Zdravím,
před nedávnem jsem zde vyřešil problém se svým XPS a poslal jsem potom donate, teď mě dala tchýně roční HP a že tam chce nainstalovat nějaký prohlížeč na fotky a pdf, ale je to tak pomalé, že se to nedá, je to prostě lowend PC nebo nějakým adware, prý to vůbec nepoužívá?
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vendulka at 2016-10-09 16:55:19
Microsoft Windows 8.1
System drive C: has 883 GB (95%) free of 931 GB
Total RAM: 8113 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:55:31, on 9. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vendulka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [isa] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @oem17.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem7.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee Boot Delay Start Service (mcbootdelaystartsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11106 bytes
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 117218657136
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {ce0053fb-72c2-44d6-a731791ba9e37ef0}
C:\Windows\SysWOW64\esif_uf.exe
"C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Windows\system32\mfevtps.exe" -mms
"C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" -mms
"C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe" /McCoreSvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-58abc836-761d-4dda-9728-80e59d98c738 -SystemEventPortName:HostProcess-5db03d05-9452-4832-8e51-b676117ebbd8 -IoCancelEventPortName:HostProcess-c0aba550-8888-4318-977f-fca6f609bd3d -NonStateChangingEventPortName:HostProcess-0f8327fe-743b-447c-ae03-c246e964e1a5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fdc5bd6b-4cff-4c6c-ba8c-0dbca72dec0d -DeviceGroupId:
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe"
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
taskhostex.exe
C:\Windows\Explorer.EXE
"c:\PROGRA~1\mcafee\vul\mcvulctr.exe" -Embedding
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /actionsPending
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3932123d-3d93-4f5c-b189-10b6855ba794 -SystemEventPortName:HostProcess-bb83d283-9b11-4ae4-a77e-de169b249f0d -IoCancelEventPortName:HostProcess-c60022ff-5c5c-44fb-b62a-8b4530e281c8 -NonStateChangingEventPortName:HostProcess-7b5b1b91-c52f-4517-9d2e-926d04da1d9d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:06174fc3-3153-4f16-857d-6c2b588cbfd0 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Vendulka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0x13c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4136.0.1960207919\219666113" --mojo-application-channel-token=744A26B1CCFC6981BABC3B6FD265713B --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_15/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x22b1 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4175 --gpu-driver-date=3-19-2015 --mojo-platform-channel-handle=1124 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteEvaluatorGroup/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_15/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=05C1954BD47A7B11EA42E16E3F8FE544 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=564C28D38378247B9BF730D175F8320A --mojo-application-channel-token=05C1954BD47A7B11EA42E16E3F8FE544 --channel="4136.9.1607284162\937236161" --mojo-platform-channel-handle=3644 /prefetch:1
wmiadap.exe /R /T
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Opera\launcher.exe" --scheduledautoupdate $(Arg0)
taskhost.exe $(Arg0)
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-cc094b56-7512-4c57-9421-56963dbb77f8 -SystemEventPortName:HostProcess-efc8fc1a-0961-4352-b511-313719aa23c0 -IoCancelEventPortName:HostProcess-d4eee1c9-ab22-49bf-a2a2-8e413f372748 -NonStateChangingEventPortName:HostProcess-411eca13-44ca-4c3d-93f3-b58027726470 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b516ae72-d079-4afb-8891-d84509565d0e -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\dxdiag.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\msfeedssync.exe sync
C:\Windows\System32\wsqmcons.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe" /send
C:\Windows\system32\CompatTelRunner.exe
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe22_ Global\UsGthrCtrlFltPipeMssGthrPipe22 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Opera\40.0.2308.81\opera_autoupdate.exe" --host --pipeid=oauc_task_pipee59e7323ed1cebd78082538c8b9cbe70 --version=40.0.2308.81 --lang=cs --producttype --requesttype=automatic --downloaddir="C:\Windows\TEMP\opera autoupdate" --operadir="C:\Program Files (x86)\Opera\40.0.2308.81" --installdir="C:\Program Files (x86)\Opera" --profile="C:\Windows\TEMP\opera autoupdate" --nometrics --scheduledtask
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\Vendulka\Downloads\RSITx64.exe"
"C:\Program Files\Internet Explorer\IELowutil.exe" -PID:123
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForVendulka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForVendulka (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\Vendulka\AppData\Roaming\Mozilla\Firefox\Profiles\nylx5yoa.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-03-05 8458968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-03-03 2871464]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2015-02-17 654088]
"isa"=C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-18 330240]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-10-09 16:55:20 ----D---- C:\Program Files\trend micro
2016-10-09 16:55:19 ----D---- C:\rsit
2016-10-08 10:03:03 ----D---- C:\Users\Vendulka\AppData\Roaming\MysteryTag
2016-10-08 10:00:52 ----D---- C:\Spidla
2016-09-20 15:37:12 ----D---- C:\Program Files (x86)\Google
2016-09-20 15:11:59 ----A---- C:\Windows\system32\sppsvc.exe
2016-09-20 15:11:56 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-09-20 15:11:54 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-09-20 15:11:52 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-09-20 15:11:52 ----A---- C:\Windows\system32\consent.exe
2016-09-20 15:11:51 ----A---- C:\Windows\system32\msi.dll
2016-09-20 15:11:51 ----A---- C:\Windows\system32\appinfo.dll
2016-09-20 15:11:49 ----A---- C:\Windows\system32\shell32.dll
2016-09-20 15:11:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-09-20 15:11:46 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-09-20 15:11:46 ----A---- C:\Windows\system32\authui.dll
2016-09-20 15:11:45 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-09-20 15:11:45 ----A---- C:\Windows\system32\sppobjs.dll
2016-09-20 15:11:44 ----A---- C:\Windows\system32\glcndFilter.dll
2016-09-20 15:11:43 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-09-20 15:11:43 ----A---- C:\Windows\system32\twinui.dll
2016-09-20 15:11:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-20 15:11:43 ----A---- C:\Windows\system32\drivers\cng.sys
2016-09-20 15:11:43 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-09-20 15:11:42 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-20 15:11:41 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2016-09-20 15:11:41 ----A---- C:\Windows\system32\wuaueng.dll
2016-09-20 15:11:41 ----A---- C:\Windows\system32\crypt32.dll
2016-09-20 15:11:40 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-09-20 15:11:40 ----A---- C:\Windows\system32\certcli.dll
2016-09-20 15:11:39 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-09-20 15:11:39 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-09-20 15:11:39 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-09-20 15:11:39 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-09-20 15:11:39 ----A---- C:\Windows\system32\CertEnroll.dll
2016-09-20 15:11:38 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\winhttp.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\sppwinob.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\rdpcorets.dll
2016-09-20 15:11:36 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-09-20 15:11:36 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\rpcss.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\ole32.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\KernelBase.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\kerberos.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2016-09-20 15:11:35 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\wuapi.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\webio.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\drivers\rdbss.sys
2016-09-20 15:11:35 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\wucltux.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\tpmvsc.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\netlogon.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\MPSSVC.dll
2016-09-20 15:11:33 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2016-09-20 15:11:33 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\schannel.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\rdpcore.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\drivers\storport.sys
2016-09-20 15:11:33 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-09-20 15:11:33 ----A---- C:\Windows\system32\certutil.exe
2016-09-20 15:11:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-09-20 15:11:32 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2016-09-20 15:11:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-09-20 15:11:31 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-09-20 15:11:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\stornvme.sys
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\mup.sys
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\hidusb.sys
2016-09-20 15:11:30 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-09-20 15:11:30 ----A---- C:\Windows\system32\gpresult.exe
2016-09-20 15:11:30 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-09-20 15:11:29 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Geolocation.dll
2016-09-20 15:11:29 ----A---- C:\Windows\system32\LocationApi.dll
2016-09-20 15:11:28 ----A---- C:\Windows\SYSWOW64\cryptxml.dll
2016-09-20 15:11:28 ----A---- C:\Windows\system32\cryptxml.dll
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\UserAccountBroker.exe
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2016-09-20 15:11:27 ----A---- C:\Windows\system32\wuauclt.exe
2016-09-20 15:11:27 ----A---- C:\Windows\system32\WebClnt.dll
2016-09-20 15:11:27 ----A---- C:\Windows\system32\UserAccountBroker.exe
2016-09-20 15:11:27 ----A---- C:\Windows\system32\msiexec.exe
2016-09-20 15:11:26 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-09-20 15:11:26 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\FirewallAPI.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-09-20 15:11:25 ----A---- C:\Windows\system32\wfapigp.dll
2016-09-20 15:11:25 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2016-09-20 15:11:24 ----A---- C:\Windows\system32\hbaapi.dll
2016-09-20 15:11:24 ----A---- C:\Windows\system32\fveapi.dll
2016-09-20 15:11:22 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2016-09-20 15:11:22 ----A---- C:\Windows\system32\bdesvc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\gpresult.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wuwebv.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wudriver.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wuapp.exe
2016-09-20 15:11:21 ----A---- C:\Windows\system32\httpprxp.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\httpprxm.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\fvecpl.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-09-20 15:11:21 ----A---- C:\Windows\system32\certenc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\adhsvc.dll
2016-09-20 14:54:24 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-09-20 14:54:24 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\ws2_32.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\mswsock.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-09-20 14:44:46 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2016-09-20 14:44:46 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2016-09-20 14:44:45 ----A---- C:\Windows\SYSWOW64\msvcp120_clr0400.dll
