Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomalý NT, sekání.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
good007
Návštěvník
Návštěvník
Příspěvky: 231
Registrován: 13 úno 2011 00:06

Pomalý NT, sekání.

#1 Příspěvek od good007 »

Dobrý večer, prosím můžete mi kouknout na NTB? Rychlost velmi často na zbláznění a párkrát se seknul tak, že byl nutný restart natvrdo....
Díky

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vlada at 2015-09-27 21:04:06
Microsoft Windows 8.1
System drive C: has 345 GB (37%) free of 944 GB
Total RAM: 8096 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:04:11, on 27. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files\Dell\Dell Foundation Services\DFSSystrayUI.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Vlada.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll
O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe
O23 - Service: Dell Data Services - Dell - C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: My Dell Client Framework - Dell Inc. - C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNAT.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12426 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 689940495968
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
C:\WINDOWS\SYSWOW64\VMNAT.EXE
C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe"
"C:\Program Files\Dell\Dell Data Services\DDSSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe"
"C:\Program Files\Dell\DellDataVault\DellDataVault.exe"
dashost.exe {31eec6dc-8b66-4033-977dd5c4c97ad3c2}
"C:\Program Files (x86)\PDF Architect 3\ws.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" e1150c70-0c31-4509-b3e4-0df0d7459098 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\Explorer.EXE
"C:\Program Files\Dell\Dell Foundation Services\DFSSystrayUI.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
igfxHK.exe
"C:\Windows\system32\igfxEM.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC
"C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE"
"C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE" C:\Users\Vlada
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:10992 CREDAT:267521 /prefetch:2
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Dell\SupportAssist\imstrayicon.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d6050d4e-837d-432e-b9a9-aa54da196d32 -SystemEventPortName:HostProcess-15307410-386a-4469-a300-dd71bedc2897 -IoCancelEventPortName:HostProcess-820950d2-108f-4b94-bab0-8a08b8523a38 -NonStateChangingEventPortName:HostProcess-e1a50d65-52ff-4c06-875a-74c2b61817c7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:14117e5b-14dc-49b7-97ff-430a06b97902 -DeviceGroupId:WpdFsGroup
taskhostex.exe Idle
taskhost.exe IdleSyncMaintenance
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2183685787-1768399-1404195361-1001175_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2183685787-1768399-1404195361-1001175 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
C:\Windows\system32\wbem\WmiApSrv.exe

"C:\Users\Vlada\AppData\Local\Microsoft\Windows\INetCache\IE\75AGFCEC\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\lg42dpuj.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDF Architect 3]
"Description"=
"Path"=C:\Program Files (x86)\PDF Architect 3\np-previewer.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-17 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-17 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2DFF3579-5AA7-45B9-9328-1D38EA230861} - PDF Architect 3 Toolbar - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24 496344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-01-18 7510232]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-01-14 1374936]
"WavesSvc"=C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [2013-12-31 285272]
"QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2014-01-16 3777696]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-03 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2014-01-08 133760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DropboxOEM"=C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-02 462160]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-25 6111824]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2014-01-08 133760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-27 21:04:06 ----D---- C:\rsit
2015-09-27 21:04:06 ----D---- C:\Program Files\trend micro
2015-09-20 18:16:46 ----A---- C:\Windows\system32\drivers\aswF3AD.tmp
2015-09-20 18:16:07 ----A---- C:\Windows\system32\drivers\ngv5DDB.tmp
2015-09-20 18:16:07 ----A---- C:\Windows\system32\drivers\asw5EDD.tmp
2015-09-20 18:16:07 ----A---- C:\Windows\system32\drivers\asw5ECD.tmp
2015-09-20 18:16:07 ----A---- C:\Windows\system32\drivers\asw5ECC.tmp
2015-09-20 18:16:07 ----A---- C:\Windows\system32\drivers\asw5EBB.tmp
2015-09-20 18:16:07 ----A---- C:\Windows\system32\drivers\asw5EBA.tmp
2015-09-20 18:16:07 ----A---- C:\Windows\system32\drivers\asw5EA9.tmp
2015-09-20 18:16:07 ----A---- C:\Windows\system32\drivers\asw5EA8.tmp
2015-09-20 18:16:07 ----A---- C:\Windows\system32\drivers\asw5DEC.tmp
2015-09-20 18:15:58 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-17 18:38:09 ----A---- C:\Windows\system32\drivers\ngvB421.tmp
2015-09-17 18:38:09 ----A---- C:\Windows\system32\drivers\aswB477.tmp
2015-09-17 18:38:09 ----A---- C:\Windows\system32\drivers\aswB466.tmp
2015-09-17 18:38:09 ----A---- C:\Windows\system32\drivers\aswB465.tmp
2015-09-17 18:38:09 ----A---- C:\Windows\system32\drivers\aswB464.tmp
2015-09-17 18:38:09 ----A---- C:\Windows\system32\drivers\aswB454.tmp
2015-09-17 18:38:09 ----A---- C:\Windows\system32\drivers\aswB453.tmp
2015-09-17 18:38:09 ----A---- C:\Windows\system32\drivers\aswB442.tmp
2015-09-17 18:38:09 ----A---- C:\Windows\system32\drivers\aswB432.tmp
2015-09-17 18:38:00 ----A---- C:\Windows\avastSS.scr
2015-09-15 18:37:07 ----D---- C:\ProgramData\HappyFoto-Designer
2015-09-15 18:37:04 ----D---- C:\Program Files (x86)\HappyFoto-Designer
2015-09-11 22:22:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-09-11 18:27:02 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-11 18:27:02 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-11 18:27:02 ----A---- C:\Windows\system32\tdh.dll
2015-09-11 18:27:02 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-11 18:26:54 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-11 18:26:54 ----A---- C:\Windows\system32\msxml6.dll
2015-09-11 18:26:53 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-11 18:26:53 ----A---- C:\Windows\system32\msxml3.dll
2015-09-11 18:26:45 ----A---- C:\Windows\system32\SettingsHandlers.dll
2015-09-11 18:22:25 ----A---- C:\Windows\system32\drivers\bthpan.sys
2015-09-11 18:22:13 ----A---- C:\Windows\system32\consent.exe
2015-09-11 18:22:07 ----A---- C:\Windows\system32\profsvc.dll
2015-09-11 18:21:58 ----A---- C:\Windows\system32\gdi32.dll
2015-09-11 18:21:57 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-09-11 18:21:50 ----A---- C:\Windows\system32\mshtml.dll
2015-09-11 18:21:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-11 18:21:45 ----A---- C:\Windows\system32\ieframe.dll
2015-09-11 18:21:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-11 18:21:39 ----A---- C:\Windows\system32\jscript9.dll
2015-09-11 18:21:36 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-11 18:21:36 ----A---- C:\Windows\system32\iertutil.dll
2015-09-11 18:21:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-11 18:21:35 ----A---- C:\Windows\system32\wininet.dll
2015-09-11 18:21:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-11 18:21:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-11 18:21:34 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-11 18:21:34 ----A---- C:\Windows\system32\urlmon.dll
2015-09-11 18:21:34 ----A---- C:\Windows\system32\jscript.dll
2015-09-11 18:21:34 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-11 18:21:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-11 18:21:33 ----A---- C:\Windows\system32\vbscript.dll
2015-09-11 18:21:33 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-11 18:21:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-11 18:21:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-11 18:21:23 ----A---- C:\Windows\system32\webcheck.dll
2015-09-11 18:21:23 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-11 18:21:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-09-11 18:21:21 ----A---- C:\Windows\system32\inetcomm.dll
2015-09-11 18:21:20 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-09-11 18:21:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-11 18:21:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-11 18:06:26 ----A---- C:\Windows\system32\wucltux.dll
2015-09-11 18:06:26 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-11 18:06:26 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-11 18:06:25 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-11 18:06:25 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-11 18:06:25 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-11 18:06:25 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-09-11 18:06:25 ----A---- C:\Windows\system32\wuapi.dll
2015-09-11 18:06:24 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-11 18:06:24 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-11 18:06:24 ----A---- C:\Windows\system32\wudriver.dll
2015-09-11 18:06:24 ----A---- C:\Windows\system32\wuapp.exe
2015-09-11 18:06:07 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-11 18:06:07 ----A---- C:\Windows\system32\InkEd.dll
2015-09-11 18:00:13 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-11 18:00:13 ----A---- C:\Windows\system32\authui.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\shacct.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-11 18:00:12 ----A---- C:\Windows\system32\shacct.dll
2015-09-11 18:00:12 ----A---- C:\Windows\system32\SettingSync.dll
2015-09-11 17:59:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-11 17:59:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-11 17:59:34 ----A---- C:\Windows\system32\win32k.sys
2015-09-11 17:59:34 ----A---- C:\Windows\system32\atmlib.dll
2015-09-11 17:59:34 ----A---- C:\Windows\system32\atmfd.dll
2015-09-11 17:57:32 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2015-09-11 17:57:32 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2015-09-11 17:57:32 ----A---- C:\Windows\system32\taskeng.exe
2015-09-11 17:57:32 ----A---- C:\Windows\system32\schtasks.exe
2015-09-11 17:57:32 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-11 17:57:18 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-11 17:57:18 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-11 17:57:18 ----A---- C:\Windows\system32\appidapi.dll
2015-09-11 17:57:16 ----A---- C:\Windows\system32\tzsync.exe
2015-09-08 21:23:28 ----N---- C:\Windows\system32\drivers\iqvw64e.sys

