VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Spomalený rozbeh, mrzne

https://forum.viry.cz:443/viewtopic.php?t=153507

Stránka 1 z 1

Spomalený rozbeh, mrzne

Napsal: 04 led 2018 07:39
od Juraj1973
Pozdravujem Vás,
v mojej novej práci som dostal PC, ktoré štartuje 10 minút,niekedy vôbec, sem tam mi zmrzne dočasne alebo úplne. Vyzerá, že tu sa o PC nejak moc nikto nestará, resp. nedočkám sa nejakej oficiálnej pomoci v blízkej dobe (bolo by to na dlhé vysvetlovanie). Ak by ste boli ochotní sa na to pozrieť, budem veľmi vďačný .
Logfile of random's system information tool 1.16 (written by random/random)
Run by jhaluzova at 2018-01-04 07:27:21
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 347 GB (81%) free of 431 GB
Total RAM: 3920 MB (50% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:28:59, on 4. 1. 2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18860)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\jhaluzova_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart ... 1018__yaie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 4 Helper - {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Trend Micro Osprey Plugin - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O2 - BHO: webget 1.0.0.5 - {dc264a72-fa75-4948-b881-ea8eff8e5dd2} - (no file)
O3 - Toolbar: PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll
O4 - HKLM\..\Run: [IBM Lotus Notes Preloader] "C:\Program Files (x86)\IBM\Lotus\Notes\nntspreld.exe"
O4 - HKLM\..\Run: [Power Manager Startup Utility] C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (User 'Default user')
O4 - Global Startup: vpngui.exe.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://192.168.11.1:4343/officescan/co ... AtxEnc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = em.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = em.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = em.local
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Služba NSD (Lotus Notes Diagnostics) (Lotus Notes Diagnostics) - IBM - C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OfficeScan NT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OracleOraClient12Home1MTSRecoveryService - Oracle Corporation - C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe
O23 - Service: PDF Architect 4 - pdfforge GmbH - C:\Program Files\PDF Architect 4\ws.exe
O23 - Service: PDF Architect 4 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 4\crash-handler-ws.exe
O23 - Service: PDF Architect 4 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 4\creator-ws.exe
O23 - Service: PDF Architect 4 Manager - © pdfforge GmbH. - C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
O23 - Service: OfficeScan Common Client Solution Framework (tmccsf) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: OfficeScan NT Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11939 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe" -svcinvoke -ini "C:\ProgramData\Lotus\Notes\Data\notes.ini"
"C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe"
C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe OracleOraClient12Home1MTSRecoveryService
"C:\Program Files\PDF Architect 4\creator-ws.exe"
"C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe"
C:\Windows\system32\svchost.exe -k regsvc
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\svchost.exe -k PeerDist
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe"
\??\C:\Windows\system32\conhost.exe "-2139019375-800126694-1029334667537028357-1032818982-837150606-33852101219483871
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe" -HideWindow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE"
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Lenovo\PowerMgr\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --reporter-url=https://rink.hockeyapp.net/api/2/apps/f ... hes/upload --application-name=skype-preview "--crashes-directory=C:\Users\JHALUZ~1\AppData\Local\Temp\skype-preview Crashes" --v=1
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --no-sandbox --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,26,43,63,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --gpu-driver-date=1-29-2014 --service-request-channel-token=55D351DA2FCF1614DC6B83ED2AAC56C6 --mojo-platform-channel-handle=1412 /prefetch:2
"C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe" /service
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe"
C:\Windows\system32\CompatTelRunner.exe
\??\C:\Windows\system32\conhost.exe "211419039887806579710693318811966034848210806101221010571011941116035-563097450
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
C:\Windows\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:eydrfgo89UCXxUUp.1
"C:\Program Files (x86)\Lenovo\System Update\uncserver.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.84 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7feec455720,0x7feec455760,0x7feec455738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4832 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1280,11377024377789090847,12452469032104492106,131072 --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --gpu-driver-date=1-29-2014 --service-request-channel-token=5FAB1DDAC52897C46DCE22F758CC50DB --mojo-platform-channel-handle=1288 --ignored=" --type=renderer " /prefetch:2
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1280,11377024377789090847,12452469032104492106,131072 --service-pipe-token=B44F8A4D61A30C362C4C8CEBCFF29538 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=B44F8A4D61A30C362C4C8CEBCFF29538 --renderer-client-id=13 --mojo-platform-channel-handle=2356 /prefetch:1
"C:\Users\jhaluzova\Downloads\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1280,11377024377789090847,12452469032104492106,131072 --service-pipe-token=4111BEA535AB96F01291D1C6CBC9878C --lang=sk --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=4111BEA535AB96F01291D1C6CBC9878C --renderer-client-id=15 --mojo-platform-channel-handle=1644 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1280,11377024377789090847,12452469032104492106,131072 --service-pipe-token=123BD59B61547981C44EB41AB139B60C --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=123BD59B61547981C44EB41AB139B60C --renderer-client-id=17 --mojo-platform-channel-handle=4996 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe

====== Scheduled tasks folder ======

C:\Windows\tasks\Digital Sites.job - C:\Users\admin\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\Digital Sites - C:\Users\admin\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\MCP - "C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe" /start
C:\Windows\system32\tasks\PMTask - C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe
C:\Windows\system32\tasks\{028B6CD3-4999-49C1-876C-70B7943F0810} - C:\Windows\system32\pcalua.exe -a "C:\Users\jhaluzova\Desktop\USB kľúč\Nový priečinok\EGM\1111\assik - instal\vpnclient-winx64-msi-5.0.07.0290-k9.exe" -d "C:\Users\jhaluzova\Desktop\USB kľúč\Nový priečinok\EGM\1111\assik - instal"
C:\Windows\system32\tasks\{ADED72D0-511E-41EA-9C24-6080D34DA8B9} - C:\Windows\system32\pcalua.exe -a E:\Oracle_client_Win7(64)\setup.exe -d E:\Oracle_client_Win7(64)
C:\Windows\system32\tasks\TVT\TVSUUpdateTask - "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" /CM -search C -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask
C:\Windows\system32\tasks\TVT\TVSUUpdateTask_UserLogOn - "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" PendingTask
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Solution Center Launcher - %programfiles%\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe UpdateStatus
C:\Windows\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\Windows\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\Windows\system32\tasks\Lenovo\LSC\LSCHardwareScanPostpone - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan

=========Google Chrome=========

C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Homepage:
default_search_provider.search_url:
C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Default\Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentácie 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 0 Adblock Plus 1.13.4
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.6
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabuľky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.5
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6317.1002.0.5
Homepage: http://wwww.google.sk/
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}]
Trend Micro Osprey Plugin - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2015-06-17 453632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8}]
PDF Architect 4 Helper - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-11 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}]
Trend Micro Osprey Plugin - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2015-06-17 338432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-11 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc264a72-fa75-4948-b881-ea8eff8e5dd2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - PDF Architect 4 Toolbar - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05 547040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-10 11663976]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-11-08 10024624]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2017-12-10 57446848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2014-01-29 399832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2014-01-29 171992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-05-24 111488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]
C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [2006-09-20 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe [2006-11-22 3768320]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IBM Lotus Notes Preloader"=C:\Program Files (x86)\IBM\Lotus\Notes\nntspreld.exe [2010-08-11 20360]
"Power Manager Startup Utility"=C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [2015-03-13 27392]
"OfficeScanNT Monitor"=C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [2015-07-24 2462336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConnectHomeDirToRoot"=1
"NoDispScrSavPage"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DefaultLogonDomain"=em.local
"DisableStartupSound"=1
"LogonType"=0
"Allow-LogonScript-NetbiosDisabled"=1
"HideShutdownScripts"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoBandCustomize"=1
"NoActiveDesktop"=1
"NoDesktopCleanupWizard"=1
"NoCloseDragDropBands"=1
"ForceStartMenuLogOff"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoWelcomeScreen"=1
"NoDriveTypeAutoRun"=181
"NoAutorun"=1
"NoPublishingWizard"=1
"NoOnlinePrintsWizard"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-01-04 07:28:50 ----D---- C:\Program Files\trend micro
2018-01-04 07:27:21 ----D---- C:\rsit
2017-12-13 07:25:07 ----A---- C:\Windows\system32\mshtml.dll
2017-12-13 07:25:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-12-13 07:25:06 ----A---- C:\Windows\system32\ieframe.dll
2017-12-13 07:25:05 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-12-13 07:25:05 ----A---- C:\Windows\system32\jscript9.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\win32k.sys
2017-12-13 07:25:04 ----A---- C:\Windows\system32\vbscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\urlmon.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 07:25:04 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\jscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\itss.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\rtm.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\itss.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\itircl.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\wininet.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\webcheck.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\msrating.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\ieui.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\iertutil.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\tzres.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\occache.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\inseng.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\iesetup.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\iernonce.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-13 07:25:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-12-07 14:19:54 ----D---- C:\Program Files\SAMSUNG
2017-12-07 14:19:08 ----D---- C:\ProgramData\Samsung
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-12-05 11:12:33 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-12-05 11:12:33 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-12-05 11:12:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-12-05 11:12:33 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-12-05 11:12:32 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-12-05 11:12:28 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-12-05 11:12:28 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-12-05 11:12:27 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-12-05 11:12:27 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-12-05 11:12:26 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\user.exe
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-12-05 11:12:23 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-12-05 11:12:23 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-12-05 11:12:23 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-12-05 11:12:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-12-05 11:12:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-12-05 11:12:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-12-05 11:12:19 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-12-05 11:12:19 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\tquery.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-12-05 11:11:42 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-12-05 11:11:42 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssvp.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssrch.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssprxy.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssphtb.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssph.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssitlb.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\msshooks.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\msscntrs.dll
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbport.sys
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbohci.sys
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbhub.sys
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbehci.sys
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbd.sys
2017-12-05 11:11:40 ----A---- C:\Windows\system32\wow64win.dll
2017-12-05 11:11:40 ----A---- C:\Windows\system32\wow64cpu.dll
2017-12-05 11:11:40 ----A---- C:\Windows\system32\wow64.dll
2017-12-05 11:11:40 ----A---- C:\Windows\system32\ntvdm64.dll
2017-12-05 11:11:40 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2017-12-05 11:11:39 ----A---- C:\Windows\system32\wlansvc.dll
2017-12-05 11:11:39 ----A---- C:\Windows\system32\wlansec.dll
2017-12-05 11:11:39 ----A---- C:\Windows\system32\wlanmsm.dll
2017-12-05 11:11:39 ----A---- C:\Windows\system32\wlanhlp.dll
2017-12-05 11:11:39 ----A---- C:\Windows\system32\wlanapi.dll
2017-12-05 11:11:39 ----A---- C:\Windows\system32\winsrv.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\ucrtbase.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\themeui.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\icaapi.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-12-05 11:11:36 ----A---- C:\Windows\system32\srcore.dll
2017-12-05 11:11:36 ----A---- C:\Windows\system32\srclient.dll
2017-12-05 11:11:36 ----A---- C:\Windows\system32\smss.exe
2017-12-05 11:11:36 ----A---- C:\Windows\system32\rstrui.exe
2017-12-05 11:11:36 ----A---- C:\Windows\system32\rdpcore.dll
2017-12-05 11:11:36 ----A---- C:\Windows\system32\msctf.dll
2017-12-05 11:11:36 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-12-05 11:11:36 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-12-05 11:11:36 ----A---- C:\Windows\system32\drivers\srv.sys
2017-12-05 11:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-12-05 11:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-12-05 11:11:36 ----A---- C:\Windows\system32\apisetschema.dll
2017-12-05 11:11:35 ----A---- C:\Windows\system32\schannel.dll
2017-12-05 11:11:35 ----A---- C:\Windows\system32\msv1_0.dll
2017-12-05 11:11:35 ----A---- C:\Windows\system32\kerberos.dll
2017-12-05 11:11:35 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-12-05 11:11:34 ----A---- C:\Windows\system32\wdigest.dll
2017-12-05 11:11:34 ----A---- C:\Windows\system32\TSpkg.dll
2017-12-05 11:11:34 ----A---- C:\Windows\system32\credssp.dll
2017-12-05 11:11:32 ----A---- C:\Windows\system32\rpchttp.dll
2017-12-05 11:11:32 ----A---- C:\Windows\system32\rpcrt4.dll
2017-12-05 11:11:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-12-05 11:11:30 ----A---- C:\Windows\system32\ntdll.dll
2017-12-05 11:11:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-12-05 11:11:30 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-12-05 11:11:30 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-12-05 11:11:29 ----A---- C:\Windows\system32\msobjs.dll
2017-12-05 11:11:29 ----A---- C:\Windows\system32\msaudite.dll
2017-12-05 11:11:29 ----A---- C:\Windows\system32\auditpol.exe
2017-12-05 11:11:29 ----A---- C:\Windows\system32\adtschema.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-12-05 11:11:28 ----A---- C:\Windows\system32\wmploc.DLL
2017-12-05 11:11:27 ----A---- C:\Windows\system32\wmp.dll
2017-12-05 11:11:27 ----A---- C:\Windows\system32\spwmp.dll
2017-12-05 11:11:27 ----A---- C:\Windows\system32\rrinstaller.exe
2017-12-05 11:11:27 ----A---- C:\Windows\system32\mfps.dll
2017-12-05 11:11:27 ----A---- C:\Windows\system32\mfpmp.exe
2017-12-05 11:11:27 ----A---- C:\Windows\system32\mferror.dll
2017-12-05 11:11:27 ----A---- C:\Windows\system32\dxmasf.dll
2017-12-05 11:11:26 ----A---- C:\Windows\system32\mf.dll
2017-12-05 11:11:25 ----A---- C:\Windows\system32\sspisrv.dll
2017-12-05 11:11:25 ----A---- C:\Windows\system32\sspicli.dll
2017-12-05 11:11:25 ----A---- C:\Windows\system32\secur32.dll
2017-12-05 11:11:25 ----A---- C:\Windows\system32\lsass.exe
2017-12-05 11:11:25 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-12-05 11:11:24 ----A---- C:\Windows\system32\lsasrv.dll
2017-12-05 11:11:24 ----A---- C:\Windows\system32\KernelBase.dll
2017-12-05 11:11:24 ----A---- C:\Windows\system32\kernel32.dll
2017-12-05 11:11:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-12-05 11:11:24 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-12-05 11:11:08 ----A---- C:\Windows\system32\lpk.dll
2017-12-05 11:11:08 ----A---- C:\Windows\system32\gdi32.dll
2017-12-05 11:11:08 ----A---- C:\Windows\system32\fontsub.dll
2017-12-05 11:11:08 ----A---- C:\Windows\system32\dciman32.dll
2017-12-05 11:11:08 ----A---- C:\Windows\system32\atmlib.dll
2017-12-05 11:11:08 ----A---- C:\Windows\system32\atmfd.dll
2017-12-05 11:11:07 ----A---- C:\Windows\system32\t2embed.dll
2017-12-05 11:11:04 ----A---- C:\Windows\system32\csrsrv.dll
2017-12-05 11:11:04 ----A---- C:\Windows\system32\cryptbase.dll
2017-12-05 11:11:03 ----A---- C:\Windows\system32\conhost.exe
2017-12-05 11:11:02 ----A---- C:\Windows\system32\Query.dll
2017-12-05 11:11:02 ----A---- C:\Windows\system32\certcli.dll
2017-12-05 11:11:01 ----A---- C:\Windows\system32\bcrypt.dll
2017-12-05 11:10:59 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-12-05 11:10:58 ----A---- C:\Windows\system32\drivers\appid.sys
2017-12-05 11:10:58 ----A---- C:\Windows\system32\appidsvc.dll
2017-12-05 11:10:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-12-05 11:10:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-12-05 11:10:58 ----A---- C:\Windows\system32\appidapi.dll
2017-12-05 11:10:58 ----A---- C:\Windows\system32\advapi32.dll
2017-12-05 11:10:28 ----A---- C:\Windows\system32\invagent.dll
2017-12-05 11:10:28 ----A---- C:\Windows\system32\devinv.dll
2017-12-05 11:10:28 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-12-05 11:10:28 ----A---- C:\Windows\system32\appraiser.dll
2017-12-05 11:10:28 ----A---- C:\Windows\system32\aitstatic.exe
2017-12-05 11:10:28 ----A---- C:\Windows\system32\acmigration.dll
2017-12-05 11:10:27 ----A---- C:\Windows\system32\generaltel.dll
2017-12-05 11:10:27 ----A---- C:\Windows\system32\aepic.dll
2017-12-05 11:10:27 ----A---- C:\Windows\system32\aeinv.dll
2017-12-05 11:10:26 ----A---- C:\Windows\system32\centel.dll

====== List of files/folders modified in the last 1 month ======

2018-01-04 07:29:01 ----D---- C:\Windows\Temp
2018-01-04 07:29:00 ----D---- C:\Windows\Prefetch
2018-01-04 07:28:50 ----RD---- C:\Program Files
2018-01-04 07:03:13 ----A---- C:\Windows\ntbtlog.txt
2018-01-04 06:49:29 ----D---- C:\Windows\system32\config
2018-01-03 09:35:48 ----SHD---- C:\System Volume Information
2018-01-03 06:58:46 ----D---- C:\Windows\System32
2017-12-21 14:01:39 ----D---- C:\ProgramData\pdf995
2017-12-20 15:09:30 ----D---- C:\Windows\Minidump
2017-12-20 15:09:23 ----D---- C:\Windows
2017-12-18 07:52:04 ----D---- C:\Windows\inf
2017-12-18 07:52:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-14 07:54:16 ----D---- C:\Windows\rescache
2017-12-14 06:59:04 ----D---- C:\Windows\winsxs
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\Setup
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\en-US
2017-12-13 15:07:52 ----D---- C:\Windows\SysWOW64
2017-12-13 15:07:52 ----D---- C:\Program Files\Internet Explorer
2017-12-13 15:07:52 ----D---- C:\Program Files (x86)\Internet Explorer
2017-12-13 15:07:50 ----D---- C:\Windows\system32\sk-SK
2017-12-13 15:07:50 ----D---- C:\Windows\system32\Setup
2017-12-13 15:07:50 ----D---- C:\Windows\system32\en-US
2017-12-13 15:07:47 ----D---- C:\Windows\system32\drivers
2017-12-13 11:05:50 ----SHD---- C:\Windows\Installer
2017-12-13 11:05:50 ----SHD---- C:\Config.Msi
2017-12-13 11:05:49 ----D---- C:\ProgramData\Microsoft Help
2017-12-13 07:17:30 ----D---- C:\Windows\system32\catroot2
2017-12-08 07:30:35 ----D---- C:\Windows\SYSWOW64\migration
2017-12-08 07:30:35 ----D---- C:\Program Files\Windows Media Player
2017-12-08 07:30:35 ----D---- C:\Program Files (x86)\Windows Media Player
2017-12-08 07:30:26 ----D---- C:\Windows\system32\migration
2017-12-08 07:30:26 ----D---- C:\Windows\system32\drivers\en-US
2017-12-08 07:30:13 ----D---- C:\Windows\AppPatch
2017-12-08 07:30:12 ----D---- C:\Windows\system32\Boot
2017-12-08 07:30:08 ----D---- C:\Windows\system32\DriverStore
2017-12-08 07:06:11 ----D---- C:\Windows\system32\appraiser
2017-12-07 14:19:08 ----HD---- C:\ProgramData
2017-12-07 11:04:54 ----RD---- C:\Program Files (x86)
2017-12-07 11:04:54 ----D---- C:\ProgramData\Skype