2016-09-20 14:44:45 ----A---- C:\Windows\system32\msvcp120_clr0400.dll
2016-09-20 14:44:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-09-20 14:44:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-09-20 14:44:34 ----A---- C:\Windows\system32\atmlib.dll
2016-09-20 14:44:34 ----A---- C:\Windows\system32\atmfd.dll
2016-09-20 14:40:52 ----A---- C:\Windows\system32\poqexec.exe
2016-09-20 14:40:51 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-09-20 14:40:40 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-09-20 14:40:40 ----A---- C:\Windows\system32\gdi32.dll
======List of files/folders modified in the last 1 month======
2016-10-09 16:55:20 ----RD---- C:\Program Files
2016-10-09 16:55:06 ----D---- C:\Windows\Temp
2016-10-09 16:54:47 ----D---- C:\Windows\Prefetch
2016-10-09 16:51:54 ----D---- C:\Windows\Microsoft.NET
2016-10-09 16:51:51 ----D---- C:\Windows\system32\sru
2016-10-08 10:31:12 ----D---- C:\Windows\system32\config
2016-10-08 09:54:34 ----D---- C:\Windows\WinSxS
2016-10-08 09:53:22 ----RD---- C:\Windows\System32
2016-10-08 09:53:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-08 09:53:22 ----D---- C:\Windows\SysWOW64
2016-10-08 09:53:22 ----D---- C:\Windows\system32\cs-CZ
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnhupnp.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnhpast.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnathlp.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnsvr.exe
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnhupnp.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnhpast.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnet.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnathlp.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dpwsockx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dpmodemx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dplayx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dplaysvr.exe
2016-10-08 09:53:15 ----D---- C:\Windows\CbsTemp
2016-10-08 09:47:10 ----SHD---- C:\System Volume Information
2016-10-08 09:03:03 ----SD---- C:\Users\Vendulka\AppData\Roaming\Microsoft
2016-10-08 09:03:02 ----D---- C:\Windows\Tasks
2016-10-08 09:03:02 ----D---- C:\Windows\system32\Tasks
2016-10-08 09:01:36 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-10-05 13:35:05 ----D---- C:\Windows\Inf
2016-10-05 13:31:54 ----D---- C:\Program Files (x86)\Opera
2016-09-20 18:06:24 ----HD---- C:\Program Files\WindowsApps
2016-09-20 18:06:23 ----D---- C:\Windows\AppReadiness
2016-09-20 17:34:32 ----D---- C:\Windows\system32\catroot2
2016-09-20 16:11:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-09-20 16:08:43 ----D---- C:\ProgramData\McAfee
2016-09-20 15:51:52 ----D---- C:\Program Files\Windows Journal
2016-09-20 15:51:51 ----RD---- C:\Windows\ToastData
2016-09-20 15:51:51 ----D---- C:\Windows\system32\drivers
2016-09-20 15:51:51 ----D---- C:\Windows\system32\CodeIntegrity
2016-09-20 15:51:38 ----D---- C:\Windows\SYSWOW64\wbem
2016-09-20 15:51:38 ----D---- C:\Windows\SYSWOW64\migration
2016-09-20 15:51:35 ----D---- C:\Windows\system32\wbem
2016-09-20 15:51:35 ----D---- C:\Windows\system32\migration
2016-09-20 15:51:32 ----D---- C:\Windows\apppatch
2016-09-20 15:51:28 ----D---- C:\Windows\system32\DriverStore
2016-09-20 15:48:15 ----SHD---- C:\Windows\Installer
2016-09-20 15:44:33 ----D---- C:\Windows\system32\MRT
2016-09-20 15:44:12 ----AC---- C:\Windows\system32\MRT.exe
2016-09-20 15:43:55 ----RD---- C:\Program Files (x86)
2016-09-20 15:36:55 ----D---- C:\Windows\system32\Macromed
2016-09-20 15:36:51 ----D---- C:\Windows\SYSWOW64\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2015-11-25 846080]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2015-11-25 245096]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R3 bcbtums;@oem17.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-13 170712]
R3 BCM43XX;@oem14.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-08-31 7533784]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2015-11-25 79248]
R3 clwvd;@oem23.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dptf_acpi;dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [2015-04-02 45648]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-04-02 41552]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-04-02 243792]
R3 igfxLP;igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [2015-03-31 4515768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-03-05 4421464]
R3 IntcDAud;@oem10.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-03-31 460048]
R3 iusb3adp;@oem9.inf,%iusb3adp.SvcDesc%;Adaptivní ovladač hostitelského řadiče Intel(R) USB 3.0; C:\Windows\System32\drivers\iusb3adp.sys [2015-03-27 23824]
R3 iwdbus;@oem13.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2015-03-04 30512]
R3 mfeaack;McAfee Inc. mfeaack; C:\Windows\system32\drivers\mfeaack.sys [2015-11-25 419624]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2015-11-25 351144]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2015-11-25 496368]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2015-11-20 539496]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-01-23 876760]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-03 33448]
R3 SynTP;@oem19.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-03-03 587944]
R3 TXEIx64;@oem8.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-11-24 114976]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2015-11-25 83096]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwampfl;@oem18.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-08-08 185600]
S3 BtwSerialBus;@oem18.inf,%Bus.SVCDESC%;Broadcom Serial Bus Driver over UART Bus Enumerator; C:\Windows\System32\drivers\BtwSerialBus.sys [2014-04-23 153304]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2015-05-19 207208]
S3 intaud_WaveExtensible;@oem12.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-03-04 42288]
S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2015-11-20 109480]
S3 RSUSBSTOR;@oem16.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-12-23 274648]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-03-03 33448]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-11-21 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-11-21 38792]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 esifsvc;@oem7.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-04-02 1332184]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-20 99128]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-02-17 608520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-03-31 342728]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2014-12-10 172320]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2016-01-08 863448]
R2 mcbootdelaystartsvc;McAfee Boot Delay Start Service; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [2015-12-02 1694152]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [2016-01-21 380896]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2015-11-18 275368]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2015-01-30 103424]
R2 PEFService;Intel Security PEF Service; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2015-12-14 902112]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-03-05 293080]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2016-05-16 465088]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-03-03 220840]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-22 43696]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-18 330240]
R3 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2015-11-18 234192]
S2 BcmBtRSupport;@oem17.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-13 2251992]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20 152216]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-02-18 7680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-20 270016]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-03-31 277704]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20 152216]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2014-10-03 881152]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2014-03-12 332528]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2016-01-08 681680]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-12-22 146888]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2016-01-03 453520]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomalé PC
Jinak ještě jsem zkusil spustit Adw cleaneru a ten nenašel žádnou hrozbu
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC
Zdravím!
V PC jsou 2 antiviry. Avast a McAfee. Jeden z nich odinstalujte. Pak dejte Nový log RSIT.
V PC jsou 2 antiviry. Avast a McAfee. Jeden z nich odinstalujte. Pak dejte Nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC
Aha moje chyba, odinstalován mcafee.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vendulka at 2016-10-09 19:24:53
Microsoft Windows 8.1
System drive C: has 886 GB (95%) free of 931 GB
Total RAM: 8113 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:57, on 9. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vendulka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [isa] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @oem17.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem7.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9002 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 1033203053984
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\esif_uf.exe
dashost.exe {0309c0d2-3813-4d7f-ad8542f52e0f6558}
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fe15e042-0aef-4f4a-9956-70f891f41168 -SystemEventPortName:HostProcess-c0953cf4-426c-44cb-8a69-eb2c30a49e03 -IoCancelEventPortName:HostProcess-8dcb18f2-96fd-4fe2-be61-8ea36ea6b42e -NonStateChangingEventPortName:HostProcess-4eac78ae-4011-465b-8ff5-b5c5d6faf4ca -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c761d034-7476-48e1-a2c9-b95ad002a4b1 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
taskhostex.exe
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Vendulka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0x13c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2692.0.1723843420\1973842365" --mojo-application-channel-token=691A2A03053783F11AF7785192915F01 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_15/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x22b1 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4175 --gpu-driver-date=3-19-2015 --mojo-platform-channel-handle=1104 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\AVAST Software\SecureLine\SecureLine.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Windows Defender\MSASCui.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_15/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=AC25BDD1C733D5263DD64A781EBB70E2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=654DB755A06E49791233A95C84A26E15 --mojo-application-channel-token=AC25BDD1C733D5263DD64A781EBB70E2 --channel="2692.6.1350241935\10383242" --mojo-platform-channel-handle=2884 /prefetch:1
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-de5d8675-fa36-4540-8883-bd9d3ec0afd2 -SystemEventPortName:HostProcess-aedc4f0f-c1df-4f66-a231-138caaa46943 -IoCancelEventPortName:HostProcess-b8d8e130-f96f-437b-b1aa-2abff9541749 -NonStateChangingEventPortName:HostProcess-78c15ad1-0ec0-48e9-a33d-e1a79f0a9be4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:edf29b98-bb97-4060-910f-1295d8a409f8 -DeviceGroupId:WudfDefaultDevicePool
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
taskhost.exe $(Arg0)
"C:\Users\Vendulka\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForVendulka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForVendulka (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-03-05 8458968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-03-03 2871464]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2015-02-17 654088]
"isa"=C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-18 330240]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-10-09 17:21:25 ----SHD---- C:\Config.Msi
2016-10-09 17:11:01 ----D---- C:\Users\Vendulka\AppData\Roaming\IrfanView
2016-10-09 17:10:56 ----D---- C:\Program Files\IrfanView
