VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosim kontrolu logu - HDD stale na 100%

https://forum.viry.cz:443/viewtopic.php?t=153403

Stránka 1 z 1

Prosim kontrolu logu - HDD stale na 100%

Napsal: 16 pro 2017 23:26
od tomi8
Dobry den, prosim o kontrolu logu, HDD ide stale na 100%. RAM a Procesor OK.
(WIN10, Intel Pentium CPU P6200, 2,13GHZ, 4GB RAM, Intel HD Graphics).
Dakujem.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Stefi at 2017-12-16 23:22:37
Microsoft Windows 10 Home
System drive C: has 150 GB (33%) free of 458 GB
Total RAM: 3767 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:22:46, on 16. 12. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Cyberlink\Power2Go9\Power2GoExpress9.exe
C:\Users\Stefi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Cyberlink\Power2Go9\CLMLSvc_P2G9.exe
C:\Program Files (x86)\Panasonic\Device Monitor\DMWakeup.exe
C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe
C:\Program Files\trend micro\Stefi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.sk/?gws_rd=ssl#spf=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - (no file)
F2 - REG:system.ini: UserInit=
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G9] "C:\Program Files (x86)\Cyberlink\Power2Go9\CLMLSvc_P2G9.exe"
O4 - HKLM\..\Run: [Panasonic Device Monitor Wakeup] C:\Program Files (x86)\Panasonic\Device Monitor\dmwakeup.exe
O4 - HKLM\..\Run: [Panasonic Device Manager for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe
O4 - HKLM\..\Run: [Panasonic PCFAX for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe -1
O4 - HKCU\..\Run: [Power2GoExpress9] "C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe" /Startup
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Stefi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'DefaultAppPool')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'DefaultAppPool')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Panasonic Local Printer Service - Panasonic System Networks Co., Ltd. - C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe
O23 - Service: Panasonic Trap Monitor Service - Panasonic - C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14065 bytes

======Listing Processes======









c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
winlogon.exe
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
dashost.exe {0d3b5c67-cbfa-4ffe-b1a04f850eed6595}
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
C:\Windows\System32\svchost.exe -k HPZ12
c:\windows\system32\svchost.exe -k iissvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\Windows\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe
C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe

c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer

c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
"c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe" -netmsmqactivator
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\inetsrv\w3wp.exe -ap "DefaultAppPool" -v "v4.0" -l "webengine4.dll" -a \\.\pipe\iisipmdcd66a6d-d896-46d2-900c-eb2bf0d823fc -h "C:\inetpub\temp\apppools\DefaultAppPool\DefaultAppPool.config" -w "" -m 0 -t 20 -ta 0
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\WINDOWS\System32\Taskmgr.exe" /3
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\Cyberlink\Power2Go9\Power2GoExpress9.exe" /Startup
C:\WINDOWS\system32\igfxext.exe -Embedding
C:\WINDOWS\system32\igfxsrvc.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Users\Stefi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
AvastUI.exe /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Cyberlink\Power2Go9\CLMLSvc_P2G9.exe"
"C:\Program Files (x86)\Panasonic\Device Monitor\DMWakeup.exe"
"C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
c:\windows\system32\svchost.exe -k netsvcs -s seclogon
C:\Windows\System32\InstallAgent.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\CCleaner\CCleaner64.exe"
C:\WINDOWS\system32\msiexec.exe /V
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{BB95B1E2-AB1E-4D23-AD6F-FC8705AC0009}
{15411449-11F7-4CF3-8FCE-A763AA5A78C6}
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:20
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

"C:\Users\Stefi\Downloads\RSITx64.exe"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 692 696 704 8192 700

=========Mozilla firefox=========

ProfilePath - C:\Users\Stefi\AppData\Roaming\Mozilla\Firefox\Profiles\esmni97s.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://search.yahoo.com/yhs/web?hspart ... 1214__yaff"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.126 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.126 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