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2015-12-09 324408]
R1 TmLwf;Trend Micro NDIS 6.0 Filter Driver; C:\Windows\system32\DRIVERS\tmlwf.sys [2015-06-16 157432]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2013-06-18 109080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2015-12-09 119096]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2015-12-09 78136]
R2 TmFilter;Trend Micro Filter; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [2015-07-02 368392]
R2 TmPreFilter;Trend Micro PreFilter; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [2015-07-02 44808]
R2 tmWfp;Trend Micro WFP Callout Driver; C:\Windows\system32\DRIVERS\tmwfp.sys [2015-06-16 290296]
R2 VSApiNt;Trend Micro VSAPI NT; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2015-07-02 2384136]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2006-11-22 107008]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-21 316080]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-11 2676328]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-22 56600]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-12-27 40248]
R3 tmeevw;tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [2015-06-08 116576]
R3 tmusa;Trend Micro Osprey Driver; C:\Windows\system32\DRIVERS\tmusa.sys [2015-06-22 116536]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2009-09-24 41536]
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tmnciesc;tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [2015-05-28 416608]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 Wibukey2_64;Wibukey2_64; C:\Windows\system32\drivers\wibukey2_64.sys [2006-11-09 16896]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Lotus Notes Diagnostics;Služba NSD (Lotus Notes Diagnostics); C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe [2010-08-11 3417480]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe [2010-08-11 58760]
R2 ntrtscan;OfficeScan NT RealTime Scan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [2015-12-24 5269056]
R2 OracleOraClient12Home1MTSRecoveryService;OracleOraClient12Home1MTSRecoveryService; C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe [2013-06-28 59904]
R2 PDF Architect 4 Creator;PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [2016-08-05 851168]
R2 PDF Architect 4 Manager;PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [2016-05-18 972056]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-12-03 743688]
R2 tmlisten;OfficeScan NT Listener; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [2015-12-24 5229232]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
R3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
R3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE [2015-03-13 63744]
R3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2017-08-16 23928]
R3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [2015-12-28 592952]
R3 tmccsf;OfficeScan Common Client Solution Framework; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [2015-12-24 728024]
R3 TmPfw;OfficeScan NT Firewall; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe [2015-05-14 601360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MSSQL$CADMAN;SQL Server (CADMAN); C:\SQLEXPRESS\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-14 116224]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 4 CrashHandler;PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [2016-08-05 1038048]
S3 PDF Architect 4;PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2016-08-05 2438880]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE [2015-03-13 186624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-03 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-05-24 325504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-05-24 2593664]
S4 WkSvw32.exe;WIBU-KEY Server; C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe [2006-11-22 577536]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------


Ešte raz vďaka za prípadnú pomoc

Re: Spomalený rozbeh, mrzne

Napsal: 04 led 2018 13:42
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Spomalený rozbeh, mrzne

Napsal: 04 led 2018 14:01
od Juraj1973
..som to tu tak trochu poprečítal a predpokladal som prvý krok


# AdwCleaner 7.0.6.0 - Logfile created on Thu Jan 04 07:01:42 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\admin\AppData\Roaming\DigitalSites
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted: C:\Users\admin\AppData\Roaming\Systweak
Deleted: C:\Users\admin\AppData\Local\Temp\webget


***** [ Files ] *****

Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll
Deleted: C:\Windows\SysNative\roboot64.exe


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Digital Sites


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-1919720188-2406133624-971806895-2106\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC264A72-FA75-4948-B881-EA8EFF8E5DD2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted: [Key] - HKLM\SOFTWARE\systweak
Deleted: [Key] - HKLM\SOFTWARE\webget
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: webget -
Plugin deleted: webget -


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [3581 B] - [2018/1/4 7:1:14]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Re: Spomalený rozbeh, mrzne

Napsal: 04 led 2018 14:57
od Rudy
OK. Dejte nový log RSIT.

Re: Spomalený rozbeh, mrzne

Napsal: 04 led 2018 15:03
od Juraj1973
Logfile of random's system information tool 1.16 (written by random/random)
Run by jhaluzova at 2018-01-04 15:02:20
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 347 GB (81%) free of 431 GB
Total RAM: 3920 MB (47% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:02:23, on 4. 1. 2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18860)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files\trend micro\jhaluzova_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart ... 1018__yaie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 4 Helper - {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Trend Micro Osprey Plugin - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll
O4 - HKLM\..\Run: [IBM Lotus Notes Preloader] "C:\Program Files (x86)\IBM\Lotus\Notes\nntspreld.exe"
O4 - HKLM\..\Run: [Power Manager Startup Utility] C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (User 'Default user')
O4 - Global Startup: vpngui.exe.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://192.168.11.1:4343/officescan/co ... AtxEnc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = em.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = em.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = em.local
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Služba NSD (Lotus Notes Diagnostics) (Lotus Notes Diagnostics) - IBM - C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OfficeScan NT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OracleOraClient12Home1MTSRecoveryService - Oracle Corporation - C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe
O23 - Service: PDF Architect 4 - pdfforge GmbH - C:\Program Files\PDF Architect 4\ws.exe
O23 - Service: PDF Architect 4 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 4\crash-handler-ws.exe
O23 - Service: PDF Architect 4 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 4\creator-ws.exe
O23 - Service: PDF Architect 4 Manager - © pdfforge GmbH. - C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
O23 - Service: OfficeScan Common Client Solution Framework (tmccsf) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: OfficeScan NT Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11747 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe" -svcinvoke -ini "C:\ProgramData\Lotus\Notes\Data\notes.ini"
"C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe"
C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe OracleOraClient12Home1MTSRecoveryService
"C:\Program Files\PDF Architect 4\creator-ws.exe"
"C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe"
C:\Windows\system32\svchost.exe -k regsvc
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\svchost.exe -k PeerDist
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe"
\??\C:\Windows\system32\conhost.exe "1256975351066479331193662073-11560283912857810191822029179-319502301-877946416
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe" -HideWindow
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE"
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Lenovo\PowerMgr\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --reporter-url=https://rink.hockeyapp.net/api/2/apps/f ... hes/upload --application-name=skype-preview "--crashes-directory=C:\Users\JHALUZ~1\AppData\Local\Temp\skype-preview Crashes" --v=1
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --no-sandbox --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,26,43,63,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --gpu-driver-date=1-29-2014 --service-request-channel-token=32360B4214ABF597481D249051BAAA9F --mojo-platform-channel-handle=1432 /prefetch:2
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --no-sandbox --register-pepper-plugins="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\VideoRenderer.dll;application/x-slimcore-video-renderer" --primordial-pipe-token=39F7F8E77273C389BD3482DF583400EC --lang=sk --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar\Preload.js" --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=39F7F8E77273C389BD3482DF583400EC --renderer-client-id=4 --mojo-platform-channel-handle=1744 /prefetch:1
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\jhaluzova\Desktop\AdwCleaner[C0].txt
"C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe" /service
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.84 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fef53d5720,0x7fef53d5760,0x7fef53d5738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4880 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1052,5952519034727021003,2205982532752000981,131072 --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --gpu-driver-date=1-29-2014 --service-request-channel-token=1D6E1AB413F26EC01F67968DAA598E42 --mojo-platform-channel-handle=1068 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1052,5952519034727021003,2205982532752000981,131072 --service-pipe-token=F5587A2369128BD416318A98F718FF27 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=F5587A2369128BD416318A98F718FF27 --renderer-client-id=9 --mojo-platform-channel-handle=4204 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1052,5952519034727021003,2205982532752000981,131072 --service-pipe-token=4A647C302EC1C2BA74BE4CC9779EA39D --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=4A647C302EC1C2BA74BE4CC9779EA39D --renderer-client-id=38 --mojo-platform-channel-handle=4808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1052,5952519034727021003,2205982532752000981,131072 --service-pipe-token=F58B4340120C0CA78B9C697EFBBC7BB0 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=F58B4340120C0CA78B9C697EFBBC7BB0 --renderer-client-id=39 --mojo-platform-channel-handle=6564 /prefetch:1
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\Users\jhaluzova\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\MCP - "C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe" /start
C:\Windows\system32\tasks\PMTask - C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe
C:\Windows\system32\tasks\{028B6CD3-4999-49C1-876C-70B7943F0810} - C:\Windows\system32\pcalua.exe -a "C:\Users\jhaluzova\Desktop\USB kľúč\Nový priečinok\EGM\1111\assik - instal\vpnclient-winx64-msi-5.0.07.0290-k9.exe" -d "C:\Users\jhaluzova\Desktop\USB kľúč\Nový priečinok\EGM\1111\assik - instal"
C:\Windows\system32\tasks\{ADED72D0-511E-41EA-9C24-6080D34DA8B9} - C:\Windows\system32\pcalua.exe -a E:\Oracle_client_Win7(64)\setup.exe -d E:\Oracle_client_Win7(64)
C:\Windows\system32\tasks\TVT\TVSUUpdateTask - "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" /CM -search C -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask
C:\Windows\system32\tasks\TVT\TVSUUpdateTask_UserLogOn - "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" PendingTask
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Solution Center Launcher - %programfiles%\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe UpdateStatus
C:\Windows\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\Windows\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\Windows\system32\tasks\Lenovo\LSC\LSCHardwareScanPostpone - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan

=========Google Chrome=========

C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Homepage:
default_search_provider.search_url:
C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Default\Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentácie 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 0 Adblock Plus 1.13.4
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.6
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabuľky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.5
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6317.1002.0.5
Homepage: http://wwww.google.sk/
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}]
Trend Micro Osprey Plugin - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2015-06-17 453632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8}]
PDF Architect 4 Helper - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-11 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}]
Trend Micro Osprey Plugin - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2015-06-17 338432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-11 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - PDF Architect 4 Toolbar - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05 547040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-10 11663976]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-11-08 10024624]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2017-12-10 57446848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2014-01-29 399832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2014-01-29 171992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-05-24 111488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]
C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [2006-09-20 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe [2006-11-22 3768320]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IBM Lotus Notes Preloader"=C:\Program Files (x86)\IBM\Lotus\Notes\nntspreld.exe [2010-08-11 20360]
"Power Manager Startup Utility"=C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [2015-03-13 27392]
"OfficeScanNT Monitor"=C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [2015-07-24 2462336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConnectHomeDirToRoot"=1
"NoDispScrSavPage"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DefaultLogonDomain"=em.local
"DisableStartupSound"=1
"LogonType"=0
"Allow-LogonScript-NetbiosDisabled"=1
"HideShutdownScripts"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoBandCustomize"=1
"NoActiveDesktop"=1
"NoDesktopCleanupWizard"=1
"NoCloseDragDropBands"=1
"ForceStartMenuLogOff"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoWelcomeScreen"=1
"NoDriveTypeAutoRun"=181
"NoAutorun"=1
"NoPublishingWizard"=1
"NoOnlinePrintsWizard"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-01-04 07:58:59 ----D---- C:\AdwCleaner
2018-01-04 07:28:50 ----D---- C:\Program Files\trend micro
2018-01-04 07:27:21 ----D---- C:\rsit
2017-12-13 07:25:07 ----A---- C:\Windows\system32\mshtml.dll
2017-12-13 07:25:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-12-13 07:25:06 ----A---- C:\Windows\system32\ieframe.dll
2017-12-13 07:25:05 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-12-13 07:25:05 ----A---- C:\Windows\system32\jscript9.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\win32k.sys
2017-12-13 07:25:04 ----A---- C:\Windows\system32\vbscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\urlmon.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 07:25:04 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\jscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\itss.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\rtm.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\itss.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\itircl.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\wininet.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\webcheck.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\msrating.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\ieui.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\iertutil.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\tzres.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\occache.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\inseng.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\iesetup.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\iernonce.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-13 07:25:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-12-07 14:19:54 ----D---- C:\Program Files\SAMSUNG
2017-12-07 14:19:08 ----D---- C:\ProgramData\Samsung
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-12-05 11:12:36 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-12-05 11:12:35 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-12-05 11:12:34 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-12-05 11:12:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-12-05 11:12:33 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-12-05 11:12:33 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-12-05 11:12:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-12-05 11:12:33 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-12-05 11:12:32 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-12-05 11:12:28 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-12-05 11:12:28 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-12-05 11:12:27 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-12-05 11:12:27 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-12-05 11:12:26 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\user.exe
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-12-05 11:12:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-12-05 11:12:24 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-12-05 11:12:23 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-12-05 11:12:23 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-12-05 11:12:23 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-12-05 11:12:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-12-05 11:12:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-12-05 11:12:22 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-12-05 11:12:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-12-05 11:12:19 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-12-05 11:12:19 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-12-05 11:12:18 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\tquery.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-12-05 11:11:42 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-12-05 11:11:42 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssvp.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssrch.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssprxy.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssphtb.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssph.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\mssitlb.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\msshooks.dll
2017-12-05 11:11:42 ----A---- C:\Windows\system32\msscntrs.dll
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbport.sys
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbohci.sys
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbhub.sys
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbehci.sys
2017-12-05 11:11:41 ----A---- C:\Windows\system32\drivers\usbd.sys
2017-12-05 11:11:40 ----A---- C:\Windows\system32\wow64win.dll
2017-12-05 11:11:40 ----A---- C:\Windows\system32\wow64cpu.dll
2017-12-05 11:11:40 ----A---- C:\Windows\system32\wow64.dll
2017-12-05 11:11:40 ----A---- C:\Windows\system32\ntvdm64.dll
2017-12-05 11:11:40 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2017-12-05 11:11:39 ----A---- C:\Windows\system32\wlansvc.dll
2017-12-05 11:11:39 ----A---- C:\Windows\system32\wlansec.dll
2017-12-05 11:11:39 ----A---- C:\Windows\system32\wlanmsm.dll
2017-12-05 11:11:39 ----A---- C:\Windows\system32\wlanhlp.dll
2017-12-05 11:11:39 ----A---- C:\Windows\system32\wlanapi.dll
2017-12-05 11:11:39 ----A---- C:\Windows\system32\winsrv.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\ucrtbase.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-12-05 11:11:38 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\themeui.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\icaapi.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-12-05 11:11:37 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-12-05 11:11:36 ----A---- C:\Windows\system32\srcore.dll
2017-12-05 11:11:36 ----A---- C:\Windows\system32\srclient.dll
2017-12-05 11:11:36 ----A---- C:\Windows\system32\smss.exe
2017-12-05 11:11:36 ----A---- C:\Windows\system32\rstrui.exe
2017-12-05 11:11:36 ----A---- C:\Windows\system32\rdpcore.dll
2017-12-05 11:11:36 ----A---- C:\Windows\system32\msctf.dll
2017-12-05 11:11:36 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-12-05 11:11:36 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-12-05 11:11:36 ----A---- C:\Windows\system32\drivers\srv.sys
2017-12-05 11:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-12-05 11:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-12-05 11:11:36 ----A---- C:\Windows\system32\apisetschema.dll
2017-12-05 11:11:35 ----A---- C:\Windows\system32\schannel.dll
2017-12-05 11:11:35 ----A---- C:\Windows\system32\msv1_0.dll
2017-12-05 11:11:35 ----A---- C:\Windows\system32\kerberos.dll
2017-12-05 11:11:35 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-12-05 11:11:34 ----A---- C:\Windows\system32\wdigest.dll
2017-12-05 11:11:34 ----A---- C:\Windows\system32\TSpkg.dll
2017-12-05 11:11:34 ----A---- C:\Windows\system32\credssp.dll
2017-12-05 11:11:32 ----A---- C:\Windows\system32\rpchttp.dll
2017-12-05 11:11:32 ----A---- C:\Windows\system32\rpcrt4.dll
2017-12-05 11:11:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-12-05 11:11:30 ----A---- C:\Windows\system32\ntdll.dll
2017-12-05 11:11:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-12-05 11:11:30 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-12-05 11:11:30 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-12-05 11:11:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-12-05 11:11:29 ----A---- C:\Windows\system32\msobjs.dll
2017-12-05 11:11:29 ----A---- C:\Windows\system32\msaudite.dll
2017-12-05 11:11:29 ----A---- C:\Windows\system32\auditpol.exe
2017-12-05 11:11:29 ----A---- C:\Windows\system32\adtschema.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-12-05 11:11:28 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-12-05 11:11:28 ----A---- C:\Windows\system32\wmploc.DLL
2017-12-05 11:11:27 ----A---- C:\Windows\system32\wmp.dll
2017-12-05 11:11:27 ----A---- C:\Windows\system32\spwmp.dll
2017-12-05 11:11:27 ----A---- C:\Windows\system32\rrinstaller.exe
2017-12-05 11:11:27 ----A---- C:\Windows\system32\mfps.dll
2017-12-05 11:11:27 ----A---- C:\Windows\system32\mfpmp.exe
2017-12-05 11:11:27 ----A---- C:\Windows\system32\mferror.dll
2017-12-05 11:11:27 ----A---- C:\Windows\system32\dxmasf.dll
2017-12-05 11:11:26 ----A---- C:\Windows\system32\mf.dll
2017-12-05 11:11:25 ----A---- C:\Windows\system32\sspisrv.dll
2017-12-05 11:11:25 ----A---- C:\Windows\system32\sspicli.dll
2017-12-05 11:11:25 ----A---- C:\Windows\system32\secur32.dll
2017-12-05 11:11:25 ----A---- C:\Windows\system32\lsass.exe
2017-12-05 11:11:25 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-12-05 11:11:24 ----A---- C:\Windows\system32\lsasrv.dll
2017-12-05 11:11:24 ----A---- C:\Windows\system32\KernelBase.dll
2017-12-05 11:11:24 ----A---- C:\Windows\system32\kernel32.dll
2017-12-05 11:11:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-12-05 11:11:24 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-12-05 11:11:08 ----A---- C:\Windows\system32\lpk.dll
2017-12-05 11:11:08 ----A---- C:\Windows\system32\gdi32.dll
2017-12-05 11:11:08 ----A---- C:\Windows\system32\fontsub.dll
2017-12-05 11:11:08 ----A---- C:\Windows\system32\dciman32.dll
2017-12-05 11:11:08 ----A---- C:\Windows\system32\atmlib.dll
2017-12-05 11:11:08 ----A---- C:\Windows\system32\atmfd.dll
2017-12-05 11:11:07 ----A---- C:\Windows\system32\t2embed.dll
2017-12-05 11:11:04 ----A---- C:\Windows\system32\csrsrv.dll
2017-12-05 11:11:04 ----A---- C:\Windows\system32\cryptbase.dll
2017-12-05 11:11:03 ----A---- C:\Windows\system32\conhost.exe
2017-12-05 11:11:02 ----A---- C:\Windows\system32\Query.dll
2017-12-05 11:11:02 ----A---- C:\Windows\system32\certcli.dll
2017-12-05 11:11:01 ----A---- C:\Windows\system32\bcrypt.dll
2017-12-05 11:10:59 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-12-05 11:10:58 ----A---- C:\Windows\system32\drivers\appid.sys
2017-12-05 11:10:58 ----A---- C:\Windows\system32\appidsvc.dll
2017-12-05 11:10:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-12-05 11:10:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-12-05 11:10:58 ----A---- C:\Windows\system32\appidapi.dll
2017-12-05 11:10:58 ----A---- C:\Windows\system32\advapi32.dll
2017-12-05 11:10:28 ----A---- C:\Windows\system32\invagent.dll
2017-12-05 11:10:28 ----A---- C:\Windows\system32\devinv.dll
2017-12-05 11:10:28 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-12-05 11:10:28 ----A---- C:\Windows\system32\appraiser.dll
2017-12-05 11:10:28 ----A---- C:\Windows\system32\aitstatic.exe
2017-12-05 11:10:28 ----A---- C:\Windows\system32\acmigration.dll
2017-12-05 11:10:27 ----A---- C:\Windows\system32\generaltel.dll
2017-12-05 11:10:27 ----A---- C:\Windows\system32\aepic.dll
2017-12-05 11:10:27 ----A---- C:\Windows\system32\aeinv.dll
2017-12-05 11:10:26 ----A---- C:\Windows\system32\centel.dll

====== List of files/folders modified in the last 1 month ======

2018-01-04 15:02:24 ----D---- C:\Windows\Temp
2018-01-04 14:02:54 ----D---- C:\Windows\system32\config
2018-01-04 13:41:50 ----D---- C:\Windows\Prefetch
2018-01-04 09:29:21 ----SHD---- C:\System Volume Information
2018-01-04 08:09:49 ----D---- C:\Windows\System32
2018-01-04 08:01:39 ----D---- C:\Windows\SysWOW64
2018-01-04 07:28:50 ----RD---- C:\Program Files
2018-01-04 07:03:13 ----A---- C:\Windows\ntbtlog.txt
2017-12-21 14:01:39 ----D---- C:\ProgramData\pdf995
2017-12-20 15:09:30 ----D---- C:\Windows\Minidump
2017-12-20 15:09:23 ----D---- C:\Windows
2017-12-18 07:52:04 ----D---- C:\Windows\inf
2017-12-18 07:52:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-14 07:54:16 ----D---- C:\Windows\rescache
2017-12-14 06:59:04 ----D---- C:\Windows\winsxs
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\Setup
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\en-US
2017-12-13 15:07:52 ----D---- C:\Program Files\Internet Explorer
2017-12-13 15:07:52 ----D---- C:\Program Files (x86)\Internet Explorer
2017-12-13 15:07:50 ----D---- C:\Windows\system32\sk-SK
2017-12-13 15:07:50 ----D---- C:\Windows\system32\Setup
2017-12-13 15:07:50 ----D---- C:\Windows\system32\en-US
2017-12-13 15:07:47 ----D---- C:\Windows\system32\drivers
2017-12-13 11:05:50 ----SHD---- C:\Windows\Installer
2017-12-13 11:05:50 ----SHD---- C:\Config.Msi
2017-12-13 11:05:49 ----D---- C:\ProgramData\Microsoft Help
2017-12-13 07:17:30 ----D---- C:\Windows\system32\catroot2
2017-12-08 07:30:35 ----D---- C:\Windows\SYSWOW64\migration
2017-12-08 07:30:35 ----D---- C:\Program Files\Windows Media Player
2017-12-08 07:30:35 ----D---- C:\Program Files (x86)\Windows Media Player
2017-12-08 07:30:26 ----D---- C:\Windows\system32\migration
2017-12-08 07:30:26 ----D---- C:\Windows\system32\drivers\en-US
2017-12-08 07:30:13 ----D---- C:\Windows\AppPatch
2017-12-08 07:30:12 ----D---- C:\Windows\system32\Boot
2017-12-08 07:30:08 ----D---- C:\Windows\system32\DriverStore
2017-12-08 07:06:11 ----D---- C:\Windows\system32\appraiser
2017-12-07 14:19:08 ----HD---- C:\ProgramData
2017-12-07 11:04:54 ----RD---- C:\Program Files (x86)
2017-12-07 11:04:54 ----D---- C:\ProgramData\Skype

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2015-12-09 324408]
R1 TmLwf;Trend Micro NDIS 6.0 Filter Driver; C:\Windows\system32\DRIVERS\tmlwf.sys [2015-06-16 157432]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2013-06-18 109080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2015-12-09 119096]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2015-12-09 78136]
R2 TmFilter;Trend Micro Filter; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [2015-07-02 368392]
R2 TmPreFilter;Trend Micro PreFilter; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [2015-07-02 44808]
R2 tmWfp;Trend Micro WFP Callout Driver; C:\Windows\system32\DRIVERS\tmwfp.sys [2015-06-16 290296]
R2 VSApiNt;Trend Micro VSAPI NT; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2015-07-02 2384136]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2006-11-22 107008]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-21 316080]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-11 2676328]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-22 56600]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-12-27 40248]
R3 tmeevw;tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [2015-06-08 116576]
R3 tmusa;Trend Micro Osprey Driver; C:\Windows\system32\DRIVERS\tmusa.sys [2015-06-22 116536]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2009-09-24 41536]
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tmnciesc;tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [2015-05-28 416608]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 Wibukey2_64;Wibukey2_64; C:\Windows\system32\drivers\wibukey2_64.sys [2006-11-09 16896]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Lotus Notes Diagnostics;Služba NSD (Lotus Notes Diagnostics); C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe [2010-08-11 3417480]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe [2010-08-11 58760]
R2 ntrtscan;OfficeScan NT RealTime Scan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [2015-12-24 5269056]
R2 OracleOraClient12Home1MTSRecoveryService;OracleOraClient12Home1MTSRecoveryService; C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe [2013-06-28 59904]
R2 PDF Architect 4 Creator;PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [2016-08-05 851168]
R2 PDF Architect 4 Manager;PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [2016-05-18 972056]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-12-03 743688]
R2 tmlisten;OfficeScan NT Listener; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [2015-12-24 5229232]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
R3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE [2015-03-13 63744]
R3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2017-08-16 23928]
R3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [2015-12-28 592952]
R3 tmccsf;OfficeScan Common Client Solution Framework; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [2015-12-24 728024]
R3 TmPfw;OfficeScan NT Firewall; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe [2015-05-14 601360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MSSQL$CADMAN;SQL Server (CADMAN); C:\SQLEXPRESS\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-14 116224]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 PDF Architect 4 CrashHandler;PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [2016-08-05 1038048]
S3 PDF Architect 4;PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2016-08-05 2438880]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE [2015-03-13 186624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-03 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-05-24 325504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-05-24 2593664]
S4 WkSvw32.exe;WIBU-KEY Server; C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe [2006-11-22 577536]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Re: Spomalený rozbeh, mrzne

Napsal: 04 led 2018 16:07
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA


:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}]/64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]/64


:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: Spomalený rozbeh, mrzne

Napsal: 05 led 2018 07:38
od Juraj1973
Logfile of random's system information tool 1.16 (written by random/random)
Run by jhaluzova at 2018-01-05 07:37:36
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 349 GB (81%) free of 431 GB
Total RAM: 3920 MB (47% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:37:41, on 5. 1. 2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18860)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files\trend micro\jhaluzova_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart ... 1018__yaie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 4 Helper - {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Trend Micro Osprey Plugin - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll
O4 - HKLM\..\Run: [IBM Lotus Notes Preloader] "C:\Program Files (x86)\IBM\Lotus\Notes\nntspreld.exe"
O4 - HKLM\..\Run: [Power Manager Startup Utility] C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (User 'Default user')
O4 - Global Startup: vpngui.exe.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://192.168.11.1:4343/officescan/co ... AtxEnc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = em.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = em.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = em.local
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Služba NSD (Lotus Notes Diagnostics) (Lotus Notes Diagnostics) - IBM - C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OfficeScan NT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OracleOraClient12Home1MTSRecoveryService - Oracle Corporation - C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe
O23 - Service: PDF Architect 4 - pdfforge GmbH - C:\Program Files\PDF Architect 4\ws.exe
O23 - Service: PDF Architect 4 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 4\crash-handler-ws.exe
O23 - Service: PDF Architect 4 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 4\creator-ws.exe
O23 - Service: PDF Architect 4 Manager - © pdfforge GmbH. - C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
O23 - Service: OfficeScan Common Client Solution Framework (tmccsf) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: OfficeScan NT Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11746 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe" -svcinvoke -ini "C:\ProgramData\Lotus\Notes\Data\notes.ini"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe"
C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe OracleOraClient12Home1MTSRecoveryService
"C:\Program Files\PDF Architect 4\creator-ws.exe"
"C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe"
C:\Windows\system32\svchost.exe -k regsvc
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\svchost.exe -k PeerDist
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe"
\??\C:\Windows\system32\conhost.exe "274439552-5020439861006349271-2132671434-983050804-14142641381247403597222828471
"C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\taskhost.exe
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\taskeng.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe" -HideWindow
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE"
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Lenovo\PowerMgr\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --reporter-url=https://rink.hockeyapp.net/api/2/apps/f ... hes/upload --application-name=skype-preview "--crashes-directory=C:\Users\JHALUZ~1\AppData\Local\Temp\skype-preview Crashes" --v=1
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --no-sandbox --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,26,43,63,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --gpu-driver-date=1-29-2014 --service-request-channel-token=25987FDE586D20EDB7F0E5CBF6CC47EE --mojo-platform-channel-handle=1252 /prefetch:2
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --no-sandbox --register-pepper-plugins="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\VideoRenderer.dll;application/x-slimcore-video-renderer" --primordial-pipe-token=78DF4DE3CC9A823E4D17654D2321132A --lang=sk --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar\Preload.js" --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=78DF4DE3CC9A823E4D17654D2321132A --renderer-client-id=4 --mojo-platform-channel-handle=1760 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.84 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7feeef15720,0x7feeef15760,0x7feeef15738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5344 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1100,10974862195825373887,11609354238382314518,131072 --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --gpu-driver-date=1-29-2014 --service-request-channel-token=68A7A121A8CB827A86079F974CBDA2A4 --mojo-platform-channel-handle=1112 --ignored=" --type=renderer " /prefetch:2
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1100,10974862195825373887,11609354238382314518,131072 --service-pipe-token=771F8E193A245AE8289797FD771E3424 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=771F8E193A245AE8289797FD771E3424 --renderer-client-id=6 --mojo-platform-channel-handle=2480 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1919720188-2406133624-971806895-21062_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1919720188-2406133624-971806895-21062 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\Users\jhaluzova\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\MCP - "C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe" /start
C:\Windows\system32\tasks\PMTask - C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe
C:\Windows\system32\tasks\{028B6CD3-4999-49C1-876C-70B7943F0810} - C:\Windows\system32\pcalua.exe -a "C:\Users\jhaluzova\Desktop\USB kľúč\Nový priečinok\EGM\1111\assik - instal\vpnclient-winx64-msi-5.0.07.0290-k9.exe" -d "C:\Users\jhaluzova\Desktop\USB kľúč\Nový priečinok\EGM\1111\assik - instal"
C:\Windows\system32\tasks\{ADED72D0-511E-41EA-9C24-6080D34DA8B9} - C:\Windows\system32\pcalua.exe -a E:\Oracle_client_Win7(64)\setup.exe -d E:\Oracle_client_Win7(64)
C:\Windows\system32\tasks\TVT\TVSUUpdateTask - "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" /CM -search C -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask
C:\Windows\system32\tasks\TVT\TVSUUpdateTask_UserLogOn - "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" PendingTask
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Solution Center Launcher - %programfiles%\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe UpdateStatus
C:\Windows\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\Windows\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\Windows\system32\tasks\Lenovo\LSC\LSCHardwareScanPostpone - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan

=========Google Chrome=========

C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Homepage:
default_search_provider.search_url:
C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Default\Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentácie 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 0 Adblock Plus 1.13.4
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.6
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabuľky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.5
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6317.1002.0.5
Homepage: http://wwww.google.sk/
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}]
Trend Micro Osprey Plugin - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2015-06-17 453632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8}]
PDF Architect 4 Helper - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-11 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}]
Trend Micro Osprey Plugin - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2015-06-17 338432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-11 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - PDF Architect 4 Toolbar - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05 547040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-10 11663976]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-11-08 10024624]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2017-12-10 57446848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2014-01-29 399832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2014-01-29 171992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-05-24 111488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]
C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [2006-09-20 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe [2006-11-22 3768320]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IBM Lotus Notes Preloader"=C:\Program Files (x86)\IBM\Lotus\Notes\nntspreld.exe [2010-08-11 20360]
"Power Manager Startup Utility"=C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [2015-03-13 27392]
"OfficeScanNT Monitor"=C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [2015-07-24 2462336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConnectHomeDirToRoot"=1
"NoDispScrSavPage"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DefaultLogonDomain"=em.local
"DisableStartupSound"=1
"LogonType"=0
"Allow-LogonScript-NetbiosDisabled"=1
"HideShutdownScripts"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoBandCustomize"=1
"NoActiveDesktop"=1
"NoDesktopCleanupWizard"=1
"NoCloseDragDropBands"=1
"ForceStartMenuLogOff"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoWelcomeScreen"=1
"NoDriveTypeAutoRun"=181
"NoAutorun"=1
"NoPublishingWizard"=1
"NoOnlinePrintsWizard"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-01-05 07:23:41 ----D---- C:\_OTM
2018-01-04 07:58:59 ----D---- C:\AdwCleaner
2018-01-04 07:28:50 ----D---- C:\Program Files\trend micro
2018-01-04 07:27:21 ----D---- C:\rsit
2017-12-13 07:25:07 ----A---- C:\Windows\system32\mshtml.dll
2017-12-13 07:25:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-12-13 07:25:06 ----A---- C:\Windows\system32\ieframe.dll
2017-12-13 07:25:05 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-12-13 07:25:05 ----A---- C:\Windows\system32\jscript9.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\win32k.sys
2017-12-13 07:25:04 ----A---- C:\Windows\system32\vbscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\urlmon.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 07:25:04 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\jscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\itss.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\rtm.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\itss.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\itircl.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\wininet.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\webcheck.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\msrating.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\ieui.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\iertutil.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\tzres.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\occache.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\inseng.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\iesetup.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\iernonce.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-13 07:25:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-12-07 14:19:54 ----D---- C:\Program Files\SAMSUNG
2017-12-07 14:19:08 ----D---- C:\ProgramData\Samsung

====== List of files/folders modified in the last 1 month ======

2018-01-05 07:37:23 ----D---- C:\Windows\Temp
2018-01-05 07:35:10 ----D---- C:\Windows\Prefetch
2018-01-05 07:29:08 ----D---- C:\Windows\System32
2018-01-05 07:29:04 ----D---- C:\Windows\system32\config
2018-01-04 09:29:21 ----SHD---- C:\System Volume Information
2018-01-04 08:01:39 ----D---- C:\Windows\SysWOW64
2018-01-04 07:28:50 ----RD---- C:\Program Files
2018-01-04 07:03:13 ----A---- C:\Windows\ntbtlog.txt
2017-12-21 14:01:39 ----D---- C:\ProgramData\pdf995
2017-12-20 15:09:30 ----D---- C:\Windows\Minidump
2017-12-20 15:09:23 ----D---- C:\Windows
2017-12-18 07:52:04 ----D---- C:\Windows\inf
2017-12-18 07:52:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-14 07:54:16 ----D---- C:\Windows\rescache
2017-12-14 06:59:04 ----D---- C:\Windows\winsxs
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\Setup
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\en-US
2017-12-13 15:07:52 ----D---- C:\Program Files\Internet Explorer
2017-12-13 15:07:52 ----D---- C:\Program Files (x86)\Internet Explorer
2017-12-13 15:07:50 ----D---- C:\Windows\system32\sk-SK
2017-12-13 15:07:50 ----D---- C:\Windows\system32\Setup
2017-12-13 15:07:50 ----D---- C:\Windows\system32\en-US
2017-12-13 15:07:47 ----D---- C:\Windows\system32\drivers
2017-12-13 11:05:50 ----SHD---- C:\Windows\Installer
2017-12-13 11:05:50 ----SHD---- C:\Config.Msi
2017-12-13 11:05:49 ----D---- C:\ProgramData\Microsoft Help
2017-12-13 07:17:30 ----D---- C:\Windows\system32\catroot2
2017-12-08 07:30:35 ----D---- C:\Windows\SYSWOW64\migration
2017-12-08 07:30:35 ----D---- C:\Program Files\Windows Media Player
2017-12-08 07:30:35 ----D---- C:\Program Files (x86)\Windows Media Player
2017-12-08 07:30:26 ----D---- C:\Windows\system32\migration
2017-12-08 07:30:26 ----D---- C:\Windows\system32\drivers\en-US
2017-12-08 07:30:13 ----D---- C:\Windows\AppPatch
2017-12-08 07:30:12 ----D---- C:\Windows\system32\Boot
2017-12-08 07:30:08 ----D---- C:\Windows\system32\DriverStore
2017-12-08 07:06:11 ----D---- C:\Windows\system32\appraiser
2017-12-07 14:19:08 ----HD---- C:\ProgramData
2017-12-07 11:04:54 ----RD---- C:\Program Files (x86)
2017-12-07 11:04:54 ----D---- C:\ProgramData\Skype

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2015-12-09 324408]
R1 TmLwf;Trend Micro NDIS 6.0 Filter Driver; C:\Windows\system32\DRIVERS\tmlwf.sys [2015-06-16 157432]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2013-06-18 109080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2015-12-09 119096]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2015-12-09 78136]
R2 TmFilter;Trend Micro Filter; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [2015-07-02 368392]
R2 TmPreFilter;Trend Micro PreFilter; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [2015-07-02 44808]
R2 tmWfp;Trend Micro WFP Callout Driver; C:\Windows\system32\DRIVERS\tmwfp.sys [2015-06-16 290296]
R2 VSApiNt;Trend Micro VSAPI NT; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2015-07-02 2384136]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2006-11-22 107008]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-21 316080]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-11 2676328]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-22 56600]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-12-27 40248]
R3 tmeevw;tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [2015-06-08 116576]
R3 tmusa;Trend Micro Osprey Driver; C:\Windows\system32\DRIVERS\tmusa.sys [2015-06-22 116536]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2009-09-24 41536]
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tmnciesc;tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [2015-05-28 416608]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 Wibukey2_64;Wibukey2_64; C:\Windows\system32\drivers\wibukey2_64.sys [2006-11-09 16896]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Lotus Notes Diagnostics;Služba NSD (Lotus Notes Diagnostics); C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe [2010-08-11 3417480]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe [2010-08-11 58760]
R2 ntrtscan;OfficeScan NT RealTime Scan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [2015-12-24 5269056]
R2 OracleOraClient12Home1MTSRecoveryService;OracleOraClient12Home1MTSRecoveryService; C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe [2013-06-28 59904]
R2 PDF Architect 4 Creator;PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [2016-08-05 851168]
R2 PDF Architect 4 Manager;PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [2016-05-18 972056]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-12-03 743688]
R2 tmlisten;OfficeScan NT Listener; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [2015-12-24 5229232]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
R3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
R3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE [2015-03-13 63744]
R3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2017-08-16 23928]
R3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [2015-12-28 592952]
R3 tmccsf;OfficeScan Common Client Solution Framework; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [2015-12-24 728024]
R3 TmPfw;OfficeScan NT Firewall; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe [2015-05-14 601360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MSSQL$CADMAN;SQL Server (CADMAN); C:\SQLEXPRESS\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-14 116224]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 4 CrashHandler;PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [2016-08-05 1038048]
S3 PDF Architect 4;PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2016-08-05 2438880]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE [2015-03-13 186624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-03 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-05-24 325504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-05-24 2593664]
S4 WkSvw32.exe;WIBU-KEY Server; C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe [2006-11-22 577536]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Re: Spomalený rozbeh, mrzne

Napsal: 05 led 2018 07:40
od Juraj1973
reštartovalo si to samé.. ale potom si ten program ešte niečo robil pri štarte PC , tak neviem či som to mal dať reštartovať ešte raz

Re: Spomalený rozbeh, mrzne

Napsal: 05 led 2018 07:51
od Juraj1973
pre istotu pridávam aj ten po druhom reštarte :

Logfile of random's system information tool 1.16 (written by random/random)
Run by jhaluzova at 2018-01-05 07:51:01
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 349 GB (81%) free of 431 GB
Total RAM: 3920 MB (47% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:51:05, on 5. 1. 2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18860)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files\trend micro\jhaluzova_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart ... 1018__yaie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 4 Helper - {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Trend Micro Osprey Plugin - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll
O4 - HKLM\..\Run: [IBM Lotus Notes Preloader] "C:\Program Files (x86)\IBM\Lotus\Notes\nntspreld.exe"
O4 - HKLM\..\Run: [Power Manager Startup Utility] C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (User 'Default user')
O4 - Global Startup: vpngui.exe.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://192.168.11.1:4343/officescan/co ... AtxEnc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = em.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = em.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = em.local
O18 - Protocol: tmop - {69FD7CE3-4604-4FE6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Služba NSD (Lotus Notes Diagnostics) (Lotus Notes Diagnostics) - IBM - C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OfficeScan NT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OracleOraClient12Home1MTSRecoveryService - Oracle Corporation - C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe
O23 - Service: PDF Architect 4 - pdfforge GmbH - C:\Program Files\PDF Architect 4\ws.exe
O23 - Service: PDF Architect 4 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 4\crash-handler-ws.exe
O23 - Service: PDF Architect 4 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 4\creator-ws.exe
O23 - Service: PDF Architect 4 Manager - © pdfforge GmbH. - C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
O23 - Service: OfficeScan Common Client Solution Framework (tmccsf) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: OfficeScan NT Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11746 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe" -svcinvoke -ini "C:\ProgramData\Lotus\Notes\Data\notes.ini"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe"
C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe OracleOraClient12Home1MTSRecoveryService
"C:\Program Files\PDF Architect 4\creator-ws.exe"
"C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe"
C:\Windows\system32\svchost.exe -k regsvc
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\svchost.exe -k PeerDist
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe"
\??\C:\Windows\system32\conhost.exe "19881708091700946883-2135938938-830517141-970010677-12628348581720774760-26764596
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe"
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Windows\system32\wuauclt.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe" -HideWindow
"C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --reporter-url=https://rink.hockeyapp.net/api/2/apps/f ... hes/upload --application-name=skype-preview "--crashes-directory=C:\Users\JHALUZ~1\AppData\Local\Temp\skype-preview Crashes" --v=1
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Lenovo\PowerMgr\PWMTR64V.dll",PwrMgrBkGndMonitor
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --no-sandbox --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,26,43,63,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --gpu-driver-date=1-29-2014 --service-request-channel-token=7B39B54C2146A24206FBA71F83E1E9AE --mojo-platform-channel-handle=1324 /prefetch:2
"C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --no-sandbox --register-pepper-plugins="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\VideoRenderer.dll;application/x-slimcore-video-renderer" --primordial-pipe-token=1C5BF69B5E7BBC4998FCFEAA0B1F7948 --lang=sk --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar\Preload.js" --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=1C5BF69B5E7BBC4998FCFEAA0B1F7948 --renderer-client-id=4 --mojo-platform-channel-handle=1756 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.84 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7feee685720,0x7feee685760,0x7feee685738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5432 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1148,6789311569655607847,12740924950877189906,131072 --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --gpu-driver-date=1-29-2014 --service-request-channel-token=00EEB3A4266EC2019EC3C616EAF121DB --mojo-platform-channel-handle=1164 --ignored=" --type=renderer " /prefetch:2
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1148,6789311569655607847,12740924950877189906,131072 --service-pipe-token=17561DA887BA4C3A3C0EE24AD0B5E66A --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=17561DA887BA4C3A3C0EE24AD0B5E66A --renderer-client-id=7 --mojo-platform-channel-handle=2636 /prefetch:1
"C:\Users\jhaluzova\Desktop\RSITx64.exe"

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\MCP - "C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe" /start
C:\Windows\system32\tasks\PMTask - C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe
C:\Windows\system32\tasks\{028B6CD3-4999-49C1-876C-70B7943F0810} - C:\Windows\system32\pcalua.exe -a "C:\Users\jhaluzova\Desktop\USB kľúč\Nový priečinok\EGM\1111\assik - instal\vpnclient-winx64-msi-5.0.07.0290-k9.exe" -d "C:\Users\jhaluzova\Desktop\USB kľúč\Nový priečinok\EGM\1111\assik - instal"
C:\Windows\system32\tasks\{ADED72D0-511E-41EA-9C24-6080D34DA8B9} - C:\Windows\system32\pcalua.exe -a E:\Oracle_client_Win7(64)\setup.exe -d E:\Oracle_client_Win7(64)
C:\Windows\system32\tasks\TVT\TVSUUpdateTask - "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" /CM -search C -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate -schtask
C:\Windows\system32\tasks\TVT\TVSUUpdateTask_UserLogOn - "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" PendingTask
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\Lenovo\Lenovo Solution Center Launcher - %programfiles%\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe UpdateStatus
C:\Windows\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\Windows\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\Windows\system32\tasks\Lenovo\LSC\LSCHardwareScanPostpone - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan

=========Google Chrome=========

C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Homepage:
default_search_provider.search_url:
C:\Users\jhaluzova\AppData\Local\Google\Chrome\User Data\Default\Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentácie 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 0 Adblock Plus 1.13.4
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.6
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabuľky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.5
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6317.1002.0.5
Homepage: http://wwww.google.sk/
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={4BBBFBC1-FD87-4D24-9A9E-E050EBD3DA88}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}]
Trend Micro Osprey Plugin - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2015-06-17 453632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8}]
PDF Architect 4 Helper - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-11 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}]
Trend Micro Osprey Plugin - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2015-06-17 338432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-11 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - PDF Architect 4 Toolbar - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05 547040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-10 11663976]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-11-08 10024624]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2017-12-10 57446848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2014-01-29 399832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2014-01-29 171992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-05-24 111488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]
C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [2006-09-20 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe [2006-11-22 3768320]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IBM Lotus Notes Preloader"=C:\Program Files (x86)\IBM\Lotus\Notes\nntspreld.exe [2010-08-11 20360]
"Power Manager Startup Utility"=C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [2015-03-13 27392]
"OfficeScanNT Monitor"=C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [2015-07-24 2462336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConnectHomeDirToRoot"=1
"NoDispScrSavPage"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DefaultLogonDomain"=em.local
"DisableStartupSound"=1
"LogonType"=0
"Allow-LogonScript-NetbiosDisabled"=1
"HideShutdownScripts"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoBandCustomize"=1
"NoActiveDesktop"=1
"NoDesktopCleanupWizard"=1
"NoCloseDragDropBands"=1
"ForceStartMenuLogOff"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoWelcomeScreen"=1
"NoDriveTypeAutoRun"=181
"NoAutorun"=1
"NoPublishingWizard"=1
"NoOnlinePrintsWizard"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-01-05 07:23:41 ----D---- C:\_OTM
2018-01-04 07:58:59 ----D---- C:\AdwCleaner
2018-01-04 07:28:50 ----D---- C:\Program Files\trend micro
2018-01-04 07:27:21 ----D---- C:\rsit
2017-12-13 07:25:07 ----A---- C:\Windows\system32\mshtml.dll
2017-12-13 07:25:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-12-13 07:25:06 ----A---- C:\Windows\system32\ieframe.dll
2017-12-13 07:25:05 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-12-13 07:25:05 ----A---- C:\Windows\system32\jscript9.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-12-13 07:25:04 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\win32k.sys
2017-12-13 07:25:04 ----A---- C:\Windows\system32\vbscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\urlmon.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 07:25:04 ----A---- C:\Windows\system32\mprdim.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\jscript.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\itss.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\iprtrmgr.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\gpedit.dll
2017-12-13 07:25:04 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\rtm.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\itss.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\itircl.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-12-13 07:25:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\wininet.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\webcheck.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\rtm.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\msrating.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\itircl.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\iprtprio.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\ieui.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\iertutil.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-13 07:25:03 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-12-13 07:25:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\tzres.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\occache.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\inseng.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\iesetup.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\iernonce.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-13 07:25:02 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-13 07:25:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-12-07 14:19:54 ----D---- C:\Program Files\SAMSUNG
2017-12-07 14:19:08 ----D---- C:\ProgramData\Samsung

====== List of files/folders modified in the last 1 month ======

2018-01-05 07:51:04 ----D---- C:\Windows\Temp
2018-01-05 07:46:20 ----D---- C:\Windows\Prefetch
2018-01-05 07:44:40 ----D---- C:\Windows\System32
2018-01-05 07:42:48 ----D---- C:\Windows\system32\config
2018-01-04 09:29:21 ----SHD---- C:\System Volume Information
2018-01-04 08:01:39 ----D---- C:\Windows\SysWOW64
2018-01-04 07:28:50 ----RD---- C:\Program Files
2018-01-04 07:03:13 ----A---- C:\Windows\ntbtlog.txt
2017-12-21 14:01:39 ----D---- C:\ProgramData\pdf995
2017-12-20 15:09:30 ----D---- C:\Windows\Minidump
2017-12-20 15:09:23 ----D---- C:\Windows
2017-12-18 07:52:04 ----D---- C:\Windows\inf
2017-12-18 07:52:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-14 07:54:16 ----D---- C:\Windows\rescache
2017-12-14 06:59:04 ----D---- C:\Windows\winsxs
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\Setup
2017-12-13 15:07:52 ----D---- C:\Windows\SYSWOW64\en-US
2017-12-13 15:07:52 ----D---- C:\Program Files\Internet Explorer
2017-12-13 15:07:52 ----D---- C:\Program Files (x86)\Internet Explorer
2017-12-13 15:07:50 ----D---- C:\Windows\system32\sk-SK
2017-12-13 15:07:50 ----D---- C:\Windows\system32\Setup
2017-12-13 15:07:50 ----D---- C:\Windows\system32\en-US
2017-12-13 15:07:47 ----D---- C:\Windows\system32\drivers
2017-12-13 11:05:50 ----SHD---- C:\Windows\Installer
2017-12-13 11:05:50 ----SHD---- C:\Config.Msi
2017-12-13 11:05:49 ----D---- C:\ProgramData\Microsoft Help
2017-12-13 07:17:30 ----D---- C:\Windows\system32\catroot2
2017-12-08 07:30:35 ----D---- C:\Windows\SYSWOW64\migration
2017-12-08 07:30:35 ----D---- C:\Program Files\Windows Media Player
2017-12-08 07:30:35 ----D---- C:\Program Files (x86)\Windows Media Player
2017-12-08 07:30:26 ----D---- C:\Windows\system32\migration
2017-12-08 07:30:26 ----D---- C:\Windows\system32\drivers\en-US
2017-12-08 07:30:13 ----D---- C:\Windows\AppPatch
2017-12-08 07:30:12 ----D---- C:\Windows\system32\Boot
2017-12-08 07:30:08 ----D---- C:\Windows\system32\DriverStore
2017-12-08 07:06:11 ----D---- C:\Windows\system32\appraiser
2017-12-07 14:19:08 ----HD---- C:\ProgramData
2017-12-07 11:04:54 ----RD---- C:\Program Files (x86)
2017-12-07 11:04:54 ----D---- C:\ProgramData\Skype

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2015-12-09 324408]
R1 TmLwf;Trend Micro NDIS 6.0 Filter Driver; C:\Windows\system32\DRIVERS\tmlwf.sys [2015-06-16 157432]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2013-06-18 109080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2015-12-09 119096]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2015-12-09 78136]
R2 TmFilter;Trend Micro Filter; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [2015-07-02 368392]
R2 TmPreFilter;Trend Micro PreFilter; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [2015-07-02 44808]
R2 tmWfp;Trend Micro WFP Callout Driver; C:\Windows\system32\DRIVERS\tmwfp.sys [2015-06-16 290296]
R2 VSApiNt;Trend Micro VSAPI NT; \??\C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2015-07-02 2384136]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys [2006-11-22 107008]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-21 316080]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-11 2676328]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-22 56600]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2011-12-27 40248]
R3 tmeevw;tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [2015-06-08 116576]
R3 tmusa;Trend Micro Osprey Driver; C:\Windows\system32\DRIVERS\tmusa.sys [2015-06-22 116536]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2009-09-24 41536]
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tmnciesc;tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [2015-05-28 416608]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 Wibukey2_64;Wibukey2_64; C:\Windows\system32\drivers\wibukey2_64.sys [2006-11-09 16896]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Lotus Notes Diagnostics;Služba NSD (Lotus Notes Diagnostics); C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe [2010-08-11 3417480]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe [2010-08-11 58760]
R2 ntrtscan;OfficeScan NT RealTime Scan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [2015-12-24 5269056]
R2 OracleOraClient12Home1MTSRecoveryService;OracleOraClient12Home1MTSRecoveryService; C:\app\jhaluzova\product\12.1.0\client_1\bin\omtsreco.exe [2013-06-28 59904]
R2 PDF Architect 4 Creator;PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [2016-08-05 851168]
R2 PDF Architect 4 Manager;PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [2016-05-18 972056]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-12-03 743688]
R2 tmlisten;OfficeScan NT Listener; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [2015-12-24 5229232]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
R3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
R3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE [2015-03-13 63744]
R3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2017-08-16 23928]
R3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [2015-12-28 592952]
R3 tmccsf;OfficeScan Common Client Solution Framework; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [2015-12-24 728024]
R3 TmPfw;OfficeScan NT Firewall; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPfw.exe [2015-05-14 601360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MSSQL$CADMAN;SQL Server (CADMAN); C:\SQLEXPRESS\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-11-14 116224]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PDF Architect 4 CrashHandler;PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [2016-08-05 1038048]
S3 PDF Architect 4;PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2016-08-05 2438880]
S3 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE [2015-03-13 186624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-03 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-05-24 325504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-05-24 2593664]
S4 WkSvw32.exe;WIBU-KEY Server; C:\Program Files (x86)\WIBUKEY\Server\WkSvw32.exe [2006-11-22 577536]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Re: Spomalený rozbeh, mrzne

Napsal: 05 led 2018 13:36
od Rudy
OK. Nastala nějaká změna k lepšímu?

Re: Spomalený rozbeh, mrzne

Napsal: 05 led 2018 14:39
od Juraj1973
Celkové "chovanie" PC sa určite zlepšilo.. už sa mi nestalo že by nenabehol vôbec.. zapína sa síce na môj vkus dosť dlho ale už má určite čo to "za sebou", no nie je to také nekonečno ako pred tým.

Ďakujem veľmi pekne !!

Re: Spomalený rozbeh, mrzne

Napsal: 05 led 2018 15:17
od Rudy
Nemáte zač. Zkuste ještě defragmentovat disk.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz