Zdravím,
poslední dny se mě dost zpomalil PC ( konkrétně se jedná o DELL XPS s W10 Pro) a moc netuším, čím by to mohlo být.Ještě před logem jsem provedl čištění přes ADWcleaner.
Děkuji za zkontrolování¨
Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2016-08-06 12:18:55
Microsoft Windows 10 Pro
System drive C: has 88 GB (36%) free of 243 GB
Total RAM: 8081 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:19:00, on 6. 8. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\WINDOWS\TEMP\DPTF\esif_assist.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [EasyHideIPVPN] C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Command | Power Manager Notify (dcpm-notify) - Dell Inc. - C:\Program Files\Dell\CommandPowerManager\NotifyService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Wake on Voice Setup - Intel - C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\Intel(R)WakeonVoiceService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RTK IIS Codec Service (RtkI2SCodec) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves System Service (WavesSysSvc) - Waves Audio Ltd. - C:\Program Files\Realtek\Audio\AP\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11142 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f6b233b8-3499-4409-b3b1-b77cf8f9eb0b -SystemEventPortName:HostProcess-c696c669-4853-4695-9ba3-84e0ca5e5882 -IoCancelEventPortName:HostProcess-885ca303-3585-49a5-8a0d-c2ce67ba8ef5 -NonStateChangingEventPortName:HostProcess-195ed67d-acd5-47d1-84cc-d52a4eed82c5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:49fa9e1a-5035-4e7b-9e47-d061d1952d8a -DeviceGroupId:
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\Realtek\Audio\AP\WavesSysSvc64.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e95970eb-11c9-4bfb-9341-b6d6aa5c0fc3 -SystemEventPortName:HostProcess-15d36941-65a0-4c38-8641-4dee0b5bf311 -IoCancelEventPortName:HostProcess-358ceab1-e7cc-44fd-9c19-e4974c75f496 -NonStateChangingEventPortName:HostProcess-8c9c4993-0bd3-44e1-9001-5429359f5266 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2efaee5c-c9c5-4c0e-b39a-39ae82259a49 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\esif_uf.exe
"C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\Intel(R)WakeonVoiceService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
dashost.exe {99cec4ed-c39b-480d-a949f647af28eff3}
C:\WINDOWS\system32\HPSIsvc.exe
"C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Realtek\Audio\IIS\RtI2SBgProc64.exe" /SENDINPUT
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\WINDOWS\TEMP\DPTF\esif_assist.exe"
taskeng.exe {ACE16082-9F51-4483-A153-48D90F37059C}
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\AP\RtkNGui64.exe" /s
"C:\Program Files\Realtek\Audio\AP\RtI2SBgProc64.exe" /BOARDWELL_MA3
"C:\Program Files\Realtek\Audio\AP\WavesSvc64.exe"
"C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=51.0.2704.103 --handshake-handle=0x1c0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/EnableMediaRouter/Enabled/ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_03/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --type=gpu-process --channel="1972.0.922380243\1529020426" --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,25,46,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x1616 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 --mojo-platform-channel-handle=1236 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/*EnableMediaRouter/Enabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A2/*OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_03/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=95C7ABA8B6F3CCA4550811A41F97F187 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="1972.4.24276526\470539426" --mojo-platform-channel-handle=3224 /prefetch:1
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 920A0FB2-5023-E39C-229A-2D2D006CFCFC -Reinvoke
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/*EnableMediaRouter/Enabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A2/*OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*QUIC/EnabledAckDecimation/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_03/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=889367FA4AE51465418BB12B02E9C984 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="1972.16.288852560\1179197342" --mojo-platform-channel-handle=4848 /prefetch:1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 220 500 628 8192 624
"C:\Users\Admin\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xg9kqvea.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.101.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-09-29 219304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2015-09-15 2339032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-09-29 153768]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-05 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2015-09-15 1733240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-05 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtkNGui"=C:\Program Files\Realtek\Audio\AP\RtkNGui64.exe [2015-08-04 9420544]
"RtI2SBgProc"=C:\Program Files\Realtek\Audio\AP\RtI2SBgProc64.exe [2015-08-04 2725120]
"WavesSvc"=C:\Program Files\Realtek\Audio\AP\WavesSvc64.exe [2015-08-04 579712]
"CxAgent"=C:\Program Files\Realtek\Audio\AP\CXAPOAgent64.exe [2015-08-04 760032]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-06-25 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19 557768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-28 554184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"EasyHideIPVPN"=C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe []
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2014-09-30 136992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-08-06 12:18:55 ----D---- C:\rsit
2016-08-06 12:18:55 ----D---- C:\Program Files\trend micro
2016-08-06 12:13:37 ----D---- C:\AdwCleaner
2016-08-05 18:34:57 ----SHD---- C:\Config.Msi
2016-08-05 12:47:05 ----D---- C:\ProgramData\Citrix
2016-08-05 12:46:48 ----D---- C:\Program Files (x86)\Citrix
2016-08-05 12:41:43 ----D---- C:\Users\Admin\AppData\Roaming\PCDr
2016-07-28 20:03:50 ----D---- C:\WINDOWS\system32\appmgmt
2016-07-28 20:01:15 ----D---- C:\ProgramData\ProductData
2016-07-28 20:01:02 ----D---- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-07-28 20:00:35 ----D---- C:\Users\Admin\AppData\Roaming\IObit
2016-07-28 20:00:22 ----D---- C:\ProgramData\IObit
2016-07-28 20:00:22 ----D---- C:\Program Files (x86)\IObit
2016-07-12 10:31:57 ----D---- C:\Program Files\Mozilla Firefox
2016-07-10 11:54:22 ----D---- C:\Users\Admin\AppData\Roaming\Mozilla
======List of files/folders modified in the last 1 month======
2016-08-06 12:18:55 ----RD---- C:\Program Files
2016-08-06 12:18:43 ----D---- C:\WINDOWS\Temp
2016-08-06 12:18:03 ----D---- C:\WINDOWS\system32\sru
2016-08-06 12:16:43 ----D---- C:\WINDOWS\Prefetch
2016-08-06 12:16:03 ----D---- C:\WINDOWS\System32
2016-08-06 12:16:03 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-06 12:15:58 ----D---- C:\WINDOWS\system32\drivers
2016-08-06 12:14:10 ----D---- C:\WINDOWS\INF
2016-08-06 12:14:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-06 12:08:49 ----D---- C:\Program Files (x86)\Dropbox
2016-08-06 12:08:29 ----D---- C:\WINDOWS\system32\CatRoot
2016-08-06 12:05:20 ----D---- C:\WINDOWS\system32\SleepStudy
2016-08-05 19:41:43 ----D---- C:\WINDOWS\system32\config
2016-08-05 19:23:50 ----SHD---- C:\WINDOWS\Installer
2016-08-05 19:23:50 ----D---- C:\WINDOWS\Tasks
2016-08-05 19:23:50 ----D---- C:\WINDOWS\system32\Tasks
2016-08-05 19:06:05 ----D---- C:\WINDOWS\Microsoft.NET
2016-08-05 19:06:03 ----RSD---- C:\WINDOWS\assembly
2016-08-05 18:38:40 ----D---- C:\ProgramData\Oracle
2016-08-05 18:37:17 ----D---- C:\WINDOWS\SysWOW64
2016-08-05 18:37:17 ----D---- C:\Program Files (x86)\Java
2016-08-05 18:37:13 ----D---- C:\Program Files (x86)\Common Files
2016-08-05 18:37:04 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2016-08-05 18:35:31 ----D---- C:\Program Files\iTunes
2016-08-05 18:35:20 ----RD---- C:\Program Files (x86)
2016-08-05 18:35:20 ----D---- C:\Program Files\Common Files\Apple
2016-08-05 18:34:13 ----D---- C:\Users\Admin\AppData\Roaming\MiniLyrics
2016-08-05 18:34:13 ----D---- C:\Program Files (x86)\MiniLyrics
2016-08-05 18:32:45 ----D---- C:\Program Files (x86)\Adobe
2016-08-05 18:30:26 ----D---- C:\Windows
2016-08-05 18:30:25 ----D---- C:\WINDOWS\system32\catroot2
2016-08-05 18:28:35 ----RSD---- C:\WINDOWS\Fonts
2016-08-05 18:28:34 ----D---- C:\Users\Admin\AppData\Roaming\vlc
2016-08-05 18:28:31 ----D---- C:\Program Files\Microsoft Silverlight
2016-08-05 18:28:31 ----D---- C:\Program Files\Farming Simulator 15
2016-08-05 18:28:30 ----D---- C:\WINDOWS\WinSxS
2016-08-05 18:28:30 ----D---- C:\WINDOWS\system32\wbem
2016-08-05 18:28:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-08-05 18:28:02 ----D---- C:\WINDOWS\ShellNew
2016-08-05 18:28:02 ----D---- C:\Program Files\Windows Media Player
2016-08-05 18:28:02 ----D---- C:\Program Files\Windows Journal
2016-08-05 18:28:02 ----D---- C:\Program Files (x86)\Windows Media Player
2016-08-05 18:28:01 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2016-08-05 18:28:01 ----SD---- C:\WINDOWS\system32\DiagSvcs
2016-08-05 18:28:01 ----D---- C:\WINDOWS\SYSWOW64\wbem
2016-08-05 18:28:01 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-05 18:28:01 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-08-05 18:28:01 ----D---- C:\WINDOWS\system32\migration
2016-08-05 18:28:01 ----D---- C:\WINDOWS\system32\en-US
2016-08-05 18:28:01 ----D---- C:\WINDOWS\system32\Dism
2016-08-05 18:28:00 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-05 18:28:00 ----D---- C:\WINDOWS\AppPatch
2016-08-05 18:28:00 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-05 18:27:59 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-08-05 18:27:59 ----D---- C:\WINDOWS\system32\Sysprep
2016-08-05 18:27:59 ----D---- C:\WINDOWS\system32\Macromed
2016-08-05 18:27:59 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-08-05 18:27:57 ----D---- C:\Users\Admin\AppData\Roaming\IrfanView
2016-08-05 18:27:46 ----D---- C:\Program Files\Common Files\microsoft shared
2016-08-05 18:27:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-08-05 18:26:58 ----D---- C:\WINDOWS\registration
2016-08-05 18:26:53 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-05 18:26:21 ----HD---- C:\ProgramData
2016-08-05 18:26:09 ----D---- C:\Program Files\Microsoft Office
2016-08-05 18:26:02 ----D---- C:\Program Files\Adobe
2016-08-05 18:25:57 ----RHD---- C:\MSOCache
2016-08-05 18:25:07 ----SHD---- C:\System Volume Information
2016-08-05 18:20:04 ----D---- C:\ProgramData\Microsoft Help
2016-08-05 13:51:19 ----D---- C:\WINDOWS\CbsTemp
2016-08-05 09:54:00 ----D---- C:\WINDOWS\Logs
2016-08-05 09:45:03 ----D---- C:\WINDOWS\AppReadiness
2016-08-05 09:45:01 ----D---- C:\WINDOWS\SoftwareDistribution
2016-07-28 20:09:57 ----D---- C:\WINDOWS\debug
2016-07-28 20:04:40 ----DC---- C:\WINDOWS\Panther
2016-07-28 20:03:25 ----D---- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2016-07-26 11:31:10 ----D---- C:\WINDOWS\LiveKernelReports
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-25 670056]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2014-08-26 79016]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2014-09-19 41824]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2014-09-19 38720]
R3 dptf_pch;dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [2014-09-19 38208]
R3 dtlitescsibus;@oem40.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-09-15 30264]
R3 esif_lf;esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [2014-09-19 216360]
R3 HidEventFilter;@oem8.inf,%HidEventFilter%;Intel(R) HID Event Filter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [2015-06-06 52240]
R3 ibtusb;@oem25.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-15 266512]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-07-18 6389688]
R3 IntcADSP;@oem30.inf,%IntcADSP.SvcDesc%;Technologie Intel® Smart Sound; C:\WINDOWS\system32\DRIVERS\IntcADSP.sys [2015-08-04 756024]
R3 iwdbus;@oem0.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-10-17 30512]
R3 MEIx64;@oem19.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverx64.sys [2014-09-30 129312]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-07-10 3496216]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
R3 RTKI2SAC;@oem31.inf,%RTKI2SAC.SvcDesc%;Realtek I2S HW Audio Codec Device Driver; C:\WINDOWS\system32\DRIVERS\RTKI2SAC.sys [2015-08-04 235264]
R3 RTSPER;@oem32.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-05-14 751632]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 iaLPSS_GPIO;@oem33.inf,%iaLPSS_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Driver; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [2014-06-03 35832]