C:\Users\Stefi\AppData\Roaming\Mozilla\Firefox\Profiles\esmni97s.default\extensions\
deskCutv2@gmail.com
toolbar@ask.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-06-30 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-06-30 241352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-06-30 294400]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-06-30 241352]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2012-11-26 168480]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2012-11-26 393760]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2012-11-26 418336]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-18 11779176]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-11-18 253344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress9"=C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe [2014-08-11 2397448]
"OneDrive"=C:\Users\Stefi\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-12-09 1551048]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-12-13 10249048]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-01 1155928]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2012-02-15 688184]
"CLMLServer_For_P2G9"=C:\Program Files (x86)\Cyberlink\Power2Go9\CLMLSvc_P2G9.exe [2014-08-11 110344]
"Panasonic Device Monitor Wakeup"=C:\Program Files (x86)\Panasonic\Device Monitor\dmwakeup.exe [2010-01-09 413696]
"Panasonic Device Manager for Multi-Function Station software"=C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe [2011-03-17 139264]
"Panasonic PCFAX for Multi-Function Station software"=C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe [2011-03-08 811008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2012-11-26 390144]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-12-16 23:22:38 ----D---- C:\Program Files\trend micro
2017-12-16 23:22:37 ----D---- C:\rsit
2017-12-16 23:05:42 ----D---- C:\ProgramData\SWCUTemp
2017-12-16 22:23:33 ----D---- C:\Program Files\CCleaner
2017-12-15 22:55:20 ----D---- C:\AdwCleaner
2017-12-15 08:45:47 ----A---- C:\WINDOWS\system32\drivers\staport.sys
2017-12-14 22:34:15 ----D---- C:\Program Files (x86)\Free MKV Player
2017-12-14 22:33:16 ----D---- C:\ProgramData\Application Data
2017-12-14 22:33:03 ----D---- C:\Users\Stefi\AppData\Roaming\Lavasoft
2017-12-14 22:32:55 ----D---- C:\Program Files (x86)\Lavasoft
2017-12-12 22:54:46 ----HD---- C:\$WINDOWS.~BT
2017-12-07 08:38:23 ----D---- C:\Program Files\Common Files\Avast Software
2017-12-03 22:21:47 ----D---- C:\MATS
2017-11-18 08:50:23 ----A---- C:\WINDOWS\system32\drivers\aswArPot.sys
2017-11-18 08:49:21 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2017-12-16 23:22:47 ----D---- C:\WINDOWS\Temp
2017-12-16 23:22:38 ----RD---- C:\Program Files
2017-12-16 23:22:30 ----D---- C:\WINDOWS\Prefetch
2017-12-16 23:21:31 ----HD---- C:\ProgramData
2017-12-16 23:21:31 ----AD---- C:\WINDOWS\SysWOW64
2017-12-16 23:21:29 ----D---- C:\Program Files (x86)\Common Files
2017-12-16 23:21:16 ----AD---- C:\Program Files (x86)\AVerMedia
2017-12-16 23:21:12 ----SHD---- C:\WINDOWS\Installer
2017-12-16 23:21:11 ----D---- C:\Config.Msi
2017-12-16 23:18:36 ----D---- C:\WINDOWS\AppReadiness
2017-12-16 23:15:51 ----D---- C:\WINDOWS\system32\DriverStore
2017-12-16 23:15:50 ----D---- C:\WINDOWS\INF
2017-12-16 23:15:02 ----HD---- C:\Program Files\WindowsApps
2017-12-16 23:14:55 ----RD---- C:\Program Files (x86)
2017-12-16 23:13:15 ----SHD---- C:\System Volume Information
2017-12-16 23:11:53 ----AD---- C:\Program Files (x86)\Nokia
2017-12-16 23:11:19 ----D---- C:\Users\Stefi\AppData\Roaming\Nokia
2017-12-16 23:08:35 ----D---- C:\Windows
2017-12-16 23:03:42 ----D---- C:\WINDOWS\system32\sru
2017-12-16 23:03:20 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-12-16 23:03:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-16 23:03:00 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-12-16 22:44:25 ----DC---- C:\WINDOWS\Panther
2017-12-16 22:44:25 ----D---- C:\WINDOWS\ModemLogs
2017-12-16 22:44:24 ----D---- C:\WINDOWS\LiveKernelReports
2017-12-16 22:44:24 ----D---- C:\WINDOWS\debug
2017-12-16 22:35:27 ----D---- C:\WINDOWS\CbsTemp
2017-12-16 22:34:36 ----D---- C:\WINDOWS\system32\drivers
2017-12-16 22:23:38 ----D---- C:\WINDOWS\system32\Tasks
2017-12-16 22:22:09 ----D---- C:\Users\Stefi\AppData\Roaming\Mozilla
2017-12-16 22:21:50 ----A---- C:\WINDOWS\wininit.ini
2017-12-16 22:10:36 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2017-12-16 22:10:15 ----D---- C:\ProgramData\Lavasoft
2017-12-16 22:01:11 ----AD---- C:\Program Files (x86)\K-Lite Codec Pack
2017-12-15 08:44:47 ----D---- C:\WINDOWS\System32
2017-12-15 08:44:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-14 22:33:31 ----RSD---- C:\WINDOWS\assembly
2017-12-14 22:29:10 ----D---- C:\WINDOWS\Tasks
2017-12-14 22:17:30 ----D---- C:\Users\Stefi\AppData\Roaming\vlc
2017-12-14 19:33:45 ----D---- C:\WINDOWS\system32\SleepStudy
2017-12-14 19:29:36 ----D---- C:\WINDOWS\WinSxS
2017-12-14 18:58:50 ----RD---- C:\WINDOWS\Microsoft.NET
2017-12-14 18:44:45 ----D---- C:\WINDOWS\system32\MRT
2017-12-14 08:59:26 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-14 08:59:12 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-12-14 08:58:52 ----D---- C:\ProgramData\Microsoft Help
2017-12-12 22:21:59 ----D---- C:\WINDOWS\Logs
2017-12-12 22:14:58 ----D---- C:\WINDOWS\system32\Macromed
2017-12-12 22:14:55 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-12-12 22:14:54 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2017-12-09 14:32:50 ----D---- C:\WINDOWS\system32\config
2017-12-07 08:38:23 ----D---- C:\Program Files\Common Files
2017-12-03 22:21:47 ----AD---- C:\Program Files (x86)\EgisTec Shredder
2017-11-30 22:03:59 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-11-23 10:01:50 ----D---- C:\WINDOWS\system32\catroot2
2017-11-20 08:55:43 ----D---- C:\WINDOWS\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-11-18 198968]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-11-18 343288]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-11-18 57728]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-11-18 84416]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-11-18 364464]
R0 iaStor;@oem14.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\WINDOWS\System32\drivers\iaStor.sys [2010-04-13 540696]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2017-11-18 183584]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-11-18 321032]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-11-18 110376]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-11-18 1026232]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-11-18 455376]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2011-07-20 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2011-07-20 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-20 62776]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-11-18 148288]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-11-18 203976]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-03-18 79872]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2017-03-18 4233728]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 CLVirtualBus01;@oem50.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-03-12 96008]
R3 ETD;@oem32.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 HECIx64;@oem35.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\WINDOWS\System32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-11-26 12311776]
R3 Impcd;Impcd; C:\WINDOWS\System32\drivers\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2011-02-22 2750312]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\System32\drivers\k57nd60a.sys [2017-03-18 446464]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2017-09-04 177664]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-11-18 47008]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 HPFXBULK;HPFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [2007-07-16 20504]
S3 HPFXFAX;HPFXFAX; C:\WINDOWS\system32\drivers\hpfx64fax.sys [2007-07-16 23064]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 RSUSBSTOR;@oem78.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2010-09-22 243712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-11-18 281416]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_316ee;CDPUserSvc_316ee; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CodeMeter.exe;CodeMeter Runtime Server; C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2012-12-03 2571704]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2017-09-04 26112]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2017-03-18 47664]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-01 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 OneSyncSvc_316ee;OneSyncSvc_316ee; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 Panasonic Local Printer Service;Panasonic Local Printer Service; C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe [2010-01-09 49152]
R2 Panasonic Trap Monitor Service;Panasonic Trap Monitor Service; C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe [2004-02-26 69632]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-02-15 459832]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-11-18 7549928]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-11-30 718888]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_316ee;DevicesFlowUserSvc_316ee; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-08-23 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-11-29 194032]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_316ee;MessagingService_316ee; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-12-16 194000]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc_316ee;PimIndexMaintenanceSvc_316ee; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-18 52920]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]