2016-10-09 16:57:10 ----D---- C:\AdwCleaner
2016-10-09 16:55:20 ----D---- C:\Program Files\trend micro
2016-10-09 16:55:19 ----D---- C:\rsit
2016-10-08 10:03:03 ----D---- C:\Users\Vendulka\AppData\Roaming\MysteryTag
2016-10-08 10:00:52 ----D---- C:\Spidla
2016-09-20 15:37:12 ----D---- C:\Program Files (x86)\Google
2016-09-20 15:11:59 ----A---- C:\Windows\system32\sppsvc.exe
2016-09-20 15:11:56 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-09-20 15:11:54 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-09-20 15:11:52 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-09-20 15:11:52 ----A---- C:\Windows\system32\consent.exe
2016-09-20 15:11:51 ----A---- C:\Windows\system32\msi.dll
2016-09-20 15:11:51 ----A---- C:\Windows\system32\appinfo.dll
2016-09-20 15:11:49 ----A---- C:\Windows\system32\shell32.dll
2016-09-20 15:11:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-09-20 15:11:46 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-09-20 15:11:46 ----A---- C:\Windows\system32\authui.dll
2016-09-20 15:11:45 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-09-20 15:11:45 ----A---- C:\Windows\system32\sppobjs.dll
2016-09-20 15:11:44 ----A---- C:\Windows\system32\glcndFilter.dll
2016-09-20 15:11:43 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-09-20 15:11:43 ----A---- C:\Windows\system32\twinui.dll
2016-09-20 15:11:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-20 15:11:43 ----A---- C:\Windows\system32\drivers\cng.sys
2016-09-20 15:11:43 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-09-20 15:11:42 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-20 15:11:41 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2016-09-20 15:11:41 ----A---- C:\Windows\system32\wuaueng.dll
2016-09-20 15:11:41 ----A---- C:\Windows\system32\crypt32.dll
2016-09-20 15:11:40 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-09-20 15:11:40 ----A---- C:\Windows\system32\certcli.dll
2016-09-20 15:11:39 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-09-20 15:11:39 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-09-20 15:11:39 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-09-20 15:11:39 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-09-20 15:11:39 ----A---- C:\Windows\system32\CertEnroll.dll
2016-09-20 15:11:38 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\winhttp.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\sppwinob.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\rdpcorets.dll
2016-09-20 15:11:36 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-09-20 15:11:36 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\rpcss.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\ole32.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\KernelBase.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\kerberos.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2016-09-20 15:11:35 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\wuapi.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\webio.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\drivers\rdbss.sys
2016-09-20 15:11:35 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\wucltux.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\tpmvsc.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\netlogon.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\MPSSVC.dll
2016-09-20 15:11:33 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2016-09-20 15:11:33 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\schannel.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\rdpcore.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\drivers\storport.sys
2016-09-20 15:11:33 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-09-20 15:11:33 ----A---- C:\Windows\system32\certutil.exe
2016-09-20 15:11:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-09-20 15:11:32 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2016-09-20 15:11:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-09-20 15:11:31 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-09-20 15:11:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\stornvme.sys
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\mup.sys
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\hidusb.sys
2016-09-20 15:11:30 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-09-20 15:11:30 ----A---- C:\Windows\system32\gpresult.exe
2016-09-20 15:11:30 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-09-20 15:11:29 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Geolocation.dll
2016-09-20 15:11:29 ----A---- C:\Windows\system32\LocationApi.dll
2016-09-20 15:11:28 ----A---- C:\Windows\SYSWOW64\cryptxml.dll
2016-09-20 15:11:28 ----A---- C:\Windows\system32\cryptxml.dll
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\UserAccountBroker.exe
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2016-09-20 15:11:27 ----A---- C:\Windows\system32\wuauclt.exe
2016-09-20 15:11:27 ----A---- C:\Windows\system32\WebClnt.dll
2016-09-20 15:11:27 ----A---- C:\Windows\system32\UserAccountBroker.exe
2016-09-20 15:11:27 ----A---- C:\Windows\system32\msiexec.exe
2016-09-20 15:11:26 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-09-20 15:11:26 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\FirewallAPI.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-09-20 15:11:25 ----A---- C:\Windows\system32\wfapigp.dll
2016-09-20 15:11:25 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2016-09-20 15:11:24 ----A---- C:\Windows\system32\hbaapi.dll
2016-09-20 15:11:24 ----A---- C:\Windows\system32\fveapi.dll
2016-09-20 15:11:22 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2016-09-20 15:11:22 ----A---- C:\Windows\system32\bdesvc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\gpresult.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wuwebv.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wudriver.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wuapp.exe
2016-09-20 15:11:21 ----A---- C:\Windows\system32\httpprxp.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\httpprxm.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\fvecpl.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-09-20 15:11:21 ----A---- C:\Windows\system32\certenc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\adhsvc.dll
2016-09-20 14:54:24 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-09-20 14:54:24 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\ws2_32.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\mswsock.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-09-20 14:44:46 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2016-09-20 14:44:46 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2016-09-20 14:44:45 ----A---- C:\Windows\SYSWOW64\msvcp120_clr0400.dll
2016-09-20 14:44:45 ----A---- C:\Windows\system32\msvcp120_clr0400.dll
2016-09-20 14:44:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-09-20 14:44:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-09-20 14:44:34 ----A---- C:\Windows\system32\atmlib.dll
2016-09-20 14:44:34 ----A---- C:\Windows\system32\atmfd.dll
2016-09-20 14:40:52 ----A---- C:\Windows\system32\poqexec.exe
2016-09-20 14:40:51 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-09-20 14:40:40 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-09-20 14:40:40 ----A---- C:\Windows\system32\gdi32.dll
======List of files/folders modified in the last 1 month======
2016-10-09 19:24:27 ----D---- C:\Windows\system32\sru
2016-10-09 17:21:31 ----SHD---- C:\Windows\Installer
2016-10-09 17:21:31 ----D---- C:\Windows\Temp
2016-10-09 17:21:30 ----RD---- C:\Program Files (x86)
2016-10-09 17:21:30 ----RD---- C:\Program Files
2016-10-09 17:21:29 ----RD---- C:\Windows\System32
2016-10-09 17:21:29 ----D---- C:\Windows\SysWOW64
2016-10-09 17:21:29 ----D---- C:\Windows\Prefetch
2016-10-09 17:20:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-09 17:20:30 ----D---- C:\Windows\Inf
2016-10-09 17:20:27 ----SHD---- C:\System Volume Information
2016-10-09 17:13:42 ----D---- C:\ProgramData\McAfee
2016-10-09 17:13:42 ----D---- C:\Program Files\Common Files
2016-10-09 17:13:40 ----D---- C:\Program Files (x86)\McAfee
2016-10-09 17:12:44 ----HD---- C:\ProgramData
2016-10-09 17:09:26 ----D---- C:\Windows\system32\drivers
2016-10-09 17:09:18 ----HD---- C:\Windows\ELAMBKUP
2016-10-09 17:08:36 ----D---- C:\Windows\system32\Tasks
2016-10-09 17:07:49 ----RSD---- C:\Windows\assembly
2016-10-09 17:04:47 ----D---- C:\Program Files (x86)\Opera
2016-10-09 16:51:54 ----D---- C:\Windows\Microsoft.NET
2016-10-08 10:31:12 ----D---- C:\Windows\system32\config
2016-10-08 09:54:35 ----D---- C:\Windows\CbsTemp
2016-10-08 09:54:34 ----D---- C:\Windows\WinSxS
2016-10-08 09:53:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-08 09:53:22 ----D---- C:\Windows\system32\cs-CZ
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnhupnp.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnhpast.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnathlp.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnsvr.exe
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnhupnp.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnhpast.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnet.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnathlp.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dpwsockx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dpmodemx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dplayx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dplaysvr.exe
2016-10-08 09:03:03 ----SD---- C:\Users\Vendulka\AppData\Roaming\Microsoft
2016-10-08 09:03:02 ----D---- C:\Windows\Tasks
2016-10-08 09:01:36 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-09-20 18:06:24 ----HD---- C:\Program Files\WindowsApps
2016-09-20 18:06:24 ----D---- C:\Windows\AppReadiness
2016-09-20 17:34:32 ----D---- C:\Windows\system32\catroot2
2016-09-20 15:51:52 ----D---- C:\Program Files\Windows Journal
2016-09-20 15:51:51 ----RD---- C:\Windows\ToastData
2016-09-20 15:51:51 ----D---- C:\Windows\system32\CodeIntegrity
2016-09-20 15:51:38 ----D---- C:\Windows\SYSWOW64\wbem
2016-09-20 15:51:38 ----D---- C:\Windows\SYSWOW64\migration
2016-09-20 15:51:35 ----D---- C:\Windows\system32\wbem
2016-09-20 15:51:35 ----D---- C:\Windows\system32\migration
2016-09-20 15:51:32 ----D---- C:\Windows\apppatch
2016-09-20 15:51:28 ----D---- C:\Windows\system32\DriverStore
2016-09-20 15:50:29 ----D---- C:\Windows\system32\MRT
2016-09-20 15:44:12 ----AC---- C:\Windows\system32\MRT.exe
2016-09-20 15:36:55 ----D---- C:\Windows\system32\Macromed
2016-09-20 15:36:51 ----D---- C:\Windows\SYSWOW64\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-12-15 71680]
R3 bcbtums;@oem17.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-13 170712]
R3 BCM43XX;@oem14.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-08-31 7533784]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 clwvd;@oem23.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dptf_acpi;dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [2015-04-02 45648]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-04-02 41552]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-04-02 243792]
R3 igfxLP;igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [2015-03-31 4515768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-03-05 4421464]
R3 IntcDAud;@oem10.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-03-31 460048]
R3 iusb3adp;@oem9.inf,%iusb3adp.SvcDesc%;Adaptivní ovladač hostitelského řadiče Intel(R) USB 3.0; C:\Windows\System32\drivers\iusb3adp.sys [2015-03-27 23824]
R3 iwdbus;@oem13.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2015-03-04 30512]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-01-23 876760]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-03 33448]
R3 SynTP;@oem19.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-03-03 587944]
R3 TXEIx64;@oem8.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-11-24 114976]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-12-15 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwampfl;@oem18.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-08-08 185600]