======List of files/folders modified in the last 1 month======

2015-09-27 21:04:06 ----RD---- C:\Program Files
2015-09-27 21:02:00 ----D---- C:\Windows\system32\sru
2015-09-27 20:54:54 ----D---- C:\Windows\Prefetch
2015-09-27 20:53:55 ----D---- C:\Windows\Temp
2015-09-27 20:51:06 ----D---- C:\Windows\Microsoft.NET
2015-09-27 20:47:08 ----D---- C:\Windows\system32\config
2015-09-27 20:42:02 ----RD---- C:\Windows\System32
2015-09-27 20:42:02 ----D---- C:\Windows\Inf
2015-09-27 20:42:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-27 20:39:32 ----D---- C:\Windows
2015-09-23 20:41:48 ----D---- C:\Program Files (x86)\Dell Backup and Recovery
2015-09-22 19:27:40 ----D---- C:\Windows\CbsTemp
2015-09-22 19:24:51 ----D---- C:\Windows\WinSxS
2015-09-22 19:24:51 ----D---- C:\Windows\SysWOW64
2015-09-22 19:23:43 ----SHD---- C:\System Volume Information
2015-09-20 18:17:12 ----D---- C:\Windows\system32\DriverStore
2015-09-20 18:16:47 ----D---- C:\Windows\system32\drivers
2015-09-20 18:16:24 ----D---- C:\Windows\system32\Tasks
2015-09-20 11:23:25 ----D---- C:\Windows\rescache
2015-09-20 11:17:16 ----D---- C:\Windows\system32\catroot2
2015-09-20 09:00:43 ----D---- C:\Windows\system32\MRT
2015-09-20 08:54:49 ----D---- C:\Windows\debug
2015-09-20 08:54:12 ----D---- C:\Windows\SoftwareDistribution
2015-09-17 19:03:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-17 19:03:03 ----RD---- C:\Program Files (x86)
2015-09-17 18:22:36 ----D---- C:\ProgramData\VMware
2015-09-17 18:21:38 ----D---- C:\ProgramData\NVIDIA
2015-09-17 13:50:06 ----D---- C:\Windows\system32\cs-CZ
2015-09-17 13:50:05 ----D---- C:\Windows\PolicyDefinitions
2015-09-17 13:50:05 ----D---- C:\Program Files\Windows Journal
2015-09-17 13:50:05 ----D---- C:\Program Files\Internet Explorer
2015-09-17 13:50:05 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-17 13:47:06 ----D---- C:\Windows\system32\NDF
2015-09-15 18:39:02 ----SHD---- C:\Windows\Installer
2015-09-15 18:37:07 ----HD---- C:\ProgramData
2015-09-15 03:18:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-09-11 22:40:03 ----RSD---- C:\Windows\assembly
2015-09-11 21:23:59 ----D---- C:\ProgramData\PCDr
2015-09-11 18:02:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-07 21:44:04 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-17 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-17 274808]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-29 644968]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-09-17 132656]
R0 vmci;@oem202.inf,%vmci.Service.DispName%;VMware VMCI Bus Driver; C:\Windows\System32\drivers\vmci.sys [2015-01-07 85584]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-17 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-17 1049880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-17 448968]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-17 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-17 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-17 153744]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-01-07 55488]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-24 11576]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-08-17 273824]
R2 VMnetBridge;@oem200.inf,%VMware_Desc%;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2015-02-06 48832]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2015-02-06 26816]
R3 AthBTPort;@oem184.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-01-08 89800]
R3 athr;@oem59.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-12-13 3881472]
R3 BTATH_A2DP;@oem183.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-01-08 338120]
R3 btath_avdt;@oem183.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-01-08 116424]
R3 BTATH_BUS;@oem181.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-01-08 34384]
R3 BTATH_HCRP;@oem186.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-01-08 179432]
R3 BTATH_LWFLT;@oem188.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-01-08 77464]
R3 BTATH_RCP;@oem190.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-01-08 137928]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-01-08 597192]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-02-26 23760]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-05-22 24240]
R3 DellRbtn;@oem57.inf,%DellRbtn%;Airplane Mode Switch; C:\Windows\System32\drivers\DellRbtn.sys [2013-01-25 10752]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-04-23 3789824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-01-22 3849304]
R3 iwdbus;@oem194.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MEIx64;@oem180.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-05-28 10995528]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
R3 nvvad_WaveExtensible;@oem203.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem56.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-08-16 830680]
R3 SynRMIHID;@oem187.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-01-15 41200]
R3 SynTP;@oem185.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-01-15 543984]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2015-02-06 33472]
R3 VMnetAdapter;@oem201.inf,%VMnetAdapter.Service.DispName%;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2015-02-06 28864]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2015-04-08 80160]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem193.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem189.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-04-23 450520]
S3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys []
S3 RSUSBVSTOR;@oem60.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-11-02 330456]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2014-01-08 318592]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-08-17 146600]
R2 Dell Customer Connect;Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe [2015-04-09 145288]
R2 Dell Data Services;Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [2014-11-13 45936]
R2 Dell Foundation Services;Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2015-08-18 116424]
R2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2015-05-22 2573520]
R2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2015-05-22 201936]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-04-26 315376]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-28 937288]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2013-07-30 253776]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-09 290520]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2014-07-02 1921768]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-28 410768]
R2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-06-11 20648]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2015-02-06 87744]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE [2015-02-06 359104]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-01-07 915648]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-08-17 4047768]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe []
S2 My Dell Client Framework;My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [2014-01-10 168960]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-04-26 279024]
S3 DellProdRegManager;Dell Product Registration Manager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [2014-10-31 278568]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-13 136120]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-11 149160]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]