-----------------EOF-----------------

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 17 pro 2017 11:13
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 17 pro 2017 16:57
od tomi8
vdaka za odpoved, tu je log:

# AdwCleaner 7.0.5.0 - Logfile created on Sun Dec 17 15:56:35 2017
# Updated on 2017/29/11 by Malwarebytes
# Database: 12-15-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
PUP.Optional.MindSpark.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}


***** [ Firefox (and derivatives) ] *****

PUP.Optional.Legacy, Plugin found: Ask Toolbar - Ask.com


***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [19099 B] - [2017/12/16 21:10:56]
C:/AdwCleaner/AdwCleaner[S0].txt - [21369 B] - [2017/12/16 21:8:11]
C:/AdwCleaner/AdwCleaner[S1].txt - [1284 B] - [2017/12/17 15:53:34]


########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 17 pro 2017 18:22
od Rudy
Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 17 pro 2017 19:12
od tomi8
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017
Ran by Stefi (administrator) on STEFI-PC (17-12-2017 19:08:01)
Running from C:\Users\Stefi\Desktop
Loaded Profiles: Stefi & DefaultAppPool (Available Profiles: Stefi & DefaultAppPool)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Panasonic) C:\Program Files (x86)\Panasonic\TrapMonitor\Trapmnnt.exe
(Panasonic System Networks Co., Ltd.) C:\Program Files (x86)\Panasonic\LocalCom\LMSRVNT.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\Power2Go9\CLMLSvc_P2G9.exe
(Panasonic System Networks Co., Ltd.) C:\Program Files (x86)\Panasonic\Device Monitor\DMWakeup.exe
(Panasonic System Networks Co., Ltd. ) C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.12111.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-18] (AVAST Software)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [688184 2012-02-15] (Sony Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G9] => C:\Program Files (x86)\Cyberlink\Power2Go9\CLMLSvc_P2G9.exe [110344 2014-08-11] (CyberLink)
HKLM-x32\...\Run: [Panasonic Device Monitor Wakeup] => C:\Program Files (x86)\Panasonic\Device Monitor\dmwakeup.exe [413696 2010-01-09] (Panasonic System Networks Co., Ltd.)
HKLM-x32\...\Run: [Panasonic Device Manager for Multi-Function Station software] => C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe [139264 2011-03-17] (Panasonic System Networks Co., Ltd. )
HKLM-x32\...\Run: [Panasonic PCFAX for Multi-Function Station software] => C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe [811008 2011-03-08] (Panasonic System Networks Co., Ltd. )
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-20007476-2895584855-1217097544-1000\...\Run: [Power2GoExpress9] => C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe [2397448 2014-08-11] (CyberLink Corp.)
HKU\S-1-5-21-20007476-2895584855-1217097544-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-13] (Piriform Ltd)
HKU\S-1-5-21-20007476-2895584855-1217097544-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [804352 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{698b6fcd-8b89-444c-8419-80c4899dad97}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8b41cf5d-9847-4cfe-a770-6d89861890d8}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about&#058;Tabs
HKU\S-1-5-21-20007476-2895584855-1217097544-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.sk/?gws_rd=ssl#spf=1
HKU\S-1-5-21-20007476-2895584855-1217097544-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-20007476-2895584855-1217097544-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-20007476-2895584855-1217097544-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-20007476-2895584855-1217097544-1000 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-20007476-2895584855-1217097544-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
SearchScopes: HKU\S-1-5-21-20007476-2895584855-1217097544-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10181_1345_171214__yaie&p={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-23] (Sun Microsystems, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Stefi\AppData\Roaming\Mozilla\Firefox\Profiles\esmni97s.default [2017-12-17]
FF Homepage: Mozilla\Firefox\Profiles\esmni97s.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10181_1345_171214__yaff
FF NewTab: Mozilla\Firefox\Profiles\esmni97s.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10181_1345_171214__yaff