S3 BtwSerialBus;@oem18.inf,%Bus.SVCDESC%;Broadcom Serial Bus Driver over UART Bus Enumerator; C:\Windows\System32\drivers\BtwSerialBus.sys [2014-04-23 153304]
S3 intaud_WaveExtensible;@oem12.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-03-04 42288]
S3 RSUSBSTOR;@oem16.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-12-23 274648]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-03-03 33448]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-11-21 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-11-21 38792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 esifsvc;@oem7.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-04-02 1332184]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-20 99128]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-02-17 608520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-03-31 342728]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-02-18 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2014-12-10 172320]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2015-01-30 103424]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-03-05 293080]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2016-09-20 592392]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-03-03 220840]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-22 43696]
S2 BcmBtRSupport;@oem17.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-13 2251992]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20 152216]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-20 270016]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-03-31 277704]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20 152216]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2014-10-03 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-18 330240]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-11-21 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-11-21 38792]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vendulka at 2016-10-09 19:24:53
Microsoft Windows 8.1
System drive C: has 886 GB (95%) free of 931 GB
Total RAM: 8113 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:24:57, on 9. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vendulka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [isa] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @oem17.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem7.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9002 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 1033203053984
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\esif_uf.exe
dashost.exe {0309c0d2-3813-4d7f-ad8542f52e0f6558}
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fe15e042-0aef-4f4a-9956-70f891f41168 -SystemEventPortName:HostProcess-c0953cf4-426c-44cb-8a69-eb2c30a49e03 -IoCancelEventPortName:HostProcess-8dcb18f2-96fd-4fe2-be61-8ea36ea6b42e -NonStateChangingEventPortName:HostProcess-4eac78ae-4011-465b-8ff5-b5c5d6faf4ca -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c761d034-7476-48e1-a2c9-b95ad002a4b1 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
taskhostex.exe
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Vendulka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0x13c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2692.0.1723843420\1973842365" --mojo-application-channel-token=691A2A03053783F11AF7785192915F01 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_15/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x22b1 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4175 --gpu-driver-date=3-19-2015 --mojo-platform-channel-handle=1104 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\AVAST Software\SecureLine\SecureLine.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Windows Defender\MSASCui.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_15/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=AC25BDD1C733D5263DD64A781EBB70E2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=654DB755A06E49791233A95C84A26E15 --mojo-application-channel-token=AC25BDD1C733D5263DD64A781EBB70E2 --channel="2692.6.1350241935\10383242" --mojo-platform-channel-handle=2884 /prefetch:1
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-de5d8675-fa36-4540-8883-bd9d3ec0afd2 -SystemEventPortName:HostProcess-aedc4f0f-c1df-4f66-a231-138caaa46943 -IoCancelEventPortName:HostProcess-b8d8e130-f96f-437b-b1aa-2abff9541749 -NonStateChangingEventPortName:HostProcess-78c15ad1-0ec0-48e9-a33d-e1a79f0a9be4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:edf29b98-bb97-4060-910f-1295d8a409f8 -DeviceGroupId:WudfDefaultDevicePool
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
taskhost.exe $(Arg0)
"C:\Users\Vendulka\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForVendulka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForVendulka (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-03-05 8458968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-03-03 2871464]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2015-02-17 654088]
"isa"=C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-18 330240]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-10-09 17:21:25 ----SHD---- C:\Config.Msi
2016-10-09 17:11:01 ----D---- C:\Users\Vendulka\AppData\Roaming\IrfanView
2016-10-09 17:10:56 ----D---- C:\Program Files\IrfanView
2016-10-09 16:57:10 ----D---- C:\AdwCleaner
2016-10-09 16:55:20 ----D---- C:\Program Files\trend micro
2016-10-09 16:55:19 ----D---- C:\rsit
2016-10-08 10:03:03 ----D---- C:\Users\Vendulka\AppData\Roaming\MysteryTag
2016-10-08 10:00:52 ----D---- C:\Spidla
2016-09-20 15:37:12 ----D---- C:\Program Files (x86)\Google
2016-09-20 15:11:59 ----A---- C:\Windows\system32\sppsvc.exe
2016-09-20 15:11:56 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-09-20 15:11:54 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-09-20 15:11:52 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-09-20 15:11:52 ----A---- C:\Windows\system32\consent.exe
2016-09-20 15:11:51 ----A---- C:\Windows\system32\msi.dll
2016-09-20 15:11:51 ----A---- C:\Windows\system32\appinfo.dll
2016-09-20 15:11:49 ----A---- C:\Windows\system32\shell32.dll
2016-09-20 15:11:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-09-20 15:11:46 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-09-20 15:11:46 ----A---- C:\Windows\system32\authui.dll
2016-09-20 15:11:45 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-09-20 15:11:45 ----A---- C:\Windows\system32\sppobjs.dll
2016-09-20 15:11:44 ----A---- C:\Windows\system32\glcndFilter.dll
2016-09-20 15:11:43 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-09-20 15:11:43 ----A---- C:\Windows\system32\twinui.dll
2016-09-20 15:11:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-20 15:11:43 ----A---- C:\Windows\system32\drivers\cng.sys
2016-09-20 15:11:43 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-09-20 15:11:42 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-20 15:11:41 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2016-09-20 15:11:41 ----A---- C:\Windows\system32\wuaueng.dll
2016-09-20 15:11:41 ----A---- C:\Windows\system32\crypt32.dll
2016-09-20 15:11:40 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-09-20 15:11:40 ----A---- C:\Windows\system32\certcli.dll
2016-09-20 15:11:39 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-09-20 15:11:39 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-09-20 15:11:39 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-09-20 15:11:39 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-09-20 15:11:39 ----A---- C:\Windows\system32\CertEnroll.dll
2016-09-20 15:11:38 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\winhttp.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\sppwinob.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\rdpcorets.dll
2016-09-20 15:11:36 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-09-20 15:11:36 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\rpcss.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\ole32.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\KernelBase.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\kerberos.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2016-09-20 15:11:35 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\wuapi.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\webio.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\drivers\rdbss.sys
2016-09-20 15:11:35 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\wucltux.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\tpmvsc.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\netlogon.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\MPSSVC.dll
2016-09-20 15:11:33 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2016-09-20 15:11:33 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\schannel.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\rdpcore.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\drivers\storport.sys
2016-09-20 15:11:33 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-09-20 15:11:33 ----A---- C:\Windows\system32\certutil.exe
2016-09-20 15:11:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-09-20 15:11:32 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2016-09-20 15:11:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-09-20 15:11:31 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-09-20 15:11:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\stornvme.sys
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\mup.sys
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\hidusb.sys
2016-09-20 15:11:30 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-09-20 15:11:30 ----A---- C:\Windows\system32\gpresult.exe
2016-09-20 15:11:30 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-09-20 15:11:29 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Geolocation.dll
2016-09-20 15:11:29 ----A---- C:\Windows\system32\LocationApi.dll
2016-09-20 15:11:28 ----A---- C:\Windows\SYSWOW64\cryptxml.dll
2016-09-20 15:11:28 ----A---- C:\Windows\system32\cryptxml.dll
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\UserAccountBroker.exe
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2016-09-20 15:11:27 ----A---- C:\Windows\system32\wuauclt.exe
2016-09-20 15:11:27 ----A---- C:\Windows\system32\WebClnt.dll
2016-09-20 15:11:27 ----A---- C:\Windows\system32\UserAccountBroker.exe
2016-09-20 15:11:27 ----A---- C:\Windows\system32\msiexec.exe
2016-09-20 15:11:26 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-09-20 15:11:26 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\FirewallAPI.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-09-20 15:11:25 ----A---- C:\Windows\system32\wfapigp.dll
2016-09-20 15:11:25 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2016-09-20 15:11:24 ----A---- C:\Windows\system32\hbaapi.dll
2016-09-20 15:11:24 ----A---- C:\Windows\system32\fveapi.dll
2016-09-20 15:11:22 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2016-09-20 15:11:22 ----A---- C:\Windows\system32\bdesvc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\gpresult.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wuwebv.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wudriver.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wuapp.exe
2016-09-20 15:11:21 ----A---- C:\Windows\system32\httpprxp.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\httpprxm.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\fvecpl.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-09-20 15:11:21 ----A---- C:\Windows\system32\certenc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\adhsvc.dll
2016-09-20 14:54:24 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-09-20 14:54:24 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\ws2_32.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\mswsock.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-09-20 14:44:46 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2016-09-20 14:44:46 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2016-09-20 14:44:45 ----A---- C:\Windows\SYSWOW64\msvcp120_clr0400.dll
2016-09-20 14:44:45 ----A---- C:\Windows\system32\msvcp120_clr0400.dll
2016-09-20 14:44:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-09-20 14:44:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-09-20 14:44:34 ----A---- C:\Windows\system32\atmlib.dll
2016-09-20 14:44:34 ----A---- C:\Windows\system32\atmfd.dll
2016-09-20 14:40:52 ----A---- C:\Windows\system32\poqexec.exe
2016-09-20 14:40:51 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-09-20 14:40:40 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-09-20 14:40:40 ----A---- C:\Windows\system32\gdi32.dll
======List of files/folders modified in the last 1 month======
2016-10-09 19:24:27 ----D---- C:\Windows\system32\sru
2016-10-09 17:21:31 ----SHD---- C:\Windows\Installer
2016-10-09 17:21:31 ----D---- C:\Windows\Temp
2016-10-09 17:21:30 ----RD---- C:\Program Files (x86)
2016-10-09 17:21:30 ----RD---- C:\Program Files
2016-10-09 17:21:29 ----RD---- C:\Windows\System32
2016-10-09 17:21:29 ----D---- C:\Windows\SysWOW64
2016-10-09 17:21:29 ----D---- C:\Windows\Prefetch
2016-10-09 17:20:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-09 17:20:30 ----D---- C:\Windows\Inf
2016-10-09 17:20:27 ----SHD---- C:\System Volume Information
2016-10-09 17:13:42 ----D---- C:\ProgramData\McAfee
2016-10-09 17:13:42 ----D---- C:\Program Files\Common Files
2016-10-09 17:13:40 ----D---- C:\Program Files (x86)\McAfee
2016-10-09 17:12:44 ----HD---- C:\ProgramData
2016-10-09 17:09:26 ----D---- C:\Windows\system32\drivers
2016-10-09 17:09:18 ----HD---- C:\Windows\ELAMBKUP
2016-10-09 17:08:36 ----D---- C:\Windows\system32\Tasks
2016-10-09 17:07:49 ----RSD---- C:\Windows\assembly
2016-10-09 17:04:47 ----D---- C:\Program Files (x86)\Opera
2016-10-09 16:51:54 ----D---- C:\Windows\Microsoft.NET
2016-10-08 10:31:12 ----D---- C:\Windows\system32\config
2016-10-08 09:54:35 ----D---- C:\Windows\CbsTemp
2016-10-08 09:54:34 ----D---- C:\Windows\WinSxS
2016-10-08 09:53:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-08 09:53:22 ----D---- C:\Windows\system32\cs-CZ
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnhupnp.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnhpast.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnathlp.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnsvr.exe
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnhupnp.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnhpast.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnet.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnathlp.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dpwsockx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dpmodemx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dplayx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dplaysvr.exe
2016-10-08 09:03:03 ----SD---- C:\Users\Vendulka\AppData\Roaming\Microsoft
2016-10-08 09:03:02 ----D---- C:\Windows\Tasks
2016-10-08 09:01:36 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-09-20 18:06:24 ----HD---- C:\Program Files\WindowsApps
2016-09-20 18:06:24 ----D---- C:\Windows\AppReadiness
2016-09-20 17:34:32 ----D---- C:\Windows\system32\catroot2
2016-09-20 15:51:52 ----D---- C:\Program Files\Windows Journal
2016-09-20 15:51:51 ----RD---- C:\Windows\ToastData
2016-09-20 15:51:51 ----D---- C:\Windows\system32\CodeIntegrity
2016-09-20 15:51:38 ----D---- C:\Windows\SYSWOW64\wbem
2016-09-20 15:51:38 ----D---- C:\Windows\SYSWOW64\migration
2016-09-20 15:51:35 ----D---- C:\Windows\system32\wbem
2016-09-20 15:51:35 ----D---- C:\Windows\system32\migration
2016-09-20 15:51:32 ----D---- C:\Windows\apppatch
2016-09-20 15:51:28 ----D---- C:\Windows\system32\DriverStore
2016-09-20 15:50:29 ----D---- C:\Windows\system32\MRT
2016-09-20 15:44:12 ----AC---- C:\Windows\system32\MRT.exe
2016-09-20 15:36:55 ----D---- C:\Windows\system32\Macromed
2016-09-20 15:36:51 ----D---- C:\Windows\SYSWOW64\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-12-15 71680]
R3 bcbtums;@oem17.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-13 170712]
R3 BCM43XX;@oem14.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-08-31 7533784]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 clwvd;@oem23.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dptf_acpi;dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [2015-04-02 45648]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-04-02 41552]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-04-02 243792]
R3 igfxLP;igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [2015-03-31 4515768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-03-05 4421464]
R3 IntcDAud;@oem10.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-03-31 460048]
R3 iusb3adp;@oem9.inf,%iusb3adp.SvcDesc%;Adaptivní ovladač hostitelského řadiče Intel(R) USB 3.0; C:\Windows\System32\drivers\iusb3adp.sys [2015-03-27 23824]
R3 iwdbus;@oem13.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2015-03-04 30512]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-01-23 876760]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-03 33448]
R3 SynTP;@oem19.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-03-03 587944]
R3 TXEIx64;@oem8.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-11-24 114976]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-12-15 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwampfl;@oem18.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-08-08 185600]
S3 BtwSerialBus;@oem18.inf,%Bus.SVCDESC%;Broadcom Serial Bus Driver over UART Bus Enumerator; C:\Windows\System32\drivers\BtwSerialBus.sys [2014-04-23 153304]
S3 intaud_WaveExtensible;@oem12.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-03-04 42288]
S3 RSUSBSTOR;@oem16.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-12-23 274648]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-03-03 33448]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-11-21 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-11-21 38792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 esifsvc;@oem7.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-04-02 1332184]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-20 99128]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-02-17 608520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-03-31 342728]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-02-18 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2014-12-10 172320]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2015-01-30 103424]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-03-05 293080]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2016-09-20 592392]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-03-03 220840]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-22 43696]
S2 BcmBtRSupport;@oem17.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-13 2251992]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20 152216]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-20 270016]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-03-31 277704]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20 152216]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2014-10-03 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-18 330240]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-11-21 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-11-21 38792]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC
Instalovalo se dost aktualizací WIN, tak to trvalo.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vendulka at 2016-10-09 20:21:36
Microsoft Windows 8.1
System drive C: has 886 GB (95%) free of 931 GB
Total RAM: 8113 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:21:52, on 9. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vendulka.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [isa] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @oem17.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem7.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8703 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 351367202656
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {25277d1d-afb8-4990-8e75dceb5e225966}
C:\Windows\SysWOW64\esif_uf.exe
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6eaa1689-8318-4bd1-ae57-150800a296c8 -SystemEventPortName:HostProcess-a8cb9c05-e7f6-4844-84e1-d08a1f90f3be -IoCancelEventPortName:HostProcess-54d335da-f3a4-4f9f-b37b-ab7aa9fb9a96 -NonStateChangingEventPortName:HostProcess-b0effcd6-e046-4623-8462-98e8b7f7dd50 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:654ef200-1505-4b52-9c7c-bc2abf571a74 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\Explorer.EXE
taskeng.exe {F6DB2E26-C828-48E4-9094-3DFD9DEF241F}
taskhostex.exe
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3614204832-193348622-607057630-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3614204832-193348622-607057630-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Users\Vendulka\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Vendulka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0x13c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3620.0.656792749\2014188709" --mojo-application-channel-token=FACDEF5C235617D35E45632C0ECE1087 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_15/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x22b1 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4175 --gpu-driver-date=3-19-2015 --mojo-platform-channel-handle=1116 --ignored=" --type=renderer " /prefetch:2
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HPCeeScheduleForVendulka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForVendulka (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-03-05 8458968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-03-03 2871464]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2015-02-17 654088]
"isa"=C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-18 330240]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-10-09 20:20:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-09 19:53:04 ----D---- C:\_OTM
2016-10-09 17:21:25 ----SHD---- C:\Config.Msi
2016-10-09 17:11:01 ----D---- C:\Users\Vendulka\AppData\Roaming\IrfanView
2016-10-09 17:10:56 ----D---- C:\Program Files\IrfanView
2016-10-09 16:57:10 ----D---- C:\AdwCleaner
2016-10-09 16:55:20 ----D---- C:\Program Files\trend micro
2016-10-09 16:55:19 ----D---- C:\rsit
2016-10-08 10:03:03 ----D---- C:\Users\Vendulka\AppData\Roaming\MysteryTag
2016-10-08 10:00:52 ----D---- C:\Spidla
2016-09-20 17:35:43 ----A---- C:\Windows\system32\drivers\srv.sys
2016-09-20 17:35:42 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-09-20 17:35:42 ----A---- C:\Windows\system32\vpnike.dll
2016-09-20 17:35:42 ----A---- C:\Windows\system32\esent.dll
2016-09-20 17:35:41 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2016-09-20 17:35:41 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-09-20 17:35:41 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2016-09-20 17:35:41 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2016-09-20 17:35:41 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\rdpcorets.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\rasapi32.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\ole32.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\mprdim.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\mprddm.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-09-20 17:35:41 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-09-20 17:35:41 ----A---- C:\Windows\system32\drivers\agilevpn.sys
2016-09-20 17:35:41 ----A---- C:\Windows\system32\dnsapi.dll
2016-09-20 17:35:40 ----A---- C:\Windows\SYSWOW64\dssenh.dll
2016-09-20 17:35:40 ----A---- C:\Windows\system32\wpdbusenum.dll
2016-09-20 17:35:40 ----A---- C:\Windows\system32\rasppp.dll
2016-09-20 17:35:40 ----A---- C:\Windows\system32\rasmans.dll
2016-09-20 17:35:40 ----A---- C:\Windows\system32\dssenh.dll
2016-09-20 17:35:40 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-09-20 17:35:39 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2016-09-20 17:35:39 ----A---- C:\Windows\SYSWOW64\rasman.dll
2016-09-20 17:35:39 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\rdpudd.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\rdpclip.exe