S3 iaLPSS_I2C;@oem21.inf,%iaLPSS_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver; C:\WINDOWS\System32\drivers\iaLPSS_I2C.sys [2014-06-10 120312]
S3 iaLPSS_SPI;@oem28.inf,%iaLPSS_SPI.SVCDESC%;Intel(R) Serial IO SPI Driver; C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys [2014-06-03 100856]
S3 iaLPSS_UART2;@oem27.inf,%iaLPSS_UART2.SVCDESC%;Intel(R) Serial IO UART Driver v2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [2014-06-03 143864]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IntcDAud;@oem22.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-11-24 455440]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 mvusbews;@oem45.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-11-08 19968]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-09-11 934752]
S3 tap0901;@oem44.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2014-12-17 40664]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-09-11 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-07-10 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-07-10 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-07-10 27488]
S3 USBAAPL64;@oem42.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2015-06-17 54784]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-09-02 77104]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 esifsvc;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2014-09-19 1037568]
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2012-11-08 126856]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-06-25 16232]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-07-18 351120]
R2 Intel(R) Wake on Voice Setup;Intel(R) Wake on Voice Setup; C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\Intel(R)WakeonVoiceService.exe [2014-09-24 17920]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-09-30 158496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-09-30 409376]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 RtkI2SCodec;RTK IIS Codec Service; C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe [2015-08-04 167168]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session11;Hostitel synchronizace_Session11; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-07-18 283024]
S3 dcpm-notify;Dell Command | Power Manager Notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [2015-06-10 85216]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 Dell.CommandPowerManager.Service;Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe [2015-07-10 18784]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04 107848]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session11;Data kontaktů_Session11; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-11 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc_Session11;Úložiště uživatelských dat_Session11; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalení PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení PC
Jak jsem psal výše, tohle jsem již jednou provedl předtím, bohužel jsem neuložil první log. Tohle je z toho druhého. Každopádně notebook nyní pracuje lépe.
# AdwCleaner v5.201 - Log vytvořen 06/08/2016 v 17:11:06
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-08-06.1 [Server]
# Operační system : Windows 10 Pro (X64)
# Uživatelské jméno : Admin - DELL
# Spuštěno z : C:\Users\Admin\Downloads\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1751 bytů] - [06/08/2016 12:14:59]
C:\AdwCleaner\AdwCleaner[C2].txt - [831 bytů] - [06/08/2016 17:11:06]
C:\AdwCleaner\AdwCleaner[S1].txt - [1626 bytů] - [06/08/2016 12:13:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [948 bytů] - [06/08/2016 17:10:27]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1048 bytů] ##########
# AdwCleaner v5.201 - Log vytvořen 06/08/2016 v 17:11:06
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-08-06.1 [Server]
# Operační system : Windows 10 Pro (X64)
# Uživatelské jméno : Admin - DELL
# Spuštěno z : C:\Users\Admin\Downloads\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1751 bytů] - [06/08/2016 12:14:59]
C:\AdwCleaner\AdwCleaner[C2].txt - [831 bytů] - [06/08/2016 17:11:06]
C:\AdwCleaner\AdwCleaner[S1].txt - [1626 bytů] - [06/08/2016 12:13:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [948 bytů] - [06/08/2016 17:10:27]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1048 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení PC
Toto je OK a ani z mé strany to není vše. Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
Ran by Admin (administrator) on DELL (06-08-2016 17:22:50)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\AP\WavesSysSvc64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Intel) C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\Intel(R)WakeonVoiceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\IIS\RtI2SBgProc64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGui64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtI2SBgProc64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\AP\WavesSvc64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkNGui] => C:\Program Files\Realtek\Audio\AP\RtkNGui64.exe [9420544 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtI2SBgProc] => C:\Program Files\Realtek\Audio\AP\RtI2SBgProc64.exe [2725120 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\AP\WavesSvc64.exe [579712 2015-08-04] (Waves Audio Ltd.)
HKLM\...\Run: [CxAgent] => C:\Program Files\Realtek\Audio\AP\CXAPOAgent64.exe [760032 2015-08-04] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-09-30] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\Run: [EasyHideIPVPN] => C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {21e5087e-a0de-11e5-826c-340286cfdb35} - "D:\setup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {21e50962-a0de-11e5-826c-340286cfdb35} - "F:\setup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {5a1f91c4-9368-11e5-826c-340286cfdb35} - "D:\SISetup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {ca67fdf4-5b70-11e5-8260-340286cfdb35} - "D:\setup.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{80da292b-9d3d-486b-b427-256248b5f7fa}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-05] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-05] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xg9kqvea.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-30] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-30] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-08-12] (Microsoft Corporation)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.cz/ig","hxxp://www.istartsur ... oogle.com/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-10]
