26 ----A---- C:\Windows\system32\iscsiwmi.dll
2016-11-09 19:30:25 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-11-09 19:30:25 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-09 19:30:25 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-09 19:30:23 ----A---- C:\Windows\SYSWOW64\iscsidsc.dll
2016-11-09 19:30:23 ----A---- C:\Windows\system32\xolehlp.dll
2016-11-09 19:30:23 ----A---- C:\Windows\system32\iscsidsc.dll
2016-11-09 19:30:23 ----A---- C:\Windows\system32\dab.dll
2016-11-09 19:30:21 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-09 19:30:20 ----A---- C:\Windows\system32\input.dll
2016-11-09 19:30:17 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-09 19:30:17 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-09 19:30:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-09 19:30:14 ----A---- C:\Windows\SYSWOW64\xolehlp.dll
2016-11-09 19:30:14 ----A---- C:\Windows\system32\webcheck.dll
2016-11-09 19:30:12 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-09 19:30:08 ----A---- C:\Windows\system32\netlogon.dll
2016-11-09 19:30:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-09 19:30:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-09 19:30:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-09 19:30:05 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-09 19:30:04 ----A---- C:\Windows\system32\iepeers.dll
2016-11-09 19:30:03 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-11-09 19:30:03 ----A---- C:\Windows\system32\atmlib.dll
2016-11-09 19:30:02 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-10-16 16:41:31 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-16 16:41:31 ----A---- C:\Windows\system32\appraiser.dll
2016-10-16 16:41:31 ----A---- C:\Windows\system32\aeinv.dll
2016-10-16 16:41:31 ----A---- C:\Windows\system32\acmigration.dll
2016-10-16 16:41:30 ----A---- C:\Windows\system32\generaltel.dll
2016-10-16 16:41:30 ----A---- C:\Windows\system32\devinv.dll
2016-10-16 16:41:30 ----A---- C:\Windows\system32\aepic.dll
2016-10-16 16:41:29 ----A---- C:\Windows\system32\invagent.dll
2016-10-16 16:41:29 ----A---- C:\Windows\system32\centel.dll
2016-10-16 16:41:24 ----A---- C:\Windows\system32\shell32.dll
2016-10-16 16:41:22 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-16 16:41:20 ----A---- C:\Windows\system32\twinui.dll
2016-10-16 16:41:19 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-10-16 16:41:18 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-16 16:41:18 ----A---- C:\Windows\explorer.exe
2016-10-16 16:41:17 ----A---- C:\Windows\SYSWOW64\RestoreOptIn.exe
2016-10-16 16:41:17 ----A---- C:\Windows\system32\RestoreOptIn.exe
2016-10-12 17:42:46 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2016-10-12 17:42:46 ----A---- C:\Windows\system32\actxprxy.dll
2016-10-12 17:42:45 ----A---- C:\Windows\system32\wmp.dll
2016-10-12 17:42:44 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-12 17:42:39 ----A---- C:\Windows\system32\esent.dll
2016-10-12 17:42:38 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-10-12 17:42:35 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-12 17:42:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-12 17:42:35 ----A---- C:\Windows\system32\d3d11.dll
2016-10-12 17:42:34 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2016-10-12 17:42:34 ----A---- C:\Windows\system32\DWrite.dll
2016-10-12 17:42:32 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2016-10-12 17:42:31 ----A---- C:\Windows\system32\FntCache.dll
2016-10-12 17:42:29 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-12 17:42:28 ----A---- C:\Windows\system32\ntshrui.dll
2016-10-12 17:42:27 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2016-10-12 17:42:27 ----A---- C:\Windows\system32\wbengine.exe
2016-10-12 17:42:27 ----A---- C:\Windows\system32\GdiPlus.dll
2016-10-12 17:42:27 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-12 17:42:26 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2016-10-12 17:42:26 ----A---- C:\Windows\system32\winload.exe
2016-10-12 17:42:25 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-12 17:42:25 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-12 17:42:25 ----A---- C:\Windows\system32\drivers\parport.sys
2016-10-12 17:42:23 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2016-10-12 17:42:23 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2016-10-12 17:42:23 ----A---- C:\Windows\system32\PlayToDevice.dll
2016-10-12 17:42:21 ----A---- C:\Windows\SYSWOW64\PlayToDevice.dll
2016-10-12 17:42:21 ----A---- C:\Windows\system32\drivers\tm.sys
2016-10-12 17:42:20 ----A---- C:\Windows\system32\winresume.exe
2016-10-12 17:42:20 ----A---- C:\Windows\system32\rastapi.dll
2016-10-12 17:42:19 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-12 17:42:19 ----A---- C:\Windows\system32\twinui.appcore.dll
2016-10-12 17:42:19 ----A---- C:\Windows\system32\drivers\vwifimp.sys
2016-10-12 17:42:19 ----A---- C:\Windows\system32\drivers\serial.sys
2016-10-12 17:42:19 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-12 17:42:18 ----A---- C:\Windows\SYSWOW64\offreg.dll
2016-10-12 17:42:18 ----A---- C:\Windows\system32\offreg.dll
2016-10-12 17:42:18 ----A---- C:\Windows\system32\drivers\vwifibus.sys
2016-10-12 17:42:18 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-12 17:42:17 ----A---- C:\Windows\system32\drivers\serenum.sys
2016-10-12 17:42:11 ----A---- C:\Windows\system32\drivers\vwififlt.sys

======List of files/folders modified in the last 3 months======

2017-01-08 23:15:05 ----D---- C:\Windows\Temp
2017-01-08 23:15:04 ----D---- C:\Windows\Prefetch
2017-01-08 23:10:54 ----D---- C:\Windows\Tasks
2017-01-08 23:06:14 ----D---- C:\Windows\system32\sru
2017-01-06 22:23:16 ----D---- C:\Windows\Microsoft.NET
2017-01-06 22:13:17 ----D---- C:\Windows\rescache
2017-01-06 22:12:18 ----RSD---- C:\Windows\assembly
2017-01-06 22:09:03 ----SHD---- C:\System Volume Information
2017-01-06 21:56:50 ----D---- C:\Windows\system32\config
2017-01-06 21:50:04 ----RD---- C:\Windows\System32
2017-01-06 21:50:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-06 21:44:54 ----D---- C:\Windows\WinSxS
2017-01-06 21:44:51 ----D---- C:\Windows\SysWOW64
2017-01-06 21:44:21 ----D---- C:\Windows\system32\DriverStore
2017-01-06 21:44:04 ----D---- C:\Windows\Inf
2017-01-06 21:37:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-01-06 21:37:05 ----D---- C:\Windows\system32\wbem
2017-01-06 21:37:05 ----D---- C:\Windows\system32\oobe
2017-01-06 21:37:05 ----D---- C:\Windows\system32\drivers
2017-01-06 21:37:05 ----D---- C:\Windows\system32\cs-CZ
2017-01-06 21:34:35 ----HD---- C:\ProgramData
2017-01-06 21:29:16 ----D---- C:\Windows\AppReadiness
2017-01-06 21:29:15 ----HD---- C:\Program Files\WindowsApps
2017-01-06 21:23:33 ----D---- C:\Windows\CbsTemp
2017-01-06 21:23:32 ----D---- C:\Windows\system32\MRT
2017-01-06 21:18:09 ----AC---- C:\Windows\system32\MRT.exe
2017-01-06 20:29:18 ----D---- C:\Windows\system32\Tasks
2017-01-06 20:20:15 ----SHD---- C:\Windows\Installer
2017-01-06 20:19:46 ----D---- C:\Windows\system32\catroot2
2017-01-06 20:19:25 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-01-06 20:16:49 ----D---- C:\Program Files\Microsoft Office 15
2017-01-06 20:05:55 ----RD---- C:\Program Files
2017-01-02 19:47:02 ----D---- C:\Users\Věra\AppData\Roaming\vlc
2017-01-02 19:32:46 ----D---- C:\Program Files (x86)\Opera
2017-01-02 19:31:00 ----RD---- C:\Program Files (x86)
2016-11-09 23:52:25 ----RD---- C:\Windows\ToastData
2016-11-09 23:52:13 ----D---- C:\Program Files\Internet Explorer
2016-11-09 23:52:13 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 23:52:12 ----D---- C:\Windows\SYSWOW64\migration
2016-11-09 23:52:11 ----D---- C:\Windows\system32\migration
2016-10-28 02:22:26 ----N---- C:\Windows\system32\MpSigStub.exe
2016-10-17 15:54:19 ----SD---- C:\Windows\system32\CompatTel
2016-10-17 15:54:19 ----D---- C:\Windows\system32\appraiser
2016-10-17 15:54:14 ----D---- C:\Windows
2016-10-16 17:33:53 ----D---- C:\Windows\Logs
2016-10-12 22:27:04 ----D---- C:\Windows\system32\Boot
2016-10-12 22:27:00 ----D---- C:\Windows\apppatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2014-10-10 241368]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2014-01-23 29464]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 vrvd5;vrvd5; C:\Windows\system32\DRIVERS\vrvd5.sys [2015-12-25 13344]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 clwvd;@oem21.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dtlitescsibus;@oem67.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-07-08 30264]
R3 GPIO;@oem14.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-02-18 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-01-15 3837144]
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-02-18 450520]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 RSP2STOR;@oem16.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-01-04 291544]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-01-28 839896]
R3 RTWlanE;@oem6.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-03-22 3379416]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-13 31472]
R3 SynTP;@oem18.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 542448]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-11-06 632168]
S3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
S3 dg_ssudbus;@oem79.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 nmwcd;@oem68.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem72.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 rssasnt;rssasnt; \??\C:\Users\Public\Documents\RSupport\rcc50\rssas64.sys []
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-12-13 29936]
S3 ssudmdm;@oem81.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2016-11-01 3042032]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2015-06-29 602888]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-10-20 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-02-18 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

[Rudy]

Smazáno. Nastala nějaká změna?

[r0ach]

Pořád to není žádný rychlík, ale o něco to lepší je.
Ten noťas patří mamce, tak pořádně nedovedu posoudit, jak výrazná to je změna.

[Rudy]

Ještě proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.

[r0ach]

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 09.01.17
Čas skenování: 20:53
Logovací soubor: mb.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.0.5.1299
Verze komponentů: 1.0.43
Aktualizovat verzi balíku komponent: 1.0.962
Licence: Zkušební

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: RUNKA\V\u00c4\u009bra

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 353519
Uplynulý čas: 13 min, 35 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 2
PUP.Optional.Carambis, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Driver Updater, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, HKU\S-1-5-21-3609973133-1476983453-1870249020-1001\SOFTWARE\CARAMBIS\Driver Updater, Žádná uživatelská akce, [2330], [351310],1.0.962

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 14
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\crashereports, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\data\lang, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\drivers, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\License, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\data, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\temp, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\USERS\V\u00c4\u009bRA\APPDATA\ROAMING\Carambis\Driver Updater, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\imageformats, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\Win32, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\x64, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\PROGRAM FILES (X86)\CARAMBIS\DRIVER UPDATER, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\CARAMBIS\DRIVER UPDATER, Žádná uživatelská akce, [2330], [351670],1.0.962
PUP.Optional.RazorWeb, C:\Users\V\u00c4\u009bra\AppData\Roaming\Opera Software\Opera Stable\Extensions\moegpkkihomibfjeklojmdllpodpicmg\1.0.5664.30385_0, Žádná uživatelská akce, [8810], [301967],1.0.962
PUP.Optional.RazorWeb, C:\USERS\V\u00c4\u009bRA\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\EXTENSIONS\MOEGPKKIHOMIBFJEKLOJMDLLPODPICMG, Žádná uživatelská akce, [8810], [301967],1.0.962

Soubor: 36
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\data\lang\crashrpt_lang_DE.ini, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\data\lang\crashrpt_lang_EN.ini, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\data\lang\crashrpt_lang_ES.ini, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\data\lang\crashrpt_lang_FR.ini, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\data\lang\crashrpt_lang_IT.ini, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\data\lang\crashrpt_lang_JP.ini, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\data\lang\crashrpt_lang_RU.ini, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\log.txt, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\Users\V\u00c4\u009bra\AppData\Roaming\Carambis\Driver Updater\settings.dat, Žádná uživatelská akce, [2330], [351300],1.0.962
PUP.Optional.Carambis, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\DRIVER UPDATER.LNK, Žádná uživatelská akce, [2330], [351672],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\imageformats\qico4.dll, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\Win32\Installer.exe, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\x64\Installer.exe, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\CrashRpt.dll, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\CrashSender.exe, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\dbghelp.dll, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\htmlayout.dll, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\libcurl.dll, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\QtCore4.dll, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\QtGui4.dll, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\QtNetwork4.dll, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\QtXml4.dll, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\sqlite3.dll, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\Program Files (x86)\Carambis\Driver Updater\uninstall.exe, Žádná uživatelská akce, [2330], [351295],1.0.962
PUP.Optional.Carambis, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis\Driver Updater\Driver Updater.lnk, Žádná uživatelská akce, [2330], [351670],1.0.962
PUP.Optional.Carambis, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis\Driver Updater\Uninstall.lnk, Žádná uživatelská akce, [2330], [351670],1.0.962
PUP.Optional.APNToolBar, C:\USERS\V\u00c4\u009bRA\DESKTOP\DRIVERINSTALL.EXE, Žádná uživatelská akce, [8362], [76243],1.0.962
PUP.Optional.Carambis, C:\USERS\PUBLIC\DESKTOP\DRIVER UPDATER.LNK, Žádná uživatelská akce, [2330], [351666],1.0.962
PUP.Optional.RazorWeb, C:\USERS\V\u00c4\u009bRA\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\EXTENSIONS\MOEGPKKIHOMIBFJEKLOJMDLLPODPICMG\1.0.5664.30385_0\MANIFEST.JSON, Žádná uživatelská akce, [8810], [301967],1.0.962
PUP.Optional.RazorWeb, C:\Users\V\u00c4\u009bra\AppData\Roaming\Opera Software\Opera Stable\Extensions\moegpkkihomibfjeklojmdllpodpicmg\1.0.5664.30385_0\background.js, Žádná uživatelská akce, [8810], [301967],1.0.962
PUP.Optional.RazorWeb, C:\Users\V\u00c4\u009bra\AppData\Roaming\Opera Software\Opera Stable\Extensions\moegpkkihomibfjeklojmdllpodpicmg\1.0.5664.30385_0\content.js, Žádná uživatelská akce, [8810], [301967],1.0.962
PUP.Optional.RazorWeb, C:\Users\V\u00c4\u009bra\AppData\Roaming\Opera Software\Opera Stable\Extensions\moegpkkihomibfjeklojmdllpodpicmg\1.0.5664.30385_0\icon.png, Žádná uživatelská akce, [8810], [301967],1.0.962
PUP.Optional.RazorWeb, C:\Users\V\u00c4\u009bra\AppData\Roaming\Opera Software\Opera Stable\Extensions\moegpkkihomibfjeklojmdllpodpicmg\1.0.5664.30385_0\manifest.json, Žádná uživatelská akce, [8810], [301967],1.0.962
PUP.Optional.APNToolBar, C:\USERS\V\u00c4\u009bRA\DOWNLOADS\WWW.X-DRIVERS.RU_QUALCOMM_QPST_2.7.323_(2008-09-19).ZIP, Žádná uživatelská akce, [8362], [76243],1.0.962
PUP.Optional.Carambis, C:\WINDOWS\SYSTEM32\TASKS\CarambisDriverUpdaterUACDisablingTask, Žádná uživatelská akce, [2330], [351307],1.0.962

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Rudy]

Smažte všechny nálezy MBAM.

[r0ach]

Smazano

[Rudy]

Zlepšila se rychlost?