2016-09-20 17:35:39 ----A---- C:\Windows\system32\rasman.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\rascustom.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\nshwfp.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\iprtrmgr.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-09-20 17:35:39 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-09-20 17:35:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-20 17:35:35 ----A---- C:\Windows\system32\winresume.exe
2016-09-20 17:35:35 ----A---- C:\Windows\system32\winload.exe
2016-09-20 17:35:35 ----A---- C:\Windows\system32\ntdll.dll
2016-09-20 17:35:35 ----A---- C:\Windows\system32\csrsrv.dll
2016-09-20 17:35:33 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-09-20 17:35:33 ----A---- C:\Windows\system32\win32k.sys
2016-09-20 17:35:33 ----A---- C:\Windows\system32\user32.dll
2016-09-20 17:35:18 ----A---- C:\Windows\system32\TpmTasks.dll
2016-09-20 17:34:53 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-09-20 17:34:53 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-09-20 17:34:53 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-09-20 17:34:53 ----A---- C:\Windows\system32\msv1_0.dll
2016-09-20 17:34:53 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-20 17:34:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-09-20 17:34:53 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-20 17:34:53 ----A---- C:\Windows\system32\drivers\cng.sys
2016-09-20 17:34:53 ----A---- C:\Windows\system32\certcli.dll
2016-09-20 17:34:53 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-09-20 17:34:52 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-09-20 17:34:52 ----A---- C:\Windows\system32\sspicli.dll
2016-09-20 17:34:52 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-09-20 17:34:52 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-09-20 17:34:52 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-09-20 17:34:50 ----A---- C:\Windows\system32\wwanconn.dll
2016-09-20 17:34:50 ----A---- C:\Windows\system32\pnidui.dll
2016-09-20 17:34:49 ----A---- C:\Windows\system32\wwanmm.dll
2016-09-20 15:37:12 ----D---- C:\Program Files (x86)\Google
2016-09-20 15:11:59 ----A---- C:\Windows\system32\sppsvc.exe
2016-09-20 15:11:56 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-09-20 15:11:54 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-09-20 15:11:52 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-09-20 15:11:52 ----A---- C:\Windows\system32\consent.exe
2016-09-20 15:11:51 ----A---- C:\Windows\system32\msi.dll
2016-09-20 15:11:51 ----A---- C:\Windows\system32\appinfo.dll
2016-09-20 15:11:49 ----A---- C:\Windows\system32\shell32.dll
2016-09-20 15:11:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-09-20 15:11:46 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-09-20 15:11:46 ----A---- C:\Windows\system32\authui.dll
2016-09-20 15:11:45 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-09-20 15:11:45 ----A---- C:\Windows\system32\sppobjs.dll
2016-09-20 15:11:44 ----A---- C:\Windows\system32\glcndFilter.dll
2016-09-20 15:11:43 ----A---- C:\Windows\system32\twinui.dll
2016-09-20 15:11:41 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2016-09-20 15:11:41 ----A---- C:\Windows\system32\wuaueng.dll
2016-09-20 15:11:41 ----A---- C:\Windows\system32\crypt32.dll
2016-09-20 15:11:40 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-09-20 15:11:39 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-09-20 15:11:39 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-09-20 15:11:39 ----A---- C:\Windows\system32\CertEnroll.dll
2016-09-20 15:11:38 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\winhttp.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\sppwinob.dll
2016-09-20 15:11:36 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-09-20 15:11:36 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\rpcss.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\KernelBase.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\kerberos.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2016-09-20 15:11:35 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\wuapi.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\webio.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\drivers\rdbss.sys
2016-09-20 15:11:35 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\wucltux.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\tpmvsc.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\netlogon.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\MPSSVC.dll
2016-09-20 15:11:33 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2016-09-20 15:11:33 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\schannel.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\rdpcore.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\drivers\storport.sys
2016-09-20 15:11:33 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-09-20 15:11:33 ----A---- C:\Windows\system32\certutil.exe
2016-09-20 15:11:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-09-20 15:11:32 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2016-09-20 15:11:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-09-20 15:11:31 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\stornvme.sys
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\mup.sys
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\hidusb.sys
2016-09-20 15:11:30 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-09-20 15:11:30 ----A---- C:\Windows\system32\gpresult.exe
2016-09-20 15:11:30 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-09-20 15:11:29 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Geolocation.dll
2016-09-20 15:11:29 ----A---- C:\Windows\system32\LocationApi.dll
2016-09-20 15:11:28 ----A---- C:\Windows\SYSWOW64\cryptxml.dll
2016-09-20 15:11:28 ----A---- C:\Windows\system32\cryptxml.dll
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\UserAccountBroker.exe
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2016-09-20 15:11:27 ----A---- C:\Windows\system32\wuauclt.exe
2016-09-20 15:11:27 ----A---- C:\Windows\system32\WebClnt.dll
2016-09-20 15:11:27 ----A---- C:\Windows\system32\UserAccountBroker.exe
2016-09-20 15:11:27 ----A---- C:\Windows\system32\msiexec.exe
2016-09-20 15:11:26 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-09-20 15:11:26 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\FirewallAPI.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-09-20 15:11:25 ----A---- C:\Windows\system32\wfapigp.dll
2016-09-20 15:11:25 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2016-09-20 15:11:24 ----A---- C:\Windows\system32\hbaapi.dll
2016-09-20 15:11:24 ----A---- C:\Windows\system32\fveapi.dll
2016-09-20 15:11:22 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2016-09-20 15:11:22 ----A---- C:\Windows\system32\bdesvc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\gpresult.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wuwebv.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wudriver.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wuapp.exe
2016-09-20 15:11:21 ----A---- C:\Windows\system32\httpprxp.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\httpprxm.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\fvecpl.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-09-20 15:11:21 ----A---- C:\Windows\system32\certenc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\adhsvc.dll
2016-09-20 14:54:24 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-09-20 14:54:24 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\ws2_32.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\mswsock.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-09-20 14:44:46 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2016-09-20 14:44:46 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2016-09-20 14:44:45 ----A---- C:\Windows\SYSWOW64\msvcp120_clr0400.dll
2016-09-20 14:44:45 ----A---- C:\Windows\system32\msvcp120_clr0400.dll
2016-09-20 14:44:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-09-20 14:44:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-09-20 14:44:34 ----A---- C:\Windows\system32\atmlib.dll
2016-09-20 14:44:34 ----A---- C:\Windows\system32\atmfd.dll
2016-09-20 14:40:52 ----A---- C:\Windows\system32\poqexec.exe
2016-09-20 14:40:51 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-09-20 14:40:40 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-09-20 14:40:40 ----A---- C:\Windows\system32\gdi32.dll
======List of files/folders modified in the last 1 month======
2016-10-09 20:20:32 ----D---- C:\Windows\Temp
2016-10-09 20:20:28 ----D---- C:\Windows\system32\config
2016-10-09 20:20:23 ----D---- C:\Windows\WinSxS
2016-10-09 20:20:19 ----D---- C:\Windows\SysWOW64
2016-10-09 20:15:18 ----RD---- C:\Windows\System32
2016-10-09 20:15:18 ----D---- C:\Windows\SYSWOW64\setup
2016-10-09 20:15:18 ----D---- C:\Windows\system32\setup
2016-10-09 20:15:18 ----D---- C:\Windows\system32\drivers
2016-10-09 20:15:17 ----D---- C:\Windows\Inf
2016-10-09 20:15:12 ----D---- C:\Windows\system32\SecureBootUpdates
2016-10-09 20:15:08 ----D---- C:\Windows\system32\wbem
2016-10-09 20:00:00 ----D---- C:\Windows\system32\sru
2016-10-09 19:56:20 ----D---- C:\Windows\system32\MRT
2016-10-09 19:56:15 ----AC---- C:\Windows\system32\MRT.exe
2016-10-09 19:56:07 ----D---- C:\Windows\Prefetch
2016-10-09 19:54:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-09 19:54:57 ----D---- C:\Windows\system32\cs-CZ
2016-10-09 19:54:47 ----RD---- C:\Program Files
2016-10-09 19:54:47 ----D---- C:\Windows
2016-10-09 19:54:36 ----D---- C:\Windows\CbsTemp
2016-10-09 19:53:44 ----HD---- C:\ProgramData
2016-10-09 19:53:43 ----D---- C:\Windows\system32\Tasks
2016-10-09 19:53:05 ----D---- C:\Windows\Tasks
2016-10-09 17:21:31 ----SHD---- C:\Windows\Installer
2016-10-09 17:21:30 ----RD---- C:\Program Files (x86)
2016-10-09 17:20:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-09 17:20:27 ----SHD---- C:\System Volume Information
2016-10-09 17:13:42 ----D---- C:\ProgramData\McAfee
2016-10-09 17:13:42 ----D---- C:\Program Files\Common Files
2016-10-09 17:13:40 ----D---- C:\Program Files (x86)\McAfee
2016-10-09 17:09:18 ----HD---- C:\Windows\ELAMBKUP
2016-10-09 17:07:49 ----RSD---- C:\Windows\assembly
2016-10-09 17:04:47 ----D---- C:\Program Files (x86)\Opera
2016-10-09 16:51:54 ----D---- C:\Windows\Microsoft.NET
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnhupnp.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnhpast.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnathlp.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnsvr.exe
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnhupnp.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnhpast.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnet.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnathlp.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dpwsockx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dpmodemx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dplayx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dplaysvr.exe
2016-10-08 09:03:03 ----SD---- C:\Users\Vendulka\AppData\Roaming\Microsoft
2016-10-08 09:01:36 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-09-20 18:06:24 ----HD---- C:\Program Files\WindowsApps
2016-09-20 18:06:24 ----D---- C:\Windows\AppReadiness
2016-09-20 17:34:32 ----D---- C:\Windows\system32\catroot2
2016-09-20 15:51:51 ----RD---- C:\Windows\ToastData
2016-09-20 15:51:51 ----D---- C:\Windows\system32\CodeIntegrity
2016-09-20 15:51:38 ----D---- C:\Windows\SYSWOW64\wbem
2016-09-20 15:51:38 ----D---- C:\Windows\SYSWOW64\migration
2016-09-20 15:51:35 ----D---- C:\Windows\system32\migration
2016-09-20 15:51:32 ----D---- C:\Windows\apppatch
2016-09-20 15:51:28 ----D---- C:\Windows\system32\DriverStore
2016-09-20 15:36:55 ----D---- C:\Windows\system32\Macromed
2016-09-20 15:36:51 ----D---- C:\Windows\SYSWOW64\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-12-15 71680]
R3 bcbtums;@oem17.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-13 170712]
R3 BCM43XX;@oem14.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-08-31 7533784]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 clwvd;@oem23.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dptf_acpi;dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [2015-04-02 45648]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-04-02 41552]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-04-02 243792]
R3 igfxLP;igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [2015-03-31 4515768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-03-05 4421464]
R3 IntcDAud;@oem10.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-03-31 460048]
R3 iusb3adp;@oem9.inf,%iusb3adp.SvcDesc%;Adaptivní ovladač hostitelského řadiče Intel(R) USB 3.0; C:\Windows\System32\drivers\iusb3adp.sys [2015-03-27 23824]
R3 iwdbus;@oem13.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2015-03-04 30512]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-01-23 876760]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-03 33448]
R3 SynTP;@oem19.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-03-03 587944]
R3 TXEIx64;@oem8.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-11-24 114976]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-12-15 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwampfl;@oem18.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-08-08 185600]
S3 BtwSerialBus;@oem18.inf,%Bus.SVCDESC%;Broadcom Serial Bus Driver over UART Bus Enumerator; C:\Windows\System32\drivers\BtwSerialBus.sys [2014-04-23 153304]
S3 intaud_WaveExtensible;@oem12.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-03-04 42288]
S3 RSUSBSTOR;@oem16.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-12-23 274648]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-03-03 33448]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-11-21 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-11-21 38792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 esifsvc;@oem7.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-04-02 1332184]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-02-17 608520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-03-31 342728]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-02-18 7680]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2015-01-30 103424]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-03-05 293080]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-03-03 220840]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-22 43696]
S2 BcmBtRSupport;@oem17.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-13 2251992]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20 152216]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-20 99128]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2014-12-10 172320]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-20 270016]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-03-31 277704]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20 152216]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2014-10-03 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-18 330240]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-11-21 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-11-21 38792]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vendulka at 2016-10-09 20:21:36
Microsoft Windows 8.1
System drive C: has 886 GB (95%) free of 931 GB
Total RAM: 8113 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:21:52, on 9. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vendulka.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [isa] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @oem17.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem7.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8703 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 351367202656
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {25277d1d-afb8-4990-8e75dceb5e225966}
C:\Windows\SysWOW64\esif_uf.exe
"c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6eaa1689-8318-4bd1-ae57-150800a296c8 -SystemEventPortName:HostProcess-a8cb9c05-e7f6-4844-84e1-d08a1f90f3be -IoCancelEventPortName:HostProcess-54d335da-f3a4-4f9f-b37b-ab7aa9fb9a96 -NonStateChangingEventPortName:HostProcess-b0effcd6-e046-4623-8462-98e8b7f7dd50 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:654ef200-1505-4b52-9c7c-bc2abf571a74 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\Explorer.EXE
taskeng.exe {F6DB2E26-C828-48E4-9094-3DFD9DEF241F}
taskhostex.exe
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3614204832-193348622-607057630-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3614204832-193348622-607057630-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Users\Vendulka\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Vendulka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0x13c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3620.0.656792749\2014188709" --mojo-application-channel-token=FACDEF5C235617D35E45632C0ECE1087 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_15/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x22b1 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4175 --gpu-driver-date=3-19-2015 --mojo-platform-channel-handle=1116 --ignored=" --type=renderer " /prefetch:2
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HPCeeScheduleForVendulka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForVendulka (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-03-05 8458968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-03-03 2871464]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2015-02-17 654088]
"isa"=C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-18 330240]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-10-09 20:20:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-09 19:53:04 ----D---- C:\_OTM
2016-10-09 17:21:25 ----SHD---- C:\Config.Msi
2016-10-09 17:11:01 ----D---- C:\Users\Vendulka\AppData\Roaming\IrfanView
2016-10-09 17:10:56 ----D---- C:\Program Files\IrfanView
2016-10-09 16:57:10 ----D---- C:\AdwCleaner
2016-10-09 16:55:20 ----D---- C:\Program Files\trend micro
2016-10-09 16:55:19 ----D---- C:\rsit
2016-10-08 10:03:03 ----D---- C:\Users\Vendulka\AppData\Roaming\MysteryTag
2016-10-08 10:00:52 ----D---- C:\Spidla
2016-09-20 17:35:43 ----A---- C:\Windows\system32\drivers\srv.sys
2016-09-20 17:35:42 ----A---- C:\Windows\SYSWOW64\esent.dll
2016-09-20 17:35:42 ----A---- C:\Windows\system32\vpnike.dll
2016-09-20 17:35:42 ----A---- C:\Windows\system32\esent.dll
2016-09-20 17:35:41 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2016-09-20 17:35:41 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-09-20 17:35:41 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2016-09-20 17:35:41 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2016-09-20 17:35:41 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\rdpcorets.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\rasapi32.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\ole32.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\mprdim.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\mprddm.dll
2016-09-20 17:35:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-09-20 17:35:41 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-09-20 17:35:41 ----A---- C:\Windows\system32\drivers\agilevpn.sys
2016-09-20 17:35:41 ----A---- C:\Windows\system32\dnsapi.dll
2016-09-20 17:35:40 ----A---- C:\Windows\SYSWOW64\dssenh.dll
2016-09-20 17:35:40 ----A---- C:\Windows\system32\wpdbusenum.dll
2016-09-20 17:35:40 ----A---- C:\Windows\system32\rasppp.dll
2016-09-20 17:35:40 ----A---- C:\Windows\system32\rasmans.dll
2016-09-20 17:35:40 ----A---- C:\Windows\system32\dssenh.dll
2016-09-20 17:35:40 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-09-20 17:35:39 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2016-09-20 17:35:39 ----A---- C:\Windows\SYSWOW64\rasman.dll
2016-09-20 17:35:39 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\rdpudd.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\rdpclip.exe
2016-09-20 17:35:39 ----A---- C:\Windows\system32\rasman.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\rascustom.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\nshwfp.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\iprtrmgr.dll
2016-09-20 17:35:39 ----A---- C:\Windows\system32\IKEEXT.DLL
2016-09-20 17:35:39 ----A---- C:\Windows\system32\dnsrslvr.dll
2016-09-20 17:35:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-20 17:35:35 ----A---- C:\Windows\system32\winresume.exe
2016-09-20 17:35:35 ----A---- C:\Windows\system32\winload.exe
2016-09-20 17:35:35 ----A---- C:\Windows\system32\ntdll.dll
2016-09-20 17:35:35 ----A---- C:\Windows\system32\csrsrv.dll
2016-09-20 17:35:33 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-09-20 17:35:33 ----A---- C:\Windows\system32\win32k.sys
2016-09-20 17:35:33 ----A---- C:\Windows\system32\user32.dll
2016-09-20 17:35:18 ----A---- C:\Windows\system32\TpmTasks.dll
2016-09-20 17:34:53 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-09-20 17:34:53 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-09-20 17:34:53 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-09-20 17:34:53 ----A---- C:\Windows\system32\msv1_0.dll
2016-09-20 17:34:53 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-20 17:34:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-09-20 17:34:53 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-20 17:34:53 ----A---- C:\Windows\system32\drivers\cng.sys
2016-09-20 17:34:53 ----A---- C:\Windows\system32\certcli.dll
2016-09-20 17:34:53 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-09-20 17:34:52 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-09-20 17:34:52 ----A---- C:\Windows\system32\sspicli.dll
2016-09-20 17:34:52 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-09-20 17:34:52 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-09-20 17:34:52 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-09-20 17:34:50 ----A---- C:\Windows\system32\wwanconn.dll
2016-09-20 17:34:50 ----A---- C:\Windows\system32\pnidui.dll
2016-09-20 17:34:49 ----A---- C:\Windows\system32\wwanmm.dll
2016-09-20 15:37:12 ----D---- C:\Program Files (x86)\Google
2016-09-20 15:11:59 ----A---- C:\Windows\system32\sppsvc.exe
2016-09-20 15:11:56 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-09-20 15:11:54 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-09-20 15:11:52 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-09-20 15:11:52 ----A---- C:\Windows\system32\consent.exe
2016-09-20 15:11:51 ----A---- C:\Windows\system32\msi.dll
2016-09-20 15:11:51 ----A---- C:\Windows\system32\appinfo.dll
2016-09-20 15:11:49 ----A---- C:\Windows\system32\shell32.dll
2016-09-20 15:11:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-09-20 15:11:46 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-09-20 15:11:46 ----A---- C:\Windows\system32\authui.dll
2016-09-20 15:11:45 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-09-20 15:11:45 ----A---- C:\Windows\system32\sppobjs.dll
2016-09-20 15:11:44 ----A---- C:\Windows\system32\glcndFilter.dll
2016-09-20 15:11:43 ----A---- C:\Windows\system32\twinui.dll
2016-09-20 15:11:41 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2016-09-20 15:11:41 ----A---- C:\Windows\system32\wuaueng.dll
2016-09-20 15:11:41 ----A---- C:\Windows\system32\crypt32.dll
2016-09-20 15:11:40 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-09-20 15:11:39 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-09-20 15:11:39 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-09-20 15:11:39 ----A---- C:\Windows\system32\CertEnroll.dll
2016-09-20 15:11:38 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\winhttp.dll
2016-09-20 15:11:37 ----A---- C:\Windows\system32\sppwinob.dll
2016-09-20 15:11:36 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-09-20 15:11:36 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\rpcss.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\KernelBase.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\kerberos.dll
2016-09-20 15:11:36 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2016-09-20 15:11:35 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\wuapi.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\webio.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\iphlpsvc.dll
2016-09-20 15:11:35 ----A---- C:\Windows\system32\drivers\rdbss.sys
2016-09-20 15:11:35 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-09-20 15:11:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\wucltux.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\tpmvsc.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\netlogon.dll
2016-09-20 15:11:34 ----A---- C:\Windows\system32\MPSSVC.dll
2016-09-20 15:11:33 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2016-09-20 15:11:33 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\schannel.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\rdpcore.dll
2016-09-20 15:11:33 ----A---- C:\Windows\system32\drivers\storport.sys
2016-09-20 15:11:33 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-09-20 15:11:33 ----A---- C:\Windows\system32\certutil.exe
2016-09-20 15:11:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-09-20 15:11:32 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2016-09-20 15:11:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-09-20 15:11:31 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\stornvme.sys
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\mup.sys
2016-09-20 15:11:31 ----A---- C:\Windows\system32\drivers\hidusb.sys
2016-09-20 15:11:30 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-09-20 15:11:30 ----A---- C:\Windows\system32\gpresult.exe
2016-09-20 15:11:30 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-09-20 15:11:29 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Geolocation.dll
2016-09-20 15:11:29 ----A---- C:\Windows\system32\LocationApi.dll
2016-09-20 15:11:28 ----A---- C:\Windows\SYSWOW64\cryptxml.dll
2016-09-20 15:11:28 ----A---- C:\Windows\system32\cryptxml.dll
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\UserAccountBroker.exe
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-09-20 15:11:27 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2016-09-20 15:11:27 ----A---- C:\Windows\system32\wuauclt.exe
2016-09-20 15:11:27 ----A---- C:\Windows\system32\WebClnt.dll
2016-09-20 15:11:27 ----A---- C:\Windows\system32\UserAccountBroker.exe
2016-09-20 15:11:27 ----A---- C:\Windows\system32\msiexec.exe
2016-09-20 15:11:26 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-09-20 15:11:26 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\FirewallAPI.dll
2016-09-20 15:11:26 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2016-09-20 15:11:25 ----A---- C:\Windows\system32\wfapigp.dll
2016-09-20 15:11:25 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2016-09-20 15:11:24 ----A---- C:\Windows\system32\hbaapi.dll
2016-09-20 15:11:24 ----A---- C:\Windows\system32\fveapi.dll
2016-09-20 15:11:22 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2016-09-20 15:11:22 ----A---- C:\Windows\system32\bdesvc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\gpresult.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\certutil.exe
2016-09-20 15:11:21 ----A---- C:\Windows\SYSWOW64\certenc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wuwebv.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wudriver.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\wuapp.exe
2016-09-20 15:11:21 ----A---- C:\Windows\system32\httpprxp.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\httpprxm.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\fvecpl.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\drivers\hidparse.sys
2016-09-20 15:11:21 ----A---- C:\Windows\system32\certenc.dll
2016-09-20 15:11:21 ----A---- C:\Windows\system32\adhsvc.dll
2016-09-20 14:54:24 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-09-20 14:54:24 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\ws2_32.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\mswsock.dll
2016-09-20 14:54:24 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-09-20 14:44:46 ----A---- C:\Windows\SYSWOW64\msvcr120_clr0400.dll
2016-09-20 14:44:46 ----A---- C:\Windows\system32\msvcr120_clr0400.dll
2016-09-20 14:44:45 ----A---- C:\Windows\SYSWOW64\msvcp120_clr0400.dll
2016-09-20 14:44:45 ----A---- C:\Windows\system32\msvcp120_clr0400.dll
2016-09-20 14:44:34 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-09-20 14:44:34 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-09-20 14:44:34 ----A---- C:\Windows\system32\atmlib.dll
2016-09-20 14:44:34 ----A---- C:\Windows\system32\atmfd.dll
2016-09-20 14:40:52 ----A---- C:\Windows\system32\poqexec.exe
2016-09-20 14:40:51 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-09-20 14:40:40 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-09-20 14:40:40 ----A---- C:\Windows\system32\gdi32.dll
======List of files/folders modified in the last 1 month======
2016-10-09 20:20:32 ----D---- C:\Windows\Temp
2016-10-09 20:20:28 ----D---- C:\Windows\system32\config
2016-10-09 20:20:23 ----D---- C:\Windows\WinSxS
2016-10-09 20:20:19 ----D---- C:\Windows\SysWOW64
2016-10-09 20:15:18 ----RD---- C:\Windows\System32
2016-10-09 20:15:18 ----D---- C:\Windows\SYSWOW64\setup
2016-10-09 20:15:18 ----D---- C:\Windows\system32\setup
2016-10-09 20:15:18 ----D---- C:\Windows\system32\drivers
2016-10-09 20:15:17 ----D---- C:\Windows\Inf
2016-10-09 20:15:12 ----D---- C:\Windows\system32\SecureBootUpdates
2016-10-09 20:15:08 ----D---- C:\Windows\system32\wbem
2016-10-09 20:00:00 ----D---- C:\Windows\system32\sru
2016-10-09 19:56:20 ----D---- C:\Windows\system32\MRT
2016-10-09 19:56:15 ----AC---- C:\Windows\system32\MRT.exe
2016-10-09 19:56:07 ----D---- C:\Windows\Prefetch
2016-10-09 19:54:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-09 19:54:57 ----D---- C:\Windows\system32\cs-CZ
2016-10-09 19:54:47 ----RD---- C:\Program Files
2016-10-09 19:54:47 ----D---- C:\Windows
2016-10-09 19:54:36 ----D---- C:\Windows\CbsTemp
2016-10-09 19:53:44 ----HD---- C:\ProgramData
2016-10-09 19:53:43 ----D---- C:\Windows\system32\Tasks
2016-10-09 19:53:05 ----D---- C:\Windows\Tasks
2016-10-09 17:21:31 ----SHD---- C:\Windows\Installer
2016-10-09 17:21:30 ----RD---- C:\Program Files (x86)
2016-10-09 17:20:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-09 17:20:27 ----SHD---- C:\System Volume Information
2016-10-09 17:13:42 ----D---- C:\ProgramData\McAfee
2016-10-09 17:13:42 ----D---- C:\Program Files\Common Files
2016-10-09 17:13:40 ----D---- C:\Program Files (x86)\McAfee
2016-10-09 17:09:18 ----HD---- C:\Windows\ELAMBKUP
2016-10-09 17:07:49 ----RSD---- C:\Windows\assembly
2016-10-09 17:04:47 ----D---- C:\Program Files (x86)\Opera
2016-10-09 16:51:54 ----D---- C:\Windows\Microsoft.NET
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnhupnp.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnhpast.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-10-08 09:53:20 ----A---- C:\Windows\SYSWOW64\dpnathlp.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnsvr.exe
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnhupnp.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnhpast.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnet.dll
2016-10-08 09:53:19 ----A---- C:\Windows\system32\dpnathlp.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dpwsockx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dpmodemx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dplayx.dll
2016-10-08 09:53:17 ----A---- C:\Windows\SYSWOW64\dplaysvr.exe
2016-10-08 09:03:03 ----SD---- C:\Users\Vendulka\AppData\Roaming\Microsoft
2016-10-08 09:01:36 ----D---- C:\Program Files (x86)\Hewlett-Packard
2016-09-20 18:06:24 ----HD---- C:\Program Files\WindowsApps
2016-09-20 18:06:24 ----D---- C:\Windows\AppReadiness
2016-09-20 17:34:32 ----D---- C:\Windows\system32\catroot2
2016-09-20 15:51:51 ----RD---- C:\Windows\ToastData
2016-09-20 15:51:51 ----D---- C:\Windows\system32\CodeIntegrity
2016-09-20 15:51:38 ----D---- C:\Windows\SYSWOW64\wbem
2016-09-20 15:51:38 ----D---- C:\Windows\SYSWOW64\migration
2016-09-20 15:51:35 ----D---- C:\Windows\system32\migration
2016-09-20 15:51:32 ----D---- C:\Windows\apppatch
2016-09-20 15:51:28 ----D---- C:\Windows\system32\DriverStore
2016-09-20 15:36:55 ----D---- C:\Windows\system32\Macromed
2016-09-20 15:36:51 ----D---- C:\Windows\SYSWOW64\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-12-15 71680]
R3 bcbtums;@oem17.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-13 170712]
R3 BCM43XX;@oem14.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-08-31 7533784]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 clwvd;@oem23.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 dptf_acpi;dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [2015-04-02 45648]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-04-02 41552]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-04-02 243792]
R3 igfxLP;igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [2015-03-31 4515768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-03-05 4421464]
R3 IntcDAud;@oem10.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-03-31 460048]
R3 iusb3adp;@oem9.inf,%iusb3adp.SvcDesc%;Adaptivní ovladač hostitelského řadiče Intel(R) USB 3.0; C:\Windows\System32\drivers\iusb3adp.sys [2015-03-27 23824]
R3 iwdbus;@oem13.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2015-03-04 30512]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-01-23 876760]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-03 33448]
R3 SynTP;@oem19.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-03-03 587944]
R3 TXEIx64;@oem8.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-11-24 114976]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-12-15 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwampfl;@oem18.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-08-08 185600]
S3 BtwSerialBus;@oem18.inf,%Bus.SVCDESC%;Broadcom Serial Bus Driver over UART Bus Enumerator; C:\Windows\System32\drivers\BtwSerialBus.sys [2014-04-23 153304]
S3 intaud_WaveExtensible;@oem12.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-03-04 42288]
S3 RSUSBSTOR;@oem16.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-12-23 274648]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-03-03 33448]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-11-21 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-11-21 38792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 esifsvc;@oem7.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-04-02 1332184]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-02-17 608520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-03-31 342728]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-02-18 7680]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2015-01-30 103424]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-03-05 293080]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-03-03 220840]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-22 43696]
S2 BcmBtRSupport;@oem17.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-13 2251992]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20 152216]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-20 99128]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2014-12-10 172320]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-20 270016]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-03-31 277704]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20 152216]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2014-10-03 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-18 330240]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-11-21 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-11-21 38792]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC
Lepší to je určitě, ale asi ten procesor, co tam bude je tak špatný, že ani tam RAM to nezachrání. Na to, že je to PC jen na WEB a kancelařinu.
Každopádně jsem to dnes předal a díky za pomoc
Každopádně jsem to dnes předal a díky za pomoc
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC
Nemáte zač! Pouhé prohlížení fotek lze i na kancelářském PC. Horší by to bylo při jejich úpravě. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?