FF Extension: (Ask Toolbar) - C:\Users\Stefi\AppData\Roaming\Mozilla\Firefox\Profiles\esmni97s.default\Extensions\toolbar@ask.com [2012-12-12] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-08-02] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2011-12-02] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js [2017-12-14] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\dsengine.cfg [2017-12-14] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default [2017-12-17]
CHR Extension: (Dokumenty) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-02]
CHR Extension: (Disk Google) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-18]
CHR Extension: (YouTube) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Google Search) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Avast SafePrice) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-12-16]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-08]
CHR Extension: (IE Tab) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-11-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-02]
CHR Extension: (Gmail) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\Stefi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-18] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-18] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 Panasonic Local Printer Service; C:\Program Files (x86)\Panasonic\LocalCom\LMSRVNT.EXE [49152 2010-01-09] (Panasonic System Networks Co., Ltd.) [File not signed]
R2 Panasonic Trap Monitor Service; C:\Program Files (x86)\Panasonic\TrapMonitor\Trapmnnt.exe [69632 2004-02-26] (Panasonic) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-18] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-18] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-18] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-18] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-18] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-18] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-18] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-18] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-18] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-11-18] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-18] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-18] (AVAST Software)
R3 CLVirtualBus01; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [96008 2014-03-12] (CyberLink)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-12-17] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-12-17] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-12-17] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-12-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-12-17] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-12-17] (Malwarebytes)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-17 19:08 - 2017-12-17 19:08 - 000023830 _____ C:\Users\Stefi\Desktop\FRST.txt
2017-12-17 19:07 - 2017-12-17 19:03 - 002392064 _____ (Farbar) C:\Users\Stefi\Desktop\FRST64.exe
2017-12-17 19:05 - 2017-12-17 19:06 - 000023832 _____ C:\Users\Stefi\Downloads\FRST.txt
2017-12-17 19:04 - 2017-12-17 19:05 - 000000000 ____D C:\FRST
2017-12-17 19:03 - 2017-12-17 19:03 - 002392064 _____ (Farbar) C:\Users\Stefi\Downloads\FRST64.exe
2017-12-17 16:51 - 2017-12-17 16:50 - 008187336 _____ (Malwarebytes) C:\Users\Stefi\Desktop\adwcleaner_7.0.5.0 (1).exe
2017-12-17 16:50 - 2017-12-17 16:50 - 008187336 _____ (Malwarebytes) C:\Users\Stefi\Downloads\adwcleaner_7.0.5.0 (1).exe
2017-12-17 08:33 - 2017-12-17 08:33 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-12-17 08:31 - 2017-12-17 08:31 - 000000000 ____H C:\ProgramData\cm-lock
2017-12-17 08:27 - 2017-12-17 08:27 - 000025238 _____ C:\Users\Stefi\Desktop\malwresult.txt
2017-12-17 00:23 - 2017-12-17 18:16 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-12-17 00:22 - 2017-12-17 18:16 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-12-17 00:22 - 2017-12-17 18:16 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-12-17 00:22 - 2017-12-17 18:15 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-12-17 00:22 - 2017-12-17 08:36 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-12-17 00:07 - 2017-12-17 08:36 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-12-16 23:57 - 2017-12-17 00:07 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-16 23:57 - 2017-12-17 00:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-16 23:57 - 2017-12-16 23:57 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-16 23:56 - 2017-12-16 23:56 - 000000000 ____D C:\ProgramData\MB2Migration
2017-12-16 23:42 - 2017-12-16 23:42 - 000000000 ___RD C:\Users\Stefi\3D Objects
2017-12-16 23:32 - 2017-12-16 23:33 - 083316440 _____ (Malwarebytes ) C:\Users\Stefi\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
2017-12-16 23:22 - 2017-12-16 23:23 - 000000000 ____D C:\rsit