-----------------EOF-----------------
Nahoru
good007
Návštěvník
Návštěvník
Příspěvky: 231
Registrován: 13 úno 2011 00:06

Re: Pomalý NT, sekání.

#2 Příspěvek od good007 »

info.txt logfile of random's system information tool 1.10 2015-09-27 21:04:12

======MBR======

0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001AEF9175000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}\setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\Setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\Setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
-->C:\ProgramData\{8AF32939-989B-460A-8726-CA2C776032A1}\DDV.exe
Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
AxCrypt 1.7.3156.0-->MsiExec.exe /I{8B49CDB9-824C-44D6-A5D3-D0235D3030B8}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CyberLink LabelPrint 2.5-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink Media Suite Essentials-->"C:\Program Files (x86)\InstallShield Installation Information\{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}\setup.exe" /z-uninstall
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall
CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\Setup.exe" /z-uninstall
CyberLink PowerDVD 12-->"C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\Setup.exe" /z-uninstall
Dell Backup and Recovery-->"C:\Program Files (x86)\InstallShield Installation Information\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}\setup.exe" -runfromtemp -l0x0405 -removeonly
Dell Customer Connect-->MsiExec.exe /I{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}
Dell Data Services-->MsiExec.exe /X{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}
Dell Digital Delivery-->MsiExec.exe /I{D850CB7E-72BC-4510-BA4F-48932BFAB295}
Dell Foundation Services-->MsiExec.exe /X{D605CD24-103D-4DB6-B572-653851213C46}
Dell Product Registration-->MsiExec.exe /X{24F2AD94-CC1B-4294-B184-D4D31A3186A7}
Dell SupportAssist-->C:\Program Files\Dell\SupportAssist\uninstaller.exe /arp
Dell SupportAssistAgent-->MsiExec.exe /X{287348C8-8B47-4C36-AF28-441A3B7D8722}
Dell Touchpad-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Dell Update-->MsiExec.exe /I{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}
Dell WLAN and Bluetooth Client Installation-->"C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -runfromtemp -l0x0405 -removeonly
Dropbox 20 GB-->MsiExec.exe /I{597A58EC-42D6-4940-8739-FB94491B013C}
HappyFoto-Designer 5.4-->"C:\Program Files (x86)\HappyFoto-Designer\unins000.exe"
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7}
Microsoft Access MUI (Czech) 2013-->MsiExec.exe /X{90150000-0015-0405-0000-0000000FF1CE}
Microsoft DCF MUI (Czech) 2013-->MsiExec.exe /X{90150000-0090-0405-0000-0000000FF1CE}
Microsoft Excel MUI (Czech) 2013-->MsiExec.exe /X{90150000-0016-0405-0000-0000000FF1CE}
Microsoft Groove MUI (Czech) 2013-->MsiExec.exe /X{90150000-00BA-0405-0000-0000000FF1CE}
Microsoft InfoPath MUI (Czech) 2013-->MsiExec.exe /X{90150000-0044-0405-0000-0000000FF1CE}
Microsoft Lync MUI (Czech) 2013-->MsiExec.exe /X{90150000-012B-0405-0000-0000000FF1CE}
Microsoft Office 64-bit Components 2013-->MsiExec.exe /X{90150000-002A-0000-1000-0000000FF1CE}
Microsoft Office Korrekturhilfen 2013 - Deutsch-->MsiExec.exe /X{90150000-001F-0407-0000-0000000FF1CE}
Microsoft Office OSM MUI (Czech) 2013-->MsiExec.exe /X{90150000-00E1-0405-0000-0000000FF1CE}
Microsoft Office OSM UX MUI (Czech) 2013-->MsiExec.exe /X{90150000-00E2-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2013-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2013-->MsiExec.exe /X{91150000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2013-->MsiExec.exe /X{90150000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2013 - English-->MsiExec.exe /X{90150000-001F-0409-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2013-->MsiExec.exe /X{90150000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2013-->MsiExec.exe /X{90150000-006E-0405-0000-0000000FF1CE}
Microsoft OneNote MUI (Czech) 2013-->MsiExec.exe /X{90150000-00A1-0405-0000-0000000FF1CE}
Microsoft Outlook MUI (Czech) 2013-->MsiExec.exe /X{90150000-001A-0405-0000-0000000FF1CE}
Microsoft PowerPoint MUI (Czech) 2013-->MsiExec.exe /X{90150000-0018-0405-0000-0000000FF1CE}
Microsoft Publisher MUI (Czech) 2013-->MsiExec.exe /X{90150000-0019-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Word MUI (Czech) 2013-->MsiExec.exe /X{90150000-001B-0405-0000-0000000FF1CE}
Mozilla Firefox 40.0.3 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
My Dell Client Framework-->"C:\Program Files (x86)\InstallShield Installation Information\{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}\setup.exe" -runfromtemp -l0x0409 -removeonly
My Dell Client Framework-->MsiExec.exe /I{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština-->MsiExec.exe /X{90150000-001F-0405-0000-0000000FF1CE}
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina-->MsiExec.exe /X{90150000-001F-041B-0000-0000000FF1CE}
NVIDIA GeForce Experience 2.4.5.44-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač 3D Vision 353.06-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladače grafiky 353.06-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.15.0428-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
PDF Architect 3 Create Module-->MsiExec.exe /I{38BA288B-C4F4-4C62-9237-4BFAB374F966}
PDF Architect 3 Edit Module-->MsiExec.exe /X{5183F03D-90FA-493B-A074-F0F78B8486AD}
PDF Architect 3 View Module-->MsiExec.exe /I{EB24E9E7-4BC1-4FD7-BF86-BDE07A7A03D7}
PDF Architect 3-->C:\ProgramData\PDF Architect 3\Installation\PDFArchitect3Installer.exe /uninstall
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
Quickset64-->MsiExec.exe /I{87CF757E-C1F1-4D22-865C-00C6950B5258}
Realtek Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\Setup.exe" -runfromtemp -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Samsung SCX-4200 Series-->C:\Program Files (x86)\Samsung\Samsung SCX-4200 Series\Install\Setup.exe /R
tools-windows-->MsiExec.exe /X{FFD9383C-01D5-4897-A954-43AF599AED30}
Total Commander 64-bit (Remove or Repair)-->C:\Program Files\totalcmd\tcunin64.exe
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VMware Player-->"C:\ProgramData\VMware\VMware Player\Uninstaller\\uninstall.exe" -x -S "C:\ProgramData\VMware\VMware Player\Uninstaller\"
VMware Player-->MsiExec.exe /I{E452E727-86B8-4233-8CC3-41FD817AFAFF}

======System event log======

Computer Name: DHSNW532
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z Zakázáno na automatické spouštění.
Record Number: 967
Source Name: Service Control Manager
Time Written: 20141208095509.864116-000
Event Type: Informace
User: work\Administrator

Computer Name: DHSNW532
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z automatické spouštění na Zakázáno.
Record Number: 966
Source Name: Service Control Manager
Time Written: 20141208095508.751021-000
Event Type: Informace
User: work\Administrator

Computer Name: DHSNW532
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 965
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141208095500.754106-000
Event Type: Informace
User: work\Administrator

Computer Name: DHSNW532
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 964
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141208095500.566578-000
Event Type: Informace
User: work\Administrator

Computer Name: DHSNW532
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 963
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141208095500.488477-000
Event Type: Informace
User: work\Administrator

=====Application event log=====

Computer Name: DHSNW532
Event Code: 3
Message:
Record Number: 538
Source Name: NvStreamSvc
Time Written: 20141208095516.000000-000
Event Type: Informace
User:

Computer Name: DHSNW532
Event Code: 3
Message:
Record Number: 537
Source Name: NvStreamSvc
Time Written: 20141208095516.000000-000
Event Type: Informace
User:

Computer Name: DHSNW532
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 536
Source Name: Microsoft-Windows-Search
Time Written: 20141208095512.000000-000
Event Type: Informace
User:

Computer Name: DHSNW532
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.

Record Number: 535
Source Name: Microsoft-Windows-Search
Time Written: 20141208095509.000000-000
Event Type: Informace
User:

Computer Name: DHSNW532
Event Code: 103
Message: SearchIndexer (4052) Windows: Databázový stroj zastavil instanci (0).

Nesprávné vypnutí: 0

Sekvence interního načasování: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.078, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.031, [10] 0.031, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.
Record Number: 534
Source Name: ESENT
Time Written: 20141208095509.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: DHSNW532
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 533
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141208095502.465101-000
Event Type: Úspěšný audit
User:

Computer Name: DHSNW532
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DHSNW532$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Typ přihlášení: 5

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2d4
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 532
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141208095502.465101-000
Event Type: Úspěšný audit
User:

Computer Name: DHSNW532
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 531
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141208095502.285351-000
Event Type: Úspěšný audit
User:

Computer Name: DHSNW532
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DHSNW532$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Typ přihlášení: 5

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2d4
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 530
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20141208095502.285351-000
Event Type: Úspěšný audit
User:

Computer Name: DHSNW532
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2183685787-1768399-1404195361-500
Název účtu: Administrator
Název domény: DHSNW532
ID přihlášení: 0x3485D
Record Number: 529
Source Name: Microsoft-Windows-Eventlog
Time Written: 20141208095500.660328-000
Event Type: Úspěšný audit
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"Path"=c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=4501

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NT, sekání.

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
good007
Návštěvník
Návštěvník
Příspěvky: 231
Registrován: 13 úno 2011 00:06

Re: Pomalý NT, sekání.

#4 Příspěvek od good007 »

Log zde...
# AdwCleaner v5.009 - Logfile created 27/09/2015 at 22:18:04
# Updated 27/09/2015 by Xplode
# Database : 2015-09-27.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Vlada - WORK
# Running from : C:\Users\Vlada\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Vlada\AppData\Roaming\pdfforge

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [660 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NT, sekání.

#5 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
good007
Návštěvník
Návštěvník
Příspěvky: 231
Registrován: 13 úno 2011 00:06

Re: Pomalý NT, sekání.

#6 Příspěvek od good007 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vlada at 2015-09-27 22:44:25
Microsoft Windows 8.1
System drive C: has 346 GB (37%) free of 944 GB
Total RAM: 8096 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:44:27, on 27. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Dell\Dell Foundation Services\DFSSystrayUI.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files\trend micro\Vlada.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll
O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Services - Dell - C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: My Dell Client Framework - Dell Inc. - C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNAT.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12232 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 1026201120896
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\SYSWOW64\VMNAT.EXE
C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
C:\Windows\System32\skydrive.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" e1150c70-0c31-4509-b3e4-0df0d7459098 1
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5392 CREDAT:267521 /prefetch:2
C:\Windows\system32\wbem\unsecapp.exe -Embedding
dashost.exe {11d22204-db4b-4ddd-b4187c11dcb007e0}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Dell\Dell Data Services\DDSSvc.exe"
"C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe"
"C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Dell\Dell Foundation Services\DFSSystrayUI.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5392 CREDAT:2102671 /prefetch:2
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe"
"C:\Program Files\Dell\DellDataVault\DellDataVault.exe"
C:\Windows\system32\wbem\wmiprvse.exe

"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE"
"C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE" C:\Users\Vlada
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2183685787-1768399-1404195361-10017_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2183685787-1768399-1404195361-10017 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 544 560 572 65536 568
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Vlada\AppData\Local\Microsoft\Windows\INetCache\IE\OBSNOFBA\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\lg42dpuj.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDF Architect 3]
"Description"=
"Path"=C:\Program Files (x86)\PDF Architect 3\np-previewer.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-17 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-17 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2DFF3579-5AA7-45B9-9328-1D38EA230861} - PDF Architect 3 Toolbar - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24 496344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-01-18 7510232]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-01-14 1374936]
"WavesSvc"=C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [2013-12-31 285272]
"QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2014-01-16 3777696]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-03 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2014-01-08 133760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DropboxOEM"=C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-02 462160]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-17 6134544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2014-01-08 133760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-27 22:26:12 ----D---- C:\Program Files (x86)\Dell Customer Connect
2015-09-27 22:16:34 ----D---- C:\AdwCleaner
2015-09-27 21:04:06 ----D---- C:\rsit
2015-09-27 21:04:06 ----D---- C:\Program Files\trend micro
2015-09-20 18:15:58 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-17 18:38:00 ----A---- C:\Windows\avastSS.scr
2015-09-15 18:37:07 ----D---- C:\ProgramData\HappyFoto-Designer
2015-09-15 18:37:04 ----D---- C:\Program Files (x86)\HappyFoto-Designer
2015-09-11 22:22:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-09-11 18:27:02 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-11 18:27:02 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-11 18:27:02 ----A---- C:\Windows\system32\tdh.dll
2015-09-11 18:27:02 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-11 18:26:54 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-11 18:26:54 ----A---- C:\Windows\system32\msxml6.dll
2015-09-11 18:26:53 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-11 18:26:53 ----A---- C:\Windows\system32\msxml3.dll
2015-09-11 18:26:45 ----A---- C:\Windows\system32\SettingsHandlers.dll
2015-09-11 18:22:25 ----A---- C:\Windows\system32\drivers\bthpan.sys
2015-09-11 18:22:13 ----A---- C:\Windows\system32\consent.exe
2015-09-11 18:22:07 ----A---- C:\Windows\system32\profsvc.dll
2015-09-11 18:21:58 ----A---- C:\Windows\system32\gdi32.dll
2015-09-11 18:21:57 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-09-11 18:21:50 ----A---- C:\Windows\system32\mshtml.dll
2015-09-11 18:21:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-11 18:21:45 ----A---- C:\Windows\system32\ieframe.dll
2015-09-11 18:21:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-11 18:21:39 ----A---- C:\Windows\system32\jscript9.dll
2015-09-11 18:21:36 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-11 18:21:36 ----A---- C:\Windows\system32\iertutil.dll
2015-09-11 18:21:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-11 18:21:35 ----A---- C:\Windows\system32\wininet.dll
2015-09-11 18:21:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-11 18:21:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-11 18:21:34 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-11 18:21:34 ----A---- C:\Windows\system32\urlmon.dll
2015-09-11 18:21:34 ----A---- C:\Windows\system32\jscript.dll
2015-09-11 18:21:34 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-11 18:21:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-11 18:21:33 ----A---- C:\Windows\system32\vbscript.dll
2015-09-11 18:21:33 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-11 18:21:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-11 18:21:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-11 18:21:23 ----A---- C:\Windows\system32\webcheck.dll
2015-09-11 18:21:23 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-11 18:21:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-09-11 18:21:21 ----A---- C:\Windows\system32\inetcomm.dll
2015-09-11 18:21:20 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-09-11 18:21:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-11 18:21:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-11 18:06:26 ----A---- C:\Windows\system32\wucltux.dll
2015-09-11 18:06:26 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-11 18:06:26 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-11 18:06:25 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-11 18:06:25 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-11 18:06:25 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-11 18:06:25 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-09-11 18:06:25 ----A---- C:\Windows\system32\wuapi.dll
2015-09-11 18:06:24 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-11 18:06:24 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-11 18:06:24 ----A---- C:\Windows\system32\wudriver.dll
2015-09-11 18:06:24 ----A---- C:\Windows\system32\wuapp.exe
2015-09-11 18:06:07 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-11 18:06:07 ----A---- C:\Windows\system32\InkEd.dll
2015-09-11 18:00:13 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-11 18:00:13 ----A---- C:\Windows\system32\authui.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\shacct.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-11 18:00:12 ----A---- C:\Windows\system32\shacct.dll
2015-09-11 18:00:12 ----A---- C:\Windows\system32\SettingSync.dll
2015-09-11 17:59:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-11 17:59:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-11 17:59:34 ----A---- C:\Windows\system32\win32k.sys
2015-09-11 17:59:34 ----A---- C:\Windows\system32\atmlib.dll
2015-09-11 17:59:34 ----A---- C:\Windows\system32\atmfd.dll
2015-09-11 17:57:32 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2015-09-11 17:57:32 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2015-09-11 17:57:32 ----A---- C:\Windows\system32\taskeng.exe
2015-09-11 17:57:32 ----A---- C:\Windows\system32\schtasks.exe
2015-09-11 17:57:32 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-11 17:57:18 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-11 17:57:18 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-11 17:57:18 ----A---- C:\Windows\system32\appidapi.dll
2015-09-11 17:57:16 ----A---- C:\Windows\system32\tzsync.exe
2015-09-08 21:23:28 ----N---- C:\Windows\system32\drivers\iqvw64e.sys

======List of files/folders modified in the last 1 month======

2015-09-27 22:32:18 ----D---- C:\Program Files (x86)\Dell Backup and Recovery
2015-09-27 22:30:55 ----D---- C:\Windows\Temp
2015-09-27 22:28:15 ----RD---- C:\Windows\System32
2015-09-27 22:28:15 ----D---- C:\Windows\Inf
2015-09-27 22:28:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-27 22:27:04 ----D---- C:\Windows\Prefetch
2015-09-27 22:26:13 ----SHD---- C:\Windows\Installer
2015-09-27 22:26:12 ----RD---- C:\Program Files (x86)
2015-09-27 22:20:46 ----D---- C:\ProgramData\VMware
2015-09-27 22:19:48 ----D---- C:\ProgramData\NVIDIA
2015-09-27 22:19:42 ----D---- C:\Windows\Minidump
2015-09-27 22:19:29 ----D---- C:\Windows
2015-09-27 22:19:25 ----D---- C:\Windows\system32\drivers
2015-09-27 22:19:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-27 22:00:00 ----D---- C:\Windows\system32\sru
2015-09-27 21:04:06 ----RD---- C:\Program Files
2015-09-27 20:56:53 ----D---- C:\Windows\system32\config
2015-09-27 20:51:06 ----D---- C:\Windows\Microsoft.NET
2015-09-22 19:27:41 ----D---- C:\Windows\CbsTemp
2015-09-22 19:24:51 ----D---- C:\Windows\WinSxS
2015-09-22 19:24:51 ----D---- C:\Windows\SysWOW64
2015-09-22 19:23:43 ----SHD---- C:\System Volume Information
2015-09-20 18:17:12 ----D---- C:\Windows\system32\DriverStore
2015-09-20 18:16:24 ----D---- C:\Windows\system32\Tasks
2015-09-20 11:23:25 ----D---- C:\Windows\rescache
2015-09-20 11:17:16 ----D---- C:\Windows\system32\catroot2
2015-09-20 09:00:43 ----D---- C:\Windows\system32\MRT
2015-09-20 08:54:49 ----D---- C:\Windows\debug
2015-09-20 08:54:12 ----D---- C:\Windows\SoftwareDistribution
2015-09-17 13:50:06 ----D---- C:\Windows\system32\cs-CZ
2015-09-17 13:50:05 ----D---- C:\Windows\PolicyDefinitions
2015-09-17 13:50:05 ----D---- C:\Program Files\Windows Journal
2015-09-17 13:50:05 ----D---- C:\Program Files\Internet Explorer
2015-09-17 13:50:05 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-17 13:47:06 ----D---- C:\Windows\system32\NDF
2015-09-15 18:37:07 ----HD---- C:\ProgramData
2015-09-15 03:18:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-09-11 22:40:03 ----RSD---- C:\Windows\assembly
2015-09-11 21:23:59 ----D---- C:\ProgramData\PCDr
2015-09-11 18:02:48 ----D---- C:\Windows\SYSWOW64\cs-CZ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-17 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-17 274808]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-29 644968]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-09-17 132656]
R0 vmci;@oem202.inf,%vmci.Service.DispName%;VMware VMCI Bus Driver; C:\Windows\System32\drivers\vmci.sys [2015-01-07 85584]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-17 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-17 1049880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-17 448968]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-17 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-17 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-17 153744]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-01-07 55488]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-24 11576]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-09-17 274336]
R2 VMnetBridge;@oem200.inf,%VMware_Desc%;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2015-02-06 48832]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2015-02-06 26816]
R3 AthBTPort;@oem184.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-01-08 89800]
R3 athr;@oem59.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-12-13 3881472]
R3 BTATH_A2DP;@oem183.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-01-08 338120]
R3 btath_avdt;@oem183.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-01-08 116424]
R3 BTATH_BUS;@oem181.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-01-08 34384]
R3 BTATH_HCRP;@oem186.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-01-08 179432]
R3 BTATH_LWFLT;@oem188.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-01-08 77464]
R3 BTATH_RCP;@oem190.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-01-08 137928]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-01-08 597192]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-02-26 23760]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-05-22 24240]
R3 DellRbtn;@oem57.inf,%DellRbtn%;Airplane Mode Switch; C:\Windows\System32\drivers\DellRbtn.sys [2013-01-25 10752]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-04-23 3789824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-01-22 3849304]
R3 iwdbus;@oem194.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MEIx64;@oem180.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-05-28 10995528]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
R3 nvvad_WaveExtensible;@oem203.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem56.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-08-16 830680]
R3 SynRMIHID;@oem187.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-01-15 41200]
R3 SynTP;@oem185.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-01-15 543984]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2015-02-06 33472]
R3 VMnetAdapter;@oem201.inf,%VMnetAdapter.Service.DispName%;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2015-02-06 28864]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2015-04-08 80160]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem193.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem189.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-04-23 450520]
S3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys []
S3 RSUSBVSTOR;@oem60.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-11-02 330456]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2014-01-08 318592]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-17 146600]
R2 Dell Data Services;Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [2014-11-13 45936]
R2 Dell Foundation Services;Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2015-08-18 116424]
R2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2015-05-22 2573520]
R2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2015-05-22 201936]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-04-26 315376]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-28 937288]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2013-07-30 253776]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-09 290520]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2014-07-02 1921768]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-28 410768]
R2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-06-11 20648]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2015-02-06 87744]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE [2015-02-06 359104]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-01-07 915648]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\SYSWOW64\VMNAT.EXE [2015-02-06 438464]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe []
S2 My Dell Client Framework;My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [2014-01-10 168960]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-09-17 4048280]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-04-26 279024]
S3 DellProdRegManager;Dell Product Registration Manager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [2014-10-31 278568]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-13 136120]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-11 149160]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NT, sekání.

#7 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
good007
Návštěvník
Návštěvník
Příspěvky: 231
Registrován: 13 úno 2011 00:06

Re: Pomalý NT, sekání.

#8 Příspěvek od good007 »

Dobrý večer, zde log z OTM a hned bude z RSIT....

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Martulk4
->Temp folder emptied: 329705576 bytes
->Temporary Internet Files folder emptied: 153557548 bytes
->FireFox cache emptied: 373813047 bytes
->Flash cache emptied: 492 bytes

User: Public

User: Vlada
->Temp folder emptied: 12858285 bytes
->Temporary Internet Files folder emptied: 310135662 bytes
->FireFox cache emptied: 15439646 bytes
->Flash cache emptied: 1202 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1211968 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12567004 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 153,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Martulk4
->Flash cache emptied: 0 bytes

User: Public

User: Vlada
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 09282015_215640

Files moved on Reboot...
C:\Users\Martulk4\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\Users\Vlada\AppData\Local\Temp\DFSSystray.log moved successfully.
File move failed. C:\Users\Vlada\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.
File C:\Windows\SysNative\SETFF5D.tmp not found!
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\vmware-SYSTEM\vmauthd.log scheduled to be moved on reboot.
C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-2952.log moved successfully.

Registry entries deleted on Reboot...
Nahoru
good007
Návštěvník
Návštěvník
Příspěvky: 231
Registrován: 13 úno 2011 00:06

Re: Pomalý NT, sekání.

#9 Příspěvek od good007 »

Log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vlada at 2015-09-28 22:08:15
Microsoft Windows 8.1
System drive C: has 344 GB (37%) free of 944 GB
Total RAM: 8096 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:08:19, on 28. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Dell\Dell Foundation Services\DFSSystrayUI.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Vlada.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll
O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Services - Dell - C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: My Dell Client Framework - Dell Inc. - C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNAT.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12090 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 504418979552
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\GWX\GWX.exe"
C:\WINDOWS\SYSWOW64\VMNAT.EXE
C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
igfxEM.exe
igfxHK.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" e1150c70-0c31-4509-b3e4-0df0d7459098 1
dashost.exe {73676521-48cb-4aa4-a400f4935bb7d9b9}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\servicing\TrustedInstaller.exe
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\09282015_215640.log
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5REC
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding

taskeng.exe {AF7AEF6F-8214-4829-A786-3526B2B6774F}
"C:\Program Files\Dell\Dell Data Services\DDSSvc.exe"
"C:\Program Files\AVAST Software\Avast\ng\ngtool.exe" build create -repair 1
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe"
"C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:944 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files\Dell\Dell Foundation Services\DFSSystrayUI.exe"
"C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2183685787-1768399-1404195361-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2183685787-1768399-1404195361-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files\Dell\DellDataVault\DellDataVault.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:944 CREDAT:1053958 /prefetch:2
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe" --comment NgBase --startvm f4b5040c-a469-489f-b441-3fb9dbf1e2f7

"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Vlada\AppData\Local\Microsoft\Windows\INetCache\IE\ZT1QL6FM\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\lg42dpuj.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDF Architect 3]
"Description"=
"Path"=C:\Program Files (x86)\PDF Architect 3\np-previewer.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-17 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-17 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2DFF3579-5AA7-45B9-9328-1D38EA230861} - PDF Architect 3 Toolbar - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24 496344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-01-18 7510232]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-01-14 1374936]
"WavesSvc"=C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [2013-12-31 285272]
"QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2014-01-16 3777696]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-03 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2014-01-08 133760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DropboxOEM"=C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-02 462160]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-17 6134544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2014-01-08 133760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-28 21:56:40 ----D---- C:\_OTM
2015-09-28 21:31:43 ----D---- C:\Windows\LastGood.Tmp
2015-09-28 21:31:21 ----A---- C:\Windows\SYSWOW64\SynCom.dll
2015-09-28 21:31:20 ----A---- C:\Windows\system32\drivers\SynTP.sys
2015-09-28 21:31:20 ----A---- C:\Windows\system32\drivers\SynRMIHID.sys
2015-09-27 22:26:12 ----D---- C:\Program Files (x86)\Dell Customer Connect
2015-09-27 22:16:34 ----D---- C:\AdwCleaner
2015-09-27 21:04:06 ----D---- C:\rsit
2015-09-27 21:04:06 ----D---- C:\Program Files\trend micro
2015-09-22 20:37:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-09-20 18:15:58 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-17 18:38:00 ----A---- C:\Windows\avastSS.scr
2015-09-15 18:37:07 ----D---- C:\ProgramData\HappyFoto-Designer
2015-09-15 18:37:04 ----D---- C:\Program Files (x86)\HappyFoto-Designer
2015-09-11 18:27:02 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-11 18:27:02 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-11 18:27:02 ----A---- C:\Windows\system32\tdh.dll
2015-09-11 18:27:02 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-11 18:26:54 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-11 18:26:54 ----A---- C:\Windows\system32\msxml6.dll
2015-09-11 18:26:53 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-11 18:26:53 ----A---- C:\Windows\system32\msxml3.dll
2015-09-11 18:26:45 ----A---- C:\Windows\system32\SettingsHandlers.dll
2015-09-11 18:22:25 ----A---- C:\Windows\system32\drivers\bthpan.sys
2015-09-11 18:22:13 ----A---- C:\Windows\system32\consent.exe
2015-09-11 18:22:07 ----A---- C:\Windows\system32\profsvc.dll
2015-09-11 18:21:58 ----A---- C:\Windows\system32\gdi32.dll
2015-09-11 18:21:57 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-09-11 18:21:50 ----A---- C:\Windows\system32\mshtml.dll
2015-09-11 18:21:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-11 18:21:45 ----A---- C:\Windows\system32\ieframe.dll
2015-09-11 18:21:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-11 18:21:39 ----A---- C:\Windows\system32\jscript9.dll
2015-09-11 18:21:36 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-11 18:21:36 ----A---- C:\Windows\system32\iertutil.dll
2015-09-11 18:21:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-11 18:21:35 ----A---- C:\Windows\system32\wininet.dll
2015-09-11 18:21:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-11 18:21:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-11 18:21:34 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-11 18:21:34 ----A---- C:\Windows\system32\urlmon.dll
2015-09-11 18:21:34 ----A---- C:\Windows\system32\jscript.dll
2015-09-11 18:21:34 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-11 18:21:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-11 18:21:33 ----A---- C:\Windows\system32\vbscript.dll
2015-09-11 18:21:33 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-11 18:21:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-11 18:21:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-11 18:21:23 ----A---- C:\Windows\system32\webcheck.dll
2015-09-11 18:21:23 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-11 18:21:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-09-11 18:21:21 ----A---- C:\Windows\system32\inetcomm.dll
2015-09-11 18:21:20 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-09-11 18:21:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-11 18:21:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-11 18:06:26 ----A---- C:\Windows\system32\wucltux.dll
2015-09-11 18:06:26 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-11 18:06:26 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-11 18:06:25 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-11 18:06:25 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-11 18:06:25 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-11 18:06:25 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-09-11 18:06:25 ----A---- C:\Windows\system32\wuapi.dll
2015-09-11 18:06:24 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-11 18:06:24 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-11 18:06:24 ----A---- C:\Windows\system32\wudriver.dll
2015-09-11 18:06:24 ----A---- C:\Windows\system32\wuapp.exe
2015-09-11 18:06:07 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-11 18:06:07 ----A---- C:\Windows\system32\InkEd.dll
2015-09-11 18:00:13 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-11 18:00:13 ----A---- C:\Windows\system32\authui.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\shacct.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2015-09-11 18:00:12 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-11 18:00:12 ----A---- C:\Windows\system32\shacct.dll
2015-09-11 18:00:12 ----A---- C:\Windows\system32\SettingSync.dll
2015-09-11 17:59:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-11 17:59:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-11 17:59:34 ----A---- C:\Windows\system32\win32k.sys
2015-09-11 17:59:34 ----A---- C:\Windows\system32\atmlib.dll
2015-09-11 17:59:34 ----A---- C:\Windows\system32\atmfd.dll
2015-09-11 17:57:32 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2015-09-11 17:57:32 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2015-09-11 17:57:32 ----A---- C:\Windows\system32\taskeng.exe
2015-09-11 17:57:32 ----A---- C:\Windows\system32\schtasks.exe
2015-09-11 17:57:32 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-11 17:57:18 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-11 17:57:18 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-11 17:57:18 ----A---- C:\Windows\system32\appidapi.dll
2015-09-11 17:57:16 ----A---- C:\Windows\system32\tzsync.exe
2015-09-08 21:23:28 ----N---- C:\Windows\system32\drivers\iqvw64e.sys

======List of files/folders modified in the last 1 month======

2015-09-28 22:06:49 ----D---- C:\Program Files (x86)\Dell Backup and Recovery
2015-09-28 22:06:00 ----D---- C:\Windows\Prefetch
2015-09-28 22:03:48 ----D---- C:\Windows\Temp
2015-09-28 22:02:25 ----D---- C:\ProgramData\VMware
2015-09-28 22:01:43 ----D---- C:\ProgramData\NVIDIA
2015-09-28 22:01:30 ----RD---- C:\Windows\System32
2015-09-28 22:01:30 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-28 22:00:22 ----D---- C:\Windows
2015-09-28 21:59:43 ----D---- C:\Windows\system32\catroot
2015-09-28 21:32:20 ----D---- C:\Windows\system32\drivers
2015-09-28 21:32:20 ----D---- C:\Windows\Inf
2015-09-28 21:32:17 ----D---- C:\Windows\system32\Tasks
2015-09-28 21:32:02 ----D---- C:\Windows\SysWOW64
2015-09-28 21:31:38 ----D---- C:\Windows\system32\DriverStore
2015-09-28 21:31:06 ----D---- C:\ProgramData\DELL
2015-09-28 21:31:05 ----SHD---- C:\System Volume Information
2015-09-28 21:00:00 ----D---- C:\Windows\system32\sru
2015-09-27 23:16:57 ----RD---- C:\Program Files (x86)
2015-09-27 23:08:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-27 22:26:13 ----SHD---- C:\Windows\Installer
2015-09-27 22:19:42 ----D---- C:\Windows\Minidump
2015-09-27 21:04:06 ----RD---- C:\Program Files
2015-09-27 20:56:53 ----D---- C:\Windows\system32\config
2015-09-27 20:51:06 ----D---- C:\Windows\Microsoft.NET
2015-09-22 19:27:41 ----D---- C:\Windows\CbsTemp
2015-09-22 19:24:51 ----D---- C:\Windows\WinSxS
2015-09-20 11:23:25 ----D---- C:\Windows\rescache
2015-09-20 11:17:16 ----D---- C:\Windows\system32\catroot2
2015-09-20 09:00:43 ----D---- C:\Windows\system32\MRT
2015-09-20 08:54:49 ----D---- C:\Windows\debug
2015-09-20 08:54:12 ----D---- C:\Windows\SoftwareDistribution
2015-09-17 13:50:06 ----D---- C:\Windows\system32\cs-CZ
2015-09-17 13:50:05 ----D---- C:\Windows\PolicyDefinitions
2015-09-17 13:50:05 ----D---- C:\Program Files\Windows Journal
2015-09-17 13:50:05 ----D---- C:\Program Files\Internet Explorer
2015-09-17 13:50:05 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-17 13:47:06 ----D---- C:\Windows\system32\NDF
2015-09-15 18:37:07 ----HD---- C:\ProgramData
2015-09-15 03:18:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-09-11 22:40:03 ----RSD---- C:\Windows\assembly
2015-09-11 21:23:59 ----D---- C:\ProgramData\PCDr
2015-09-11 18:02:48 ----D---- C:\Windows\SYSWOW64\cs-CZ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-17 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-17 274808]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-29 644968]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-09-17 132656]
R0 vmci;@oem202.inf,%vmci.Service.DispName%;VMware VMCI Bus Driver; C:\Windows\System32\drivers\vmci.sys [2015-01-07 85584]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-17 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-17 1049880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-17 448968]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-17 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-17 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-17 153744]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-01-07 55488]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-24 11576]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-09-17 274336]
R2 VMnetBridge;@oem200.inf,%VMware_Desc%;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2015-02-06 48832]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2015-02-06 26816]
R3 AthBTPort;@oem184.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-01-08 89800]
R3 athr;@oem59.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-12-13 3881472]
R3 BTATH_A2DP;@oem183.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-01-08 338120]
R3 btath_avdt;@oem183.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-01-08 116424]
R3 BTATH_BUS;@oem181.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-01-08 34384]
R3 BTATH_HCRP;@oem186.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-01-08 179432]
R3 BTATH_LWFLT;@oem188.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-01-08 77464]
R3 BTATH_RCP;@oem190.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-01-08 137928]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-01-08 597192]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-02-26 23760]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-05-22 24240]
R3 DellRbtn;@oem57.inf,%DellRbtn%;Airplane Mode Switch; C:\Windows\System32\drivers\DellRbtn.sys [2013-01-25 10752]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-04-23 3789824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-01-22 3849304]
R3 iwdbus;@oem194.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MEIx64;@oem180.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-05-28 10995528]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
R3 nvvad_WaveExtensible;@oem203.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem56.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-08-16 830680]
R3 SynRMIHID;@oem117.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2015-01-09 42664]
R3 SynTP;@oem114.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-01-09 580776]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2015-02-06 33472]
R3 VMnetAdapter;@oem201.inf,%VMnetAdapter.Service.DispName%;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2015-02-06 28864]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2015-04-08 80160]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem193.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 IntcDAud;@oem189.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-04-23 450520]
S3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys []
S3 RSUSBVSTOR;@oem60.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-11-02 330456]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2014-01-08 318592]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-17 146600]
R2 Dell Data Services;Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [2014-11-13 45936]
R2 Dell Foundation Services;Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2015-08-18 116424]
R2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2015-05-22 2573520]
R2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2015-05-22 201936]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-04-26 315376]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-03 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-03 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-28 937288]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2013-07-30 253776]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-09 290520]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2014-07-02 1921768]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-28 410768]
R2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-06-11 20648]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2015-02-06 87744]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE [2015-02-06 359104]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-01-07 915648]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\SYSWOW64\VMNAT.EXE [2015-02-06 438464]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-09-17 4048280]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe []
S2 My Dell Client Framework;My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [2014-01-10 168960]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-04-26 279024]
S3 DellProdRegManager;Dell Product Registration Manager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [2014-10-31 278568]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-13 136120]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-22 147624]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NT, sekání.

#10 Příspěvek od Rudy »

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
good007
Návštěvník
Návštěvník
Příspěvky: 231
Registrován: 13 úno 2011 00:06

Re: Pomalý NT, sekání.

#11 Příspěvek od good007 »

Dobrý večer, omlouvám se za delší nečinnost ale je toho poslední dobou mnoho.... NTB se vcelku zlepšil ale stále bych od něho čekal více... Přeci jen NTB za téměř 20 tis by mohl trochu rychleji fungovat...
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NT, sekání.

#12 Příspěvek od Rudy »

Smazáno. Ještě spusťte MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
good007
Návštěvník
Návštěvník
Příspěvky: 231
Registrován: 13 úno 2011 00:06

Re: Pomalý NT, sekání.

#13 Příspěvek od good007 »

Dobrý den,

log je zde.... Snad je to dobře...

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10. 10. 2015
Čas skenování: 18:54
Protokol: log.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.10.10.03
Databáze rootkitů: v2015.10.06.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Vlada

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 413742
Uplynulý čas: 29 min, 53 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.OpenCandy, C:\$Recycle.Bin\S-1-5-21-2183685787-1768399-1404195361-1001\$RM9GGU2.exe, , [311a87ce711a211583cd06af4cb96a96],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomalý NT, sekání.

#14 Příspěvek od Rudy »

Nalezenou položku smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
good007
Návštěvník
Návštěvník
Příspěvky: 231
Registrován: 13 úno 2011 00:06

Re: Pomalý NT, sekání.

#15 Příspěvek od good007 »

Smazáno a druhý scan čistý.....
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“