CHR Extension: (Disk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-05]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [85216 2015-06-10] (Dell Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-19] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) Wake on Voice Setup; C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\Intel(R)WakeonVoiceService.exe [17920 2014-09-24] (Intel) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-09-30] (Intel Corporation)
R2 RtkI2SCodec; C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe [167168 2015-08-04] (Realtek Semiconductor)
R2 WavesSysSvc; C:\Program Files\Realtek\Audio\AP\WavesSysSvc64.exe [515104 2015-08-04] (Waves Audio Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{50DED969-5C9C-4C8F-B087-B037B411E689}
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [41824 2014-09-19] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-19] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-19] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-15] (Disc Soft Ltd)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-19] (Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [52240 2015-06-06] (Intel Corporation)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
S3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-10] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-03] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-03] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [266512 2015-07-15] (Intel Corporation)
R3 IntcADSP; C:\Windows\system32\DRIVERS\IntcADSP.sys [756024 2015-08-04] (Intel(R) Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 RTKI2SAC; C:\Windows\system32\DRIVERS\RTKI2SAC.sys [235264 2015-08-04] (Realtek Semiconductor Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [31512 2014-08-25] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-06 17:22 - 2016-08-06 17:23 - 00016195 _____ C:\Users\Admin\Desktop\FRST.txt
2016-08-06 17:22 - 2016-08-06 17:22 - 00000000 ____D C:\FRST
2016-08-06 17:21 - 2016-08-06 17:21 - 00029696 _____ C:\Users\Admin\AppData\Local\MSGBOX.EXE
2016-08-06 17:21 - 2016-08-06 17:21 - 00015327 _____ C:\Users\Admin\Desktop\LM.bat
2016-08-06 17:20 - 2016-08-06 17:20 - 02393600 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2016-08-06 17:20 - 2016-08-06 17:20 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2016-08-06 17:19 - 2016-08-06 17:19 - 00016148 _____ C:\WINDOWS\system32\DELL_Admin_HistoryPrediction.bin
2016-08-06 12:28 - 2016-08-06 12:28 - 00000000 ____D C:\Users\Admin\AppData\Local\Disc_Soft_Ltd
2016-08-06 12:18 - 2016-08-06 12:19 - 00000000 ____D C:\rsit
2016-08-06 12:18 - 2016-08-06 12:19 - 00000000 ____D C:\Program Files\trend micro
2016-08-06 12:18 - 2016-08-06 12:18 - 01222144 _____ C:\Users\Admin\Downloads\RSITx64.exe
2016-08-06 12:13 - 2016-08-06 17:11 - 00000000 ____D C:\AdwCleaner
2016-08-06 12:13 - 2016-08-06 12:13 - 03712064 _____ C:\Users\Admin\Downloads\adwcleaner_5.201.exe
2016-08-05 19:00 - 2016-08-05 19:07 - 221812904 _____ (Dell Inc.) C:\Users\Admin\Downloads\9343_Video_Driver_33X2V_WN32_20.19.15.4463_A03.EXE
2016-08-05 18:55 - 2016-08-05 18:55 - 00013560 _____ C:\Users\Admin\Downloads\DellSystemDetectLauncher.Application
2016-08-05 18:34 - 2016-08-05 18:34 - 00003520 _____ C:\WINDOWS\System32\Tasks\{2B548E31-72EF-4D8D-ABD0-324D9FEDDD40}
2016-08-05 12:47 - 2016-08-05 12:47 - 00000000 ____D C:\ProgramData\Citrix
2016-08-05 12:46 - 2016-08-05 12:46 - 00000000 ____D C:\Users\Admin\AppData\Local\Citrix
2016-08-05 12:46 - 2016-08-05 12:46 - 00000000 ____D C:\Program Files (x86)\Citrix
2016-08-05 12:41 - 2016-08-05 12:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\PCDr
2016-08-05 09:45 - 2016-08-05 18:56 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2016-08-05 09:45 - 2016-08-05 09:45 - 00013560 _____ C:\Users\Admin\Downloads\Nepotvrzeno 125782.crdownload
2016-07-28 20:09 - 2016-08-05 18:25 - 00036903 ____H C:\Users\Admin\AppData\Local\IconCache.db.backup
2016-07-28 20:08 - 2016-07-28 20:08 - 84914176 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2016-07-28 20:08 - 2016-07-28 20:08 - 00307200 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2016-07-28 20:08 - 2016-07-28 20:08 - 00069632 _____ C:\WINDOWS\system32\config\SAM.iobit
2016-07-28 20:08 - 2016-07-28 20:08 - 00024576 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2016-07-28 20:03 - 2016-08-05 18:37 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-07-28 20:01 - 2016-08-05 18:27 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\IObit
2016-07-28 20:01 - 2016-08-05 18:27 - 00000000 ____D C:\ProgramData\ProductData
2016-07-28 20:01 - 2016-07-28 20:01 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-07-28 20:01 - 2016-07-28 20:01 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-07-28 20:00 - 2016-08-05 18:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2016-07-28 20:00 - 2016-08-05 18:27 - 00000000 ____D C:\ProgramData\IObit
2016-07-28 20:00 - 2016-08-05 13:21 - 00000000 ____D C:\Program Files (x86)\IObit
2016-07-22 09:36 - 2016-07-22 09:36 - 00348376 _____ (Spotify Ltd) C:\Users\Admin\Downloads\SpotifySetup(1).exe
2016-07-22 09:35 - 2016-07-22 09:35 - 00348376 _____ (Spotify Ltd) C:\Users\Admin\Downloads\SpotifySetup.exe
2016-07-18 15:38 - 2016-07-18 15:38 - 00117042 _____ C:\Users\Admin\Downloads\Klientské centrum _ MALL.pdf
2016-07-16 10:46 - 2016-07-16 10:46 - 00123754 _____ C:\Users\Admin\Downloads\Solen_lek-200702-0007.pdf
2016-07-13 09:41 - 2016-07-13 12:38 - 00000000 ____D C:\Users\Admin\Desktop\GALERIE
2016-07-13 09:12 - 2016-06-07 16:30 - 23174393 _____ C:\Users\Admin\Desktop\Jak na perfektní obočí - produkty-fiT5I4nOPnw.mp4
2016-07-13 09:12 - 2016-05-25 09:22 - 05334788 _____ C:\Users\Admin\Desktop\Kristina-Cechova-Top30-kucharka.PDF
2016-07-13 09:11 - 2016-06-18 08:44 - 141034754 _____ C:\Users\Admin\Desktop\Novinky a nákupy květen ode mě z postele --)-3BBEvFLCxhM.mp4
2016-07-13 09:11 - 2016-06-18 08:43 - 61085967 _____ C:\Users\Admin\Desktop\Budu točit česky Tipy jak se naučit anglicky a zadarmo!-IZSVpdqFKjw.mp4
2016-07-13 09:11 - 2016-06-14 09:50 - 166070658 _____ C:\Users\Admin\Desktop\Objevy a přešlapy z dekorativky-Fs6cb5G_8po.mp4
2016-07-13 09:10 - 2016-07-13 12:43 - 00000000 ____D C:\Users\Admin\Desktop\4!!!!