2017-12-16 23:22 - 2017-12-16 23:22 - 000000000 ____D C:\Program Files\trend micro
2017-12-16 23:20 - 2017-12-16 23:20 - 001222144 _____ C:\Users\Stefi\Downloads\RSITx64.exe
2017-12-16 22:58 - 2017-12-16 22:59 - 000687568 _____ C:\Users\Stefi\Desktop\cc_20171216_225852.reg
2017-12-16 22:23 - 2017-12-16 22:23 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-12-16 22:23 - 2017-12-16 22:23 - 000002856 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-12-16 22:23 - 2017-12-16 22:23 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-12-16 22:23 - 2017-12-16 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-16 22:23 - 2017-12-16 22:23 - 000000000 ____D C:\Program Files\CCleaner
2017-12-16 22:03 - 2017-12-16 22:03 - 011201632 _____ (Piriform Ltd) C:\Users\Stefi\Downloads\ccsetup538.exe
2017-12-15 22:55 - 2017-12-17 16:56 - 000000000 ____D C:\AdwCleaner
2017-12-15 22:55 - 2017-12-15 22:55 - 008187336 _____ (Malwarebytes) C:\Users\Stefi\Downloads\adwcleaner_7.0.5.0.exe
2017-12-15 22:30 - 2017-12-15 22:30 - 009694960 _____ (Crawler Group ) C:\Users\Stefi\Downloads\SpywareTerminatorSetup.exe
2017-12-15 08:45 - 2017-12-15 08:45 - 000045704 _____ () C:\WINDOWS\system32\Drivers\staport.sys
2017-12-14 22:34 - 2017-12-14 22:34 - 000001278 _____ C:\Users\Public\Desktop\Free MKV Player.lnk
2017-12-14 22:34 - 2017-12-14 22:34 - 000000000 ____D C:\Program Files (x86)\Free MKV Player
2017-12-14 22:33 - 2017-12-16 22:10 - 000000000 ____D C:\Users\Stefi\AppData\Roaming\Lavasoft
2017-12-14 22:33 - 2017-12-16 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-12-14 22:33 - 2017-12-14 22:33 - 000000000 ____D C:\Users\Stefi\AppData\Local\Lavasoft
2017-12-14 22:32 - 2017-12-16 22:10 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2017-12-14 22:28 - 2017-12-14 22:28 - 047710331 _____ (Free MKV Player) C:\Users\Stefi\Downloads\mkvplayer_setup.exe
2017-12-12 22:54 - 2017-12-12 22:55 - 000000000 ___HD C:\$WINDOWS.~BT
2017-12-09 22:13 - 2017-12-09 22:17 - 000000000 ____D C:\Users\Stefi\Desktop\jakub školka 2.tr
2017-12-09 17:48 - 2017-12-09 17:48 - 000000000 ____D C:\Users\Stefi\AppData\Local\{0ED45BDA-09C4-4819-881F-ABC10718B8DA}
2017-12-07 08:38 - 2017-12-07 08:38 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-12-03 22:21 - 2017-12-03 22:21 - 000000000 ____D C:\MATS
2017-12-03 22:17 - 2017-12-03 22:17 - 000221662 _____ C:\Users\Stefi\Downloads\MicrosoftProgram_Install_and_Uninstall.meta.diagcab
2017-12-03 21:36 - 2017-12-14 08:58 - 000000000 ____D C:\Users\Stefi\Desktop\vyvolať foto cez happyfoto
2017-11-27 08:04 - 2017-11-27 08:04 - 000024439 _____ C:\Users\Stefi\Desktop\3067273514.pdf
2017-11-18 08:50 - 2017-11-18 08:49 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2017-11-18 08:49 - 2017-11-18 08:49 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-17 18:59 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-12-17 18:55 - 2017-09-04 21:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-17 18:13 - 2017-09-04 22:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-17 17:51 - 2017-09-04 21:33 - 000000000 ____D C:\Users\Stefi
2017-12-17 17:51 - 2017-09-04 21:33 - 000000000 ____D C:\Users\DefaultAppPool
2017-12-17 17:04 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-17 16:58 - 2016-05-27 07:31 - 000000000 ____D C:\Users\Stefi\AppData\Local\Packages
2017-12-17 16:49 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-17 08:30 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-12-16 23:57 - 2014-10-13 20:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-16 23:57 - 2014-10-13 20:51 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-12-16 23:47 - 2014-01-27 22:57 - 000000000 ____D C:\Program Files (x86)\VS Revo Group
2017-12-16 23:47 - 2012-12-12 01:48 - 000000000 ____D C:\Users\Stefi\AppData\Roaming\Philipp Winterberg
2017-12-16 23:46 - 2011-08-23 12:14 - 000001024 ___RH C:\Users\Public\Documents\NTIMMV9Acer.dll
2017-12-16 23:46 - 2011-07-20 08:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-12-16 23:45 - 2011-08-23 12:15 - 000001024 ___RH C:\Users\Public\Documents\NTILiveUpdateV9.dll
2017-12-16 23:44 - 2011-08-23 12:14 - 000001024 ___RH C:\Users\Public\Documents\NTIMMV9REGET.dll
2017-12-16 23:29 - 2011-12-02 22:10 - 000000000 ____D C:\Users\Stefi\AppData\Local\VirtualStore
2017-12-16 23:21 - 2012-05-18 20:44 - 000000000 ____D C:\Program Files (x86)\AVerMedia
2017-12-16 23:11 - 2012-04-20 21:09 - 000000000 ____D C:\Program Files (x86)\Nokia
2017-12-16 23:11 - 2012-01-05 18:46 - 000000000 ____D C:\Users\Stefi\AppData\Roaming\Nokia