2016-07-13 09:07 - 2016-07-13 09:10 - 00000000 ____D C:\Users\Admin\Desktop\CVIČENÍ
2016-07-13 09:02 - 2016-08-05 18:28 - 00000000 ____D C:\Users\Admin\Desktop\Nová složka
2016-07-12 10:31 - 2016-08-05 18:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-07-10 11:54 - 2016-08-05 18:26 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2016-07-10 11:54 - 2016-07-10 11:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2016-07-10 11:50 - 2016-07-10 11:50 - 00001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-10 11:50 - 2016-07-10 11:50 - 00000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-06 17:15 - 2015-09-11 14:54 - 01765712 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-06 17:15 - 2015-07-10 18:02 - 00747686 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-06 17:15 - 2015-07-10 18:02 - 00150086 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-06 17:15 - 2015-07-10 13:02 - 00000000 ____D C:\WINDOWS\INF
2016-08-06 17:11 - 2015-09-11 14:50 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-06 17:11 - 2015-09-04 14:33 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-06 17:11 - 2015-09-04 10:53 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2016-08-06 17:11 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-06 17:11 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-06 17:09 - 2015-09-11 14:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-06 17:09 - 2015-09-04 14:30 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6B3F3965-CD38-4CDF-A3AC-1D39D542479D}
2016-08-06 16:35 - 2015-09-04 14:33 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-06 12:28 - 2015-09-15 09:11 - 00000000 ____D C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2016-08-06 12:08 - 2015-09-12 11:18 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-08-05 18:56 - 2015-09-23 16:05 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-08-05 18:38 - 2015-09-04 14:31 - 00000000 ____D C:\ProgramData\Oracle
2016-08-05 18:37 - 2015-09-04 14:31 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-08-05 18:37 - 2015-09-04 14:31 - 00000000 ____D C:\Users\Admin\.oracle_jre_usage
2016-08-05 18:37 - 2015-09-04 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-05 18:37 - 2015-09-04 14:31 - 00000000 ____D C:\Program Files (x86)\Java
2016-08-05 18:35 - 2015-09-25 15:30 - 00000000 ____D C:\Program Files\iTunes
2016-08-05 18:35 - 2015-09-25 15:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-05 18:34 - 2016-02-05 17:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\MiniLyrics
2016-08-05 18:34 - 2016-02-05 17:03 - 00000000 ____D C:\Program Files (x86)\MiniLyrics
2016-08-05 18:33 - 2015-09-12 11:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Dropbox
2016-08-05 18:32 - 2015-09-04 14:32 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-05 18:30 - 2015-09-04 14:33 - 00004028 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-05 18:30 - 2015-09-04 14:33 - 00003796 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-05 18:28 - 2015-12-15 15:27 - 00000000 ____D C:\Program Files\Farming Simulator 15
2016-08-05 18:28 - 2015-09-15 08:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-05 18:28 - 2015-09-11 14:51 - 00000000 ____D C:\Users\Admin
2016-08-05 18:28 - 2015-09-04 14:31 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2016-08-05 18:28 - 2015-09-04 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-05 18:28 - 2015-09-04 12:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-05 18:28 - 2015-09-04 12:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-08-05 18:28 - 2015-07-10 18:05 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-05 18:28 - 2015-07-10 18:05 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-05 18:28 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-08-05 18:28 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-08-05 18:28 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-05 18:28 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-08-05 18:27 - 2015-09-17 18:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-05 18:27 - 2015-09-10 15:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IrfanView
2016-08-05 18:27 - 2015-09-03 15:44 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-08-05 18:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-05 18:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-05 18:27 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-05 18:27 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-05 18:26 - 2015-12-12 16:40 - 00000000 ____D C:\Program Files\Adobe
2016-08-05 18:26 - 2015-09-15 08:05 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-05 18:26 - 2015-09-12 11:27 - 00000000 ___RD C:\Users\Admin\Dropbox
2016-08-05 18:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\registration
2016-08-05 18:25 - 2015-09-15 08:05 - 00000000 __RHD C:\MSOCache
2016-08-05 13:51 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-05 09:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-28 20:04 - 2015-09-11 15:47 - 00000000 ___DC C:\WINDOWS\Panther
2016-07-26 11:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
==================== Files in the root of some directories =======
2016-08-06 17:21 - 2016-08-06 17:21 - 0029696 _____ () C:\Users\Admin\AppData\Local\MSGBOX.EXE
Files to move or delete:
====================
C:\Users\Public\VOIP.dat
Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1t4hga.dll
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprrvkhp.dll
C:\Users\Admin\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Admin\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Admin\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Admin\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Admin\AppData\Local\Temp\libeay32.dll
C:\Users\Admin\AppData\Local\Temp\msvcr120.dll
C:\Users\Admin\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Admin\AppData\Local\Temp\sfareca00001.dll
C:\Users\Admin\AppData\Local\Temp\sfextra.dll
C:\Users\Admin\AppData\Local\Temp\siinst.exe
C:\Users\Admin\AppData\Local\Temp\SpOrder.dll
C:\Users\Admin\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Admin\AppData\Local\Temp\strings.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-05 19:05
==================== End of FRST.txt ============================
Ran by Admin (administrator) on DELL (06-08-2016 17:22:50)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\AP\WavesSysSvc64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Intel) C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\Intel(R)WakeonVoiceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\IIS\RtI2SBgProc64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGui64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtI2SBgProc64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\AP\WavesSvc64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkNGui] => C:\Program Files\Realtek\Audio\AP\RtkNGui64.exe [9420544 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtI2SBgProc] => C:\Program Files\Realtek\Audio\AP\RtI2SBgProc64.exe [2725120 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\AP\WavesSvc64.exe [579712 2015-08-04] (Waves Audio Ltd.)
HKLM\...\Run: [CxAgent] => C:\Program Files\Realtek\Audio\AP\CXAPOAgent64.exe [760032 2015-08-04] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-09-30] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\Run: [EasyHideIPVPN] => C:\Program Files (x86)\Easy-Hide-IP VPN\easy.hide.ip.vpn.exe
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {21e5087e-a0de-11e5-826c-340286cfdb35} - "D:\setup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {21e50962-a0de-11e5-826c-340286cfdb35} - "F:\setup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {5a1f91c4-9368-11e5-826c-340286cfdb35} - "D:\SISetup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {ca67fdf4-5b70-11e5-8260-340286cfdb35} - "D:\setup.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{80da292b-9d3d-486b-b427-256248b5f7fa}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-05] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-05] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\xg9kqvea.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-30] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-30] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-08-12] (Microsoft Corporation)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.cz/ig","hxxp://www.istartsur ... oogle.com/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-10]
CHR Extension: (Disk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-05]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [85216 2015-06-10] (Dell Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-19] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) Wake on Voice Setup; C:\Program Files (x86)\Intel\Intel(R) Wake on Voice Setup\Intel(R)WakeonVoiceService.exe [17920 2014-09-24] (Intel) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-09-30] (Intel Corporation)
R2 RtkI2SCodec; C:\Program Files\Realtek\Audio\IIS\RtkI2SAudioService64.exe [167168 2015-08-04] (Realtek Semiconductor)
R2 WavesSysSvc; C:\Program Files\Realtek\Audio\AP\WavesSysSvc64.exe [515104 2015-08-04] (Waves Audio Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{50DED969-5C9C-4C8F-B087-B037B411E689}
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [41824 2014-09-19] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-19] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-19] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-15] (Disc Soft Ltd)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-19] (Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [52240 2015-06-06] (Intel Corporation)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
S3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-10] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-03] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-03] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [266512 2015-07-15] (Intel Corporation)
R3 IntcADSP; C:\Windows\system32\DRIVERS\IntcADSP.sys [756024 2015-08-04] (Intel(R) Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 RTKI2SAC; C:\Windows\system32\DRIVERS\RTKI2SAC.sys [235264 2015-08-04] (Realtek Semiconductor Corp.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [31512 2014-08-25] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-06 17:22 - 2016-08-06 17:23 - 00016195 _____ C:\Users\Admin\Desktop\FRST.txt
2016-08-06 17:22 - 2016-08-06 17:22 - 00000000 ____D C:\FRST
2016-08-06 17:21 - 2016-08-06 17:21 - 00029696 _____ C:\Users\Admin\AppData\Local\MSGBOX.EXE
2016-08-06 17:21 - 2016-08-06 17:21 - 00015327 _____ C:\Users\Admin\Desktop\LM.bat
2016-08-06 17:20 - 2016-08-06 17:20 - 02393600 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2016-08-06 17:20 - 2016-08-06 17:20 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2016-08-06 17:19 - 2016-08-06 17:19 - 00016148 _____ C:\WINDOWS\system32\DELL_Admin_HistoryPrediction.bin
2016-08-06 12:28 - 2016-08-06 12:28 - 00000000 ____D C:\Users\Admin\AppData\Local\Disc_Soft_Ltd
2016-08-06 12:18 - 2016-08-06 12:19 - 00000000 ____D C:\rsit
2016-08-06 12:18 - 2016-08-06 12:19 - 00000000 ____D C:\Program Files\trend micro
2016-08-06 12:18 - 2016-08-06 12:18 - 01222144 _____ C:\Users\Admin\Downloads\RSITx64.exe
2016-08-06 12:13 - 2016-08-06 17:11 - 00000000 ____D C:\AdwCleaner
2016-08-06 12:13 - 2016-08-06 12:13 - 03712064 _____ C:\Users\Admin\Downloads\adwcleaner_5.201.exe
2016-08-05 19:00 - 2016-08-05 19:07 - 221812904 _____ (Dell Inc.) C:\Users\Admin\Downloads\9343_Video_Driver_33X2V_WN32_20.19.15.4463_A03.EXE
2016-08-05 18:55 - 2016-08-05 18:55 - 00013560 _____ C:\Users\Admin\Downloads\DellSystemDetectLauncher.Application
2016-08-05 18:34 - 2016-08-05 18:34 - 00003520 _____ C:\WINDOWS\System32\Tasks\{2B548E31-72EF-4D8D-ABD0-324D9FEDDD40}
2016-08-05 12:47 - 2016-08-05 12:47 - 00000000 ____D C:\ProgramData\Citrix
2016-08-05 12:46 - 2016-08-05 12:46 - 00000000 ____D C:\Users\Admin\AppData\Local\Citrix
2016-08-05 12:46 - 2016-08-05 12:46 - 00000000 ____D C:\Program Files (x86)\Citrix
2016-08-05 12:41 - 2016-08-05 12:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\PCDr
2016-08-05 09:45 - 2016-08-05 18:56 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2016-08-05 09:45 - 2016-08-05 09:45 - 00013560 _____ C:\Users\Admin\Downloads\Nepotvrzeno 125782.crdownload
2016-07-28 20:09 - 2016-08-05 18:25 - 00036903 ____H C:\Users\Admin\AppData\Local\IconCache.db.backup
2016-07-28 20:08 - 2016-07-28 20:08 - 84914176 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2016-07-28 20:08 - 2016-07-28 20:08 - 00307200 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2016-07-28 20:08 - 2016-07-28 20:08 - 00069632 _____ C:\WINDOWS\system32\config\SAM.iobit
2016-07-28 20:08 - 2016-07-28 20:08 - 00024576 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2016-07-28 20:03 - 2016-08-05 18:37 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-07-28 20:01 - 2016-08-05 18:27 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\IObit
2016-07-28 20:01 - 2016-08-05 18:27 - 00000000 ____D C:\ProgramData\ProductData
2016-07-28 20:01 - 2016-07-28 20:01 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-07-28 20:01 - 2016-07-28 20:01 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-07-28 20:00 - 2016-08-05 18:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2016-07-28 20:00 - 2016-08-05 18:27 - 00000000 ____D C:\ProgramData\IObit
2016-07-28 20:00 - 2016-08-05 13:21 - 00000000 ____D C:\Program Files (x86)\IObit
2016-07-22 09:36 - 2016-07-22 09:36 - 00348376 _____ (Spotify Ltd) C:\Users\Admin\Downloads\SpotifySetup(1).exe
2016-07-22 09:35 - 2016-07-22 09:35 - 00348376 _____ (Spotify Ltd) C:\Users\Admin\Downloads\SpotifySetup.exe
2016-07-18 15:38 - 2016-07-18 15:38 - 00117042 _____ C:\Users\Admin\Downloads\Klientské centrum _ MALL.pdf
2016-07-16 10:46 - 2016-07-16 10:46 - 00123754 _____ C:\Users\Admin\Downloads\Solen_lek-200702-0007.pdf
2016-07-13 09:41 - 2016-07-13 12:38 - 00000000 ____D C:\Users\Admin\Desktop\GALERIE
2016-07-13 09:12 - 2016-06-07 16:30 - 23174393 _____ C:\Users\Admin\Desktop\Jak na perfektní obočí - produkty-fiT5I4nOPnw.mp4
2016-07-13 09:12 - 2016-05-25 09:22 - 05334788 _____ C:\Users\Admin\Desktop\Kristina-Cechova-Top30-kucharka.PDF
2016-07-13 09:11 - 2016-06-18 08:44 - 141034754 _____ C:\Users\Admin\Desktop\Novinky a nákupy květen ode mě z postele --)-3BBEvFLCxhM.mp4
2016-07-13 09:11 - 2016-06-18 08:43 - 61085967 _____ C:\Users\Admin\Desktop\Budu točit česky Tipy jak se naučit anglicky a zadarmo!-IZSVpdqFKjw.mp4
2016-07-13 09:11 - 2016-06-14 09:50 - 166070658 _____ C:\Users\Admin\Desktop\Objevy a přešlapy z dekorativky-Fs6cb5G_8po.mp4
2016-07-13 09:10 - 2016-07-13 12:43 - 00000000 ____D C:\Users\Admin\Desktop\4!!!!
2016-07-13 09:07 - 2016-07-13 09:10 - 00000000 ____D C:\Users\Admin\Desktop\CVIČENÍ
2016-07-13 09:02 - 2016-08-05 18:28 - 00000000 ____D C:\Users\Admin\Desktop\Nová složka
2016-07-12 10:31 - 2016-08-05 18:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-07-10 11:54 - 2016-08-05 18:26 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2016-07-10 11:54 - 2016-07-10 11:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2016-07-10 11:50 - 2016-07-10 11:50 - 00001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-10 11:50 - 2016-07-10 11:50 - 00000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-06 17:15 - 2015-09-11 14:54 - 01765712 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-06 17:15 - 2015-07-10 18:02 - 00747686 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-06 17:15 - 2015-07-10 18:02 - 00150086 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-06 17:15 - 2015-07-10 13:02 - 00000000 ____D C:\WINDOWS\INF
2016-08-06 17:11 - 2015-09-11 14:50 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-06 17:11 - 2015-09-04 14:33 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-06 17:11 - 2015-09-04 10:53 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2016-08-06 17:11 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-06 17:11 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-06 17:09 - 2015-09-11 14:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-06 17:09 - 2015-09-04 14:30 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6B3F3965-CD38-4CDF-A3AC-1D39D542479D}
2016-08-06 16:35 - 2015-09-04 14:33 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-06 12:28 - 2015-09-15 09:11 - 00000000 ____D C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2016-08-06 12:08 - 2015-09-12 11:18 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-08-05 18:56 - 2015-09-23 16:05 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-08-05 18:38 - 2015-09-04 14:31 - 00000000 ____D C:\ProgramData\Oracle
2016-08-05 18:37 - 2015-09-04 14:31 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-08-05 18:37 - 2015-09-04 14:31 - 00000000 ____D C:\Users\Admin\.oracle_jre_usage
2016-08-05 18:37 - 2015-09-04 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-05 18:37 - 2015-09-04 14:31 - 00000000 ____D C:\Program Files (x86)\Java
2016-08-05 18:35 - 2015-09-25 15:30 - 00000000 ____D C:\Program Files\iTunes
2016-08-05 18:35 - 2015-09-25 15:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-05 18:34 - 2016-02-05 17:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\MiniLyrics
2016-08-05 18:34 - 2016-02-05 17:03 - 00000000 ____D C:\Program Files (x86)\MiniLyrics
2016-08-05 18:33 - 2015-09-12 11:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Dropbox
2016-08-05 18:32 - 2015-09-04 14:32 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-05 18:30 - 2015-09-04 14:33 - 00004028 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-05 18:30 - 2015-09-04 14:33 - 00003796 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-05 18:28 - 2015-12-15 15:27 - 00000000 ____D C:\Program Files\Farming Simulator 15
2016-08-05 18:28 - 2015-09-15 08:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-05 18:28 - 2015-09-11 14:51 - 00000000 ____D C:\Users\Admin
2016-08-05 18:28 - 2015-09-04 14:31 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2016-08-05 18:28 - 2015-09-04 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-05 18:28 - 2015-09-04 12:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-05 18:28 - 2015-09-04 12:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-08-05 18:28 - 2015-07-10 18:05 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-05 18:28 - 2015-07-10 18:05 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-05 18:28 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-08-05 18:28 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-08-05 18:28 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-05 18:28 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-08-05 18:27 - 2015-09-17 18:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-05 18:27 - 2015-09-10 15:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IrfanView
2016-08-05 18:27 - 2015-09-03 15:44 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-08-05 18:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-05 18:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-05 18:27 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-05 18:27 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-05 18:26 - 2015-12-12 16:40 - 00000000 ____D C:\Program Files\Adobe
2016-08-05 18:26 - 2015-09-15 08:05 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-05 18:26 - 2015-09-12 11:27 - 00000000 ___RD C:\Users\Admin\Dropbox
2016-08-05 18:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\registration
2016-08-05 18:25 - 2015-09-15 08:05 - 00000000 __RHD C:\MSOCache
2016-08-05 13:51 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-05 09:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-28 20:04 - 2015-09-11 15:47 - 00000000 ___DC C:\WINDOWS\Panther
2016-07-26 11:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
==================== Files in the root of some directories =======
2016-08-06 17:21 - 2016-08-06 17:21 - 0029696 _____ () C:\Users\Admin\AppData\Local\MSGBOX.EXE
Files to move or delete:
====================
C:\Users\Public\VOIP.dat
Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1t4hga.dll
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprrvkhp.dll
C:\Users\Admin\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Admin\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Admin\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Admin\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Admin\AppData\Local\Temp\libeay32.dll
C:\Users\Admin\AppData\Local\Temp\msvcr120.dll
C:\Users\Admin\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Admin\AppData\Local\Temp\sfareca00001.dll
C:\Users\Admin\AppData\Local\Temp\sfextra.dll
C:\Users\Admin\AppData\Local\Temp\siinst.exe
C:\Users\Admin\AppData\Local\Temp\SpOrder.dll
C:\Users\Admin\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Admin\AppData\Local\Temp\strings.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-05 19:05
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.zip
- (7.92 KiB) Staženo 75 x
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení PC
Otevřte poznámkový blok a zkopírujte do něj:
Doporučuji odinstalovat AdvancedSystemCare. Tento čistič vidí problémy i tam, kde nejsou a laik si jím snadno může poškodit systém.
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {21e5087e-a0de-11e5-826c-340286cfdb35} - "D:\setup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {21e50962-a0de-11e5-826c-340286cfdb35} - "F:\setup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {5a1f91c4-9368-11e5-826c-340286cfdb35} - "D:\SISetup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {ca67fdf4-5b70-11e5-8260-340286cfdb35} - "D:\setup.exe"
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Public\VOIP.dat
C:\Users\Admin\AppData\Local\Temp
Task: {1522897A-4613-4050-B7B6-9BA732D6E4BE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {24EC1271-3F35-4B84-9CDE-92F73C623D8D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {393B6340-8A70-4F04-BDE4-B7831FDB6ED2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {43C42443-6A55-4BC5-88C5-205D4DD6BBC5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4D3B867B-D0FC-4D47-8B71-C97C8AE0A504} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {761A3F6A-4449-42F0-94CE-A7AE4D3E0A94} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {77E3092E-9D55-4A84-A1A7-E292CBDDCA8B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {91F70C68-9EE0-49B4-A63B-B823DDC30FA6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {97009559-EA58-410E-83AE-E6A958CAB312} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D75405F3-CFA0-4A09-87F5-362C30D2D035} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FAAE57E7-B7B2-4CA2-86CF-69A26E37BB1E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
End
Doporučuji odinstalovat AdvancedSystemCare. Tento čistič vidí problémy i tam, kde nejsou a laik si jím snadno může poškodit systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení PC
Log níže, Advanced system care jsem odinstaloval již dříve, ale nejdřív jsem provedl obnovení systemu do data než to začalo dělat a nyní mě to asi někde visí, i přes to, že v programech(ovládacích panelech) ani v program files již tenhle program není.
Fix result of Farbar Recovery Scan Tool (x64) Version: 03-08-2016
Ran by Admin (2016-08-06 20:22:03) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {21e5087e-a0de-11e5-826c-340286cfdb35} - "D:\setup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {21e50962-a0de-11e5-826c-340286cfdb35} - "F:\setup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {5a1f91c4-9368-11e5-826c-340286cfdb35} - "D:\SISetup.exe"
HKU\S-1-5-21-4191368967-4216378553-406102012-1001\...\MountPoints2: {ca67fdf4-5b70-11e5-8260-340286cfdb35} - "D:\setup.exe"
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Public\VOIP.dat
C:\Users\Admin\AppData\Local\Temp
Task: {1522897A-4613-4050-B7B6-9BA732D6E4BE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {24EC1271-3F35-4B84-9CDE-92F73C623D8D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {393B6340-8A70-4F04-BDE4-B7831FDB6ED2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {43C42443-6A55-4BC5-88C5-205D4DD6BBC5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4D3B867B-D0FC-4D47-8B71-C97C8AE0A504} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {761A3F6A-4449-42F0-94CE-A7AE4D3E0A94} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {77E3092E-9D55-4A84-A1A7-E292CBDDCA8B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {91F70C68-9EE0-49B4-A63B-B823DDC30FA6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {97009559-EA58-410E-83AE-E6A958CAB312} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D75405F3-CFA0-4A09-87F5-362C30D2D035} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FAAE57E7-B7B2-4CA2-86CF-69A26E37BB1E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-4191368967-4216378553-406102012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21e5087e-a0de-11e5-826c-340286cfdb35}" => key removed successfully
HKCR\CLSID\{21e5087e-a0de-11e5-826c-340286cfdb35} => key not found.
"HKU\S-1-5-21-4191368967-4216378553-406102012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21e50962-a0de-11e5-826c-340286cfdb35}" => key removed successfully
HKCR\CLSID\{21e50962-a0de-11e5-826c-340286cfdb35} => key not found.
"HKU\S-1-5-21-4191368967-4216378553-406102012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a1f91c4-9368-11e5-826c-340286cfdb35}" => key removed successfully
HKCR\CLSID\{5a1f91c4-9368-11e5-826c-340286cfdb35} => key not found.
"HKU\S-1-5-21-4191368967-4216378553-406102012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca67fdf4-5b70-11e5-8260-340286cfdb35}" => key removed successfully
HKCR\CLSID\{ca67fdf4-5b70-11e5-8260-340286cfdb35} => key not found.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Public\VOIP.dat => moved successfully
"C:\Users\Admin\AppData\Local\Temp" folder move:
Could not move "C:\Users\Admin\AppData\Local\Temp" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1522897A-4613-4050-B7B6-9BA732D6E4BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1522897A-4613-4050-B7B6-9BA732D6E4BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24EC1271-3F35-4B84-9CDE-92F73C623D8D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24EC1271-3F35-4B84-9CDE-92F73C623D8D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{393B6340-8A70-4F04-BDE4-B7831FDB6ED2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{393B6340-8A70-4F04-BDE4-B7831FDB6ED2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43C42443-6A55-4BC5-88C5-205D4DD6BBC5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43C42443-6A55-4BC5-88C5-205D4DD6BBC5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D3B867B-D0FC-4D47-8B71-C97C8AE0A504}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D3B867B-D0FC-4D47-8B71-C97C8AE0A504}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{761A3F6A-4449-42F0-94CE-A7AE4D3E0A94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{761A3F6A-4449-42F0-94CE-A7AE4D3E0A94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{77E3092E-9D55-4A84-A1A7-E292CBDDCA8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77E3092E-9D55-4A84-A1A7-E292CBDDCA8B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{91F70C68-9EE0-49B4-A63B-B823DDC30FA6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91F70C68-9EE0-49B4-A63B-B823DDC30FA6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97009559-EA58-410E-83AE-E6A958CAB312}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97009559-EA58-410E-83AE-E6A958CAB312}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D75405F3-CFA0-4A09-87F5-362C30D2D035}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D75405F3-CFA0-4A09-87F5-362C30D2D035}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAAE57E7-B7B2-4CA2-86CF-69A26E37BB1E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAAE57E7-B7B2-4CA2-86CF-69A26E37BB1E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-08-06 20:23:02)
C:\Users\Admin\AppData\Local\Temp => moved successfully
==== End of Fixlog 20:23:02 ====
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení PC
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení PC
Mě upřímně největší změna nastala po tom prvním fixu ADWcleaneru, ale nyní se to ještě asi doladilo.
Každopádně děkuji za pomoc. Pošlu 100,- na účet za tipy a vyřešení
Každopádně děkuji za pomoc. Pošlu 100,- na účet za tipy a vyřešení
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení PC
Nemáte zač a za příspěvek děkujeme! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?