2017-12-16 23:03 - 2017-01-17 09:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-16 23:03 - 2014-03-09 21:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-16 22:56 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-16 22:44 - 2017-08-23 19:31 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-16 22:44 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-12-16 22:44 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-16 22:30 - 2017-01-18 12:11 - 000000000 ____D C:\Users\Stefi\AppData\LocalLow\Mozilla
2017-12-16 22:22 - 2012-05-08 17:28 - 000000000 ____D C:\Users\Stefi\AppData\Roaming\Mozilla
2017-12-16 22:21 - 2014-11-11 20:51 - 000001462 _____ C:\WINDOWS\wininit.ini
2017-12-16 22:21 - 2014-03-09 21:47 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-16 22:10 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-16 22:10 - 2014-10-13 20:52 - 000000000 ____D C:\ProgramData\Lavasoft
2017-12-16 22:01 - 2016-10-23 22:26 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2017-12-15 08:44 - 2017-09-04 21:32 - 004675388 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-15 08:44 - 2016-10-04 17:23 - 002297758 _____ C:\WINDOWS\system32\perfh01B.dat
2017-12-15 08:44 - 2016-10-04 17:23 - 000685556 _____ C:\WINDOWS\system32\perfc01B.dat
2017-12-14 22:17 - 2014-11-10 21:01 - 000000000 ____D C:\Users\Stefi\AppData\Roaming\vlc
2017-12-14 22:12 - 2014-11-10 21:00 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-12-14 21:54 - 2012-10-02 17:06 - 000000000 ____D C:\Users\Stefi\Desktop\filmy
2017-12-14 18:44 - 2016-05-30 09:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-14 08:59 - 2017-10-17 11:35 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-14 08:59 - 2016-05-30 09:12 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-12 22:14 - 2017-11-15 12:19 - 009497600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-12-12 22:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-12 22:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-09 14:29 - 2017-09-04 22:02 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-20007476-2895584855-1217097544-1000
2017-12-09 14:29 - 2016-05-27 07:44 - 000002371 _____ C:\Users\Stefi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-09 14:29 - 2016-05-27 07:44 - 000000000 ___RD C:\Users\Stefi\OneDrive
2017-12-07 08:44 - 2015-08-20 20:03 - 000002288 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-07 08:44 - 2015-08-20 20:03 - 000002276 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-07 08:38 - 2017-09-04 22:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-12-05 09:20 - 2017-09-04 22:02 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-12-03 22:22 - 2012-01-10 17:31 - 000000000 ____D C:\Users\Stefi\AppData\Local\ElevatedDiagnostics
2017-12-03 22:21 - 2011-07-20 08:57 - 000000000 ____D C:\Program Files (x86)\EgisTec Shredder
2017-12-03 21:59 - 2012-01-05 18:25 - 000000000 ____D C:\Users\Stefi\AppData\Local\Downloaded Installations
2017-11-30 22:03 - 2010-11-21 04:27 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-30 10:31 - 2016-07-04 14:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-23 18:16 - 2014-10-14 20:11 - 000000000 ____D C:\Users\Stefi\Desktop\scan
2017-11-20 08:55 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-18 08:50 - 2017-09-15 08:41 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-11-18 08:50 - 2016-12-25 14:37 - 000455376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-11-18 08:49 - 2016-12-25 14:37 - 000455384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.151099143193703
2017-11-18 08:49 - 2016-12-25 14:37 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-11-18 08:49 - 2016-12-25 14:37 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-11-18 08:49 - 2016-12-25 14:37 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-11-18 08:49 - 2016-12-25 14:37 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-11-18 08:49 - 2016-12-25 14:37 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-11-18 08:49 - 2016-12-25 14:37 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-11-18 08:48 - 2017-03-14 12:40 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-11-18 08:48 - 2017-03-14 12:40 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-11-18 08:48 - 2017-03-14 12:40 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-11-18 08:48 - 2017-03-14 12:40 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-11-18 08:48 - 2016-12-25 14:37 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-11-18 08:47 - 2017-09-04 22:02 - 000003454 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-18 08:47 - 2017-09-04 22:02 - 000003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

Some files in TEMP:
====================
2017-12-16 23:11 - 2017-12-16 23:11 - 000001536 _____ () C:\Users\Stefi\AppData\Local\Temp\NEventMessages.dll
2017-12-16 23:07 - 2017-12-16 23:07 - 000001536 _____ () C:\Users\Stefi\AppData\Local\Temp\NOSEventMessages.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-12 08:51

==================== End of FRST.txt ============================

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 17 pro 2017 19:53
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKU\S-1-5-21-20007476-2895584855-1217097544-1000 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-20007476-2895584855-1217097544-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07] (Microsoft Corporation.)
C:\Program Files (x86)\Microsoft\BingBar
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js [2017-12-14] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\dsengine.cfg [2017-12-14] <==== ATTENTION
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Stefi\AppData\Local\Temp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 17 pro 2017 20:08
od tomi8
Fix result of Farbar Recovery Scan Tool (x64) Version: 17-12-2017
Ran by Stefi (17-12-2017 20:00:05) Run:1
Running from C:\Users\Stefi\Desktop
Loaded Profiles: Stefi & DefaultAppPool (Available Profiles: Stefi & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: HKU\S-1-5-21-20007476-2895584855-1217097544-1000 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-20007476-2895584855-1217097544-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE04
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07] (Microsoft Corporation.)
C:\Program Files (x86)\Microsoft\BingBar
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js [2017-12-14] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\dsengine.cfg [2017-12-14] <==== ATTENTION
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Stefi\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-20007476-2895584855-1217097544-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{93a3111f-4f74-4ed8-895e-d9708497629e} => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removed successfully
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => removed successfully
HKLM\Software\Classes\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found
"HKU\S-1-5-21-20007476-2895584855-1217097544-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removed successfully
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => removed successfully
C:\Program Files (x86)\Microsoft\BingBar => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
"HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js => moved successfully
C:\Program Files (x86)\mozilla firefox\dsengine.cfg => moved successfully
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

"C:\Users\Stefi\AppData\Local\Temp" folder move:

Could not move "C:\Users\Stefi\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45269885 B
Java, Flash, Steam htmlcache => 1100 B
Windows/system/drivers => 4407094 B
Edge => 5418088 B
Chrome => 147223 B
Firefox => 36315005 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 3266 B
NetworkService => 0 B
Stefi => 57188609 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 149.6 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 17-12-2017 20:04:01)

C:\Users\Stefi\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:04:07 ====

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 17 pro 2017 21:15
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 17 pro 2017 22:05
od tomi8
zdravim, je to lepsie, ale po zapnuti NB je stale HDD na 100% urcity cas, a po case cca 3-5 min.sa vrati na normal.
Moze byt este niekde problem?

dakujem.

Tomas

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 17 pro 2017 22:16
od tomi8
pozeral som este na "resmon", aka vlastne aktivita prebieha a vyzera to na Avast - prvotny check hdd - moze byt?

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 18 pro 2017 17:56
od Rudy
Obvykle to dělaají nepodařené aktualizace. Buď systémové, nebo antivitu. Systémové na zkoušku vypněte a pokud se stav nezmění, Avast přeinstalujte.

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 20 pro 2017 21:35
od tomi8
OK, dakujem za pomoc a rady. Ak bude potrebne, este sa ozvem. NB ide vseobecne lepsie ako predtym.
Vdaka
Tomas

Re: Prosim kontrolu logu - HDD stale na 100%

Napsal: 20 pro 2017 21:58
od Rudy
Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz