Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

procesor 100%

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
kurtkombajn
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 11 kvě 2016 01:14

procesor 100%

#1 Příspěvek od kurtkombajn »

Logfile of random's system information tool 1.16 (written by random/random)
Run by Simona at 2018-05-01 09:27:43
Microsoft Windows 10 Home
System drive C: has 230 GB (49%) free of 467 GB
Total RAM: 3978 MB (28% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:27:54, on 01.05.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Users\Simona\Downloads\Dell-Touchpad-Driver_YYK15_WIN_19.2.17.64_A10_02.EXE
C:\Users\Simona\Downloads\Dell-Touchpad-Driver_YYK15_WIN_19.2.17.64_A10_02.EXE
C:\ProgramData\DELL\drivers\20a7ae60-d849-48b2-8c58-8407edb2184f\Synaptics_v19_2_17_64__C__x86-x64__Win7_Win8_Win81_Win10__Signed__MUP__DellWPF.exe
C:\Program Files\trend micro\Simona_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
O4 - HKLM\..\Run: [WAHELPER.EXE] "C:\Program Files\WinArchiver\WAHELPER.EXE"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [BingSvc] C:\Users\Simona\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Simona\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [Spotify] C:\Users\Simona\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Simona\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service: Dell Data Vault Collector (DDVDataCollector) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves System Service (WavesSysSvc) - Unknown owner - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WinArchiver Service - Unknown owner - C:\Program Files\WinArchiver\WAService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12736 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\Program Files\WinArchiver\WAService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e79d0f9a-999d-43f3-80f5-ef81f5cc929c -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c4cea15c-4e02-4a92-a265-2be16ff1fb13 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-37cacb86-13ee-4089-ac1b-4ecce94d7b8f -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-41dca4df-311b-4e78-b624-ab3abe9fad3a -LifetimeId:850150e1-589b-4d0a-9ff6-b4186860c816 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SensrSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe"
"C:\Program Files (x86)\Dell Customer Connect\DCCService.exe"
"C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Dell Update\DellUpService.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Dell Update\DellUpTray.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SEMgrSvc
"C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE" C:\Users\Simona
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Simona\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Simona\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.139 --initial-client-data=0x1d0,0x1d4,0x1d8,0x1cc,0x1dc,0x7fff738f3218,0x7fff738f3228,0x7fff738f3238
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7020 --on-initialized-event-handle=652 --parent-handle=656 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=933CEB4E21A14DF44F8E13508C80FD07 --mojo-platform-channel-handle=1396 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=6827DF113FD07B780BE3600EDB820647 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=6827DF113FD07B780BE3600EDB820647 --renderer-client-id=3 --mojo-platform-channel-handle=2428 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=3D6911D75B5D03E562FD4259B5C14FD8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=3D6911D75B5D03E562FD4259B5C14FD8 --renderer-client-id=4 --mojo-platform-channel-handle=2464 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=82FDA7DC221937EA32374784EAB24D59 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=82FDA7DC221937EA32374784EAB24D59 --renderer-client-id=7 --mojo-platform-channel-handle=3328 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=90C2CEF33DFE4947B47C81DF31C52FC7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=90C2CEF33DFE4947B47C81DF31C52FC7 --renderer-client-id=14 --mojo-platform-channel-handle=6300 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=D6EBE0672DE94C5F60402A91D9B209AB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D6EBE0672DE94C5F60402A91D9B209AB --renderer-client-id=12 --mojo-platform-channel-handle=6312 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=E7D8EC6E9B2542F1E39819EE0E732F29 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=E7D8EC6E9B2542F1E39819EE0E732F29 --renderer-client-id=15 --mojo-platform-channel-handle=6404 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=13681680F82C3690CCD845447071A1D1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=13681680F82C3690CCD845447071A1D1 --renderer-client-id=13 --mojo-platform-channel-handle=4736 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=2EF63C7AA53810B3CD925E0CCA157751 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=2EF63C7AA53810B3CD925E0CCA157751 --renderer-client-id=11 --mojo-platform-channel-handle=7564 /prefetch:1
"C:\Users\Simona\Downloads\Dell-Touchpad-Driver_YYK15_WIN_19.2.17.64_A10_02.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=A553DAB4235877BCED33F713F50D3636 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=A553DAB4235877BCED33F713F50D3636 --renderer-client-id=6 --mojo-platform-channel-handle=8216 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=FC8F2EE88CD2F125ACA7E55921BA2A6D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=FC8F2EE88CD2F125ACA7E55921BA2A6D --renderer-client-id=19 --mojo-platform-channel-handle=7768 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=B63C7EADB5469321C26F343F883F73C6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=B63C7EADB5469321C26F343F883F73C6 --renderer-client-id=17 --mojo-platform-channel-handle=6868 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=88DA20BF5054B2103786F33352EF3A28 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=88DA20BF5054B2103786F33352EF3A28 --renderer-client-id=16 --mojo-platform-channel-handle=9948 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=C391A525CC93BE2F42C2440A64EDC5F8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=C391A525CC93BE2F42C2440A64EDC5F8 --renderer-client-id=10 --mojo-platform-channel-handle=9900 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=CFF0EB1A6D675971428FBCF5DEECAF4F --mojo-platform-channel-handle=10244 /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=5281E41F198B71590E9AE289F0F077E8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=5281E41F198B71590E9AE289F0F077E8 --renderer-client-id=20 --mojo-platform-channel-handle=10572 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=D3F54C166ED28B159D74CFF5DFA033F2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D3F54C166ED28B159D74CFF5DFA033F2 --renderer-client-id=26 --mojo-platform-channel-handle=10500 /prefetch:1
"C:\Users\Simona\Downloads\Dell-Touchpad-Driver_YYK15_WIN_19.2.17.64_A10_02.EXE"
"C:\ProgramData\DELL\drivers\20a7ae60-d849-48b2-8c58-8407edb2184f\Synaptics_v19_2_17_64__C__x86-x64__Win7_Win8_Win81_Win10__Signed__MUP__DellWPF.exe" /E /v"LOGFILE=C:\ProgramData\dell\drivers\20a7ae60-d849-48b2-8c58-8407edb2184f\DUPLogDir\DUP9E85.tmp"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=F2B4C02E9EE71345378D816D2D14B23C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=F2B4C02E9EE71345378D816D2D14B23C --renderer-client-id=28 --mojo-platform-channel-handle=9404 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=B50BCB5A3A6CB79FAEFF870CF5D079A9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=B50BCB5A3A6CB79FAEFF870CF5D079A9 --renderer-client-id=29 --mojo-platform-channel-handle=8904 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=7127AF014FCCA010B1777B295C356081 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=7127AF014FCCA010B1777B295C356081 --renderer-client-id=35 --mojo-platform-channel-handle=11420 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=C7313CDD7EF7F4C38F86B22FFFE13482 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=C7313CDD7EF7F4C38F86B22FFFE13482 --renderer-client-id=38 --mojo-platform-channel-handle=12124 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Simona\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\simplitec Power Suite (Tray).job - C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
C:\WINDOWS\tasks\simplitec Power Suite.job - C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe -task
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\AdobeGCInvoker-1.0-MicrosoftAccount-kozlovasimona@hotmail.com - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
C:\WINDOWS\system32\tasks\Dell SupportAssistAgent AutoUpdate - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe AutoUpdate
C:\WINDOWS\system32\tasks\GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe /prepare
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-1845321611-535337565-3413128556-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\PCDDataUploadTask - "uaclauncher.exe" -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait
C:\WINDOWS\system32\tasks\RtHDVBg_PushButton - "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
C:\WINDOWS\system32\tasks\simplitec Power Suite - C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe -task
C:\WINDOWS\system32\tasks\simplitec Power Suite (Tray) - C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\tasks\SystemToolsDailyTest - "uaclauncher.exe" -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{E9D29D4A-7331-4EDF-A4DF-21C3CAF14F69} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{3D51994C-471B-444D-8D27-9079CBF81F6D} - C:\Windows\system32\pcalua.exe -a E:\Sims2SP2_Uninst.exe -d E:\
C:\WINDOWS\system32\tasks\{6AB44BD6-3765-4799-8EA2-F0CA2F3B900B} - C:\Windows\system32\pcalua.exe -a E:\eauninstall.exe -d E:\
C:\WINDOWS\system32\tasks\{8DC1705F-89CF-44C7-91C0-0D181D43FF35} - C:\Windows\system32\pcalua.exe -a C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction\TS2Sampler_Install.exe -d C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Recovery-Check - %SystemRoot%\System32\dsregcmd.exe /checkrecovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WaaSMedic\PerformRemediation - %systemroot%\System32\WaaSMedic.exe None
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr - %windir%\System32\UNP\UpdateNotificationMgr.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\LoginCheck - %windir%\system32\sc.exe start pushtoinstall login
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\Registration - %windir%\system32\sc.exe start pushtoinstall registration
C:\WINDOWS\system32\tasks\Microsoft\Windows\Printing\EduPrintProv - %windir%\system32\eduprintprov.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Chkdsk\SyspartRepair - %windir%\system32\bcdboot.exe %windir% /sysrepair
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload
C:\WINDOWS\system32\tasks\Dell\Dell Product Registration - C:\Program Files (x86)\Dell Product Registration\prodreg.exe /boot /LSRC=autolaunch
C:\WINDOWS\system32\tasks\Dell\Dell Product Registration Update - C:\Program Files (x86)\Dell Product Registration\prodreg.exe /updatecheck /LSRC=autolaunch

=========Google Chrome=========

C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cjpalhdlnbpafiamejdnhcphjbkeiagm 1 uBlock Origin 1.16.2
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 1.0.0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 1 Skype 10.2.0.9950
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.7
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6618.312.0.2
Homepage: http://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0E2CF617-77F6-49DC-BC37-0EEBAC3740B9}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0E2CF617-77F6-49DC-BC37-0EEBAC3740B9}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=DCJB


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0E2CF617-77F6-49DC-BC37-0EEBAC3740B9}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0E2CF617-77F6-49DC-BC37-0EEBAC3740B9}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=DCJB

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15 229040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\MICROS~1\Office15\GROOVEEX.DLL [2017-02-23 2351920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25 1056992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-25 163536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files (x86)\MICROS~1\Office15\GROOVEEX.DLL [2017-02-23 1743664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25 1056992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-08-04 8512760]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-08-04 1411320]
"QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2014-02-27 3775816]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05 315880]
"MouseDriver"=TiltWheelMouse.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Users\Simona\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"OneDrive"=C:\Users\Simona\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-03-20 1559200]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2018-03-27 1462184]
"Spotify"=C:\Users\Simona\AppData\Roaming\Spotify\Spotify.exe [2018-04-10 22454160]
"Spotify Web Helper"=C:\Users\Simona\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-04-10 782736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DropboxOEM"=C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-02 462160]
"WAHELPER.EXE"=C:\Program Files\WinArchiver\WAHELPER.EXE [2015-08-16 504632]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-03-27 2404952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-05-01 09:27:43 ----D---- C:\rsit
2018-05-01 09:27:43 ----D---- C:\Program Files\trend micro
2018-05-01 09:06:12 ----D---- C:\ProgramData\F-Secure
2018-05-01 08:22:01 ----D---- C:\WINDOWS\LastGood.Tmp
2018-04-30 22:35:19 ----D---- C:\Program Files\VS Revo Group
2018-04-30 22:10:05 ----D---- C:\AdwCleaner
2018-04-06 19:15:07 ----D---- C:\Program Files (x86)\Dell Update
2018-04-04 18:31:29 ----D---- C:\found.000

====== List of files/folders modified in the last 1 month ======

2018-05-01 09:27:43 ----RD---- C:\Program Files
2018-05-01 09:27:27 ----D---- C:\WINDOWS\Prefetch
2018-05-01 09:16:30 ----D---- C:\WINDOWS\system32\drivers
2018-05-01 09:14:58 ----D---- C:\WINDOWS\Temp
2018-05-01 09:07:09 ----D---- C:\WINDOWS\system32\catroot2
2018-05-01 09:06:12 ----HD---- C:\ProgramData
2018-05-01 08:59:37 ----D---- C:\Users\Simona\AppData\Roaming\Skype
2018-05-01 08:58:39 ----AD---- C:\Program Files (x86)\Dell Backup and Recovery
2018-05-01 08:45:55 ----D---- C:\WINDOWS\DeliveryOptimization
2018-05-01 08:40:58 ----D---- C:\WINDOWS\System32
2018-05-01 08:40:34 ----D---- C:\Windows
2018-05-01 08:39:21 ----D---- C:\WINDOWS\system32\sru
2018-05-01 08:22:06 ----D---- C:\WINDOWS\SysWOW64
2018-05-01 08:21:56 ----D---- C:\WINDOWS\INF
2018-05-01 08:21:48 ----D---- C:\WINDOWS\system32\DriverStore
2018-05-01 08:18:53 ----D---- C:\WINDOWS\system32\Tasks
2018-04-30 22:49:54 ----SHD---- C:\System Volume Information
2018-04-30 22:43:42 ----RD---- C:\Program Files (x86)
2018-04-30 22:22:17 ----D---- C:\WINDOWS\system32\config
2018-04-30 22:14:06 ----D---- C:\WINDOWS\WinSxS
2018-04-30 22:13:40 ----D---- C:\WINDOWS\Logs
2018-04-30 16:45:54 ----RD---- C:\WINDOWS\Microsoft.NET
2018-04-30 16:34:44 ----D---- C:\ProgramData\PCDr
2018-04-30 16:30:32 ----D---- C:\Users\Simona\AppData\Roaming\Spotify
2018-04-30 16:26:32 ----HD---- C:\Program Files\WindowsApps
2018-04-30 16:26:30 ----D---- C:\WINDOWS\AppReadiness
2018-04-30 06:46:44 ----D---- C:\WINDOWS\system32\SleepStudy
2018-04-30 06:34:14 ----D---- C:\WINDOWS\system32\LogFiles
2018-04-29 12:39:49 ----D---- C:\WINDOWS\system32\drivers\wd
2018-04-29 12:25:03 ----SHD---- C:\WINDOWS\Installer
2018-04-29 12:25:01 ----SHD---- C:\Config.Msi
2018-04-29 12:25:01 ----D---- C:\ProgramData\Skype
2018-04-29 12:24:36 ----RD---- C:\Program Files (x86)\Skype
2018-04-29 12:24:34 ----D---- C:\Program Files (x86)\Common Files
2018-04-23 20:14:55 ----D---- C:\WINDOWS\Minidump
2018-04-23 18:45:20 ----D---- C:\WINDOWS\CbsTemp
2018-04-23 16:23:48 ----D---- C:\WINDOWS\LiveKernelReports
2018-04-11 20:58:57 ----D---- C:\Program Files (x86)\McAfee
2018-04-11 20:58:50 ----D---- C:\Program Files\TrueKey
2018-04-10 21:21:55 ----D---- C:\WINDOWS\system32\MRT
2018-04-10 21:12:45 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-10 21:12:34 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-04-09 19:13:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-06 20:33:09 ----D---- C:\ProgramData\Package Cache
2018-04-06 20:32:54 ----AD---- C:\Program Files (x86)\Garmin
2018-04-06 20:32:33 ----D---- C:\ProgramData\Garmin
2018-04-06 19:39:20 ----D---- C:\ProgramData\Microsoft Help
2018-04-06 19:33:48 ----A---- C:\WINDOWS\win.ini
2018-04-06 19:33:03 ----RSD---- C:\WINDOWS\assembly
2018-04-06 19:10:46 ----D---- C:\WINDOWS\system32\NDF
2018-04-03 21:37:46 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 BTATH_BUS;@oem154.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\WINDOWS\system32\DRIVERS\stdcfltn.sys [2012-07-14 22168]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 MpKsl6d78e5e5;MpKsl6d78e5e5; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4B5C756A-E700-414A-81BB-860AA3EC348D}\MpKsl6d78e5e5.sys [2018-05-01 58120]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-01-01 385024]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2017-09-29 4233728]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-14 610336]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2017-09-29 105472]
R3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 DDDriver;DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [2017-12-14 41608]
R3 DellProf;DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [2017-12-14 41208]
R3 DellRbtn;@oem96.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2013-01-25 10752]
R3 dtlitescsibus;@oem141.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-05 30264]
R3 iaioi2c;@oem69.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2013-11-11 67584]
R3 iwdbus;@oem162.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
R3 SensorsHIDClassDriver;@SensorsHidClassDriver.inf,%WudfSensorsHIDClassDriverDisplayName%;UMDF Reflector service for Sensors HID Class Driver; C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-09-29 259584]
R3 ST_Accel;@oem15.inf,%ST_Accel.SVCDESC%;STMicroelectronics Accelerometer Service; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [2013-11-21 83968]
R3 SynRMIHID;@oem174.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [2017-12-19 66104]
R3 SynTP;@oem175.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2017-12-19 683064]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-11-19 1015296]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [2017-09-29 28160]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys []
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2018-01-01 192512]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-09-29 1849752]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 RSUSBSTOR;@oem153.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-03-14 771672]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-01-05 2319848]
R2 CDPUserSvc_330e0c;Uživatelská služba platformy připojených zařízení_330e0c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DDVCollectorSvcApi;Dell Data Vault Service API; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [2017-12-14 208792]
R2 DDVRulesProcessor;Dell Data Vault Processor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [2017-12-14 217488]
R2 Dell Customer Connect;Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [2016-12-21 130936]
R2 DellDigitalDelivery;Dell Digital Delivery Service; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2015-03-16 237448]
R2 DellUpdate;Dell Update Service; C:\Program Files (x86)\Dell Update\DellUpService.exe [2018-03-27 237016]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2018-03-27 1175056]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-04 337888]
R2 OneSyncSvc_330e0c;Hostitel synchronizace_330e0c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-01-01 519152]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2016-01-04 2065808]
R2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2018-02-14 41432]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2017-12-19 265784]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-11-19 43648]
R3 PimIndexMaintenanceSvc_330e0c;Data kontaktů_330e0c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 DDVDataCollector;Dell Data Vault Collector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [2017-12-14 3294608]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; %SystemRoot%\system32\svchost.exe -k appmodel -p;"ServiceDll" = %SystemRoot%\system32\CapabilityAccessManager.dll
S3 DellProdRegManager;Dell Product Registration Manager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [2014-10-31 278568]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_330e0c;Tok zařízení_330e0c; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k diagnostics;"ServiceDll" = %systemroot%\system32\DiagSvc.dll
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k GraphicsPerfSvcGroup;"ServiceDll" = %SystemRoot%\System32\GraphicsPerfSvc.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\InstallService.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_330e0c;Služba zasílání zpráv_330e0c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; %SystemRoot%\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = %SystemRoot%\System32\PrintWorkflowService.dll
S3 PrintWorkflowUserSvc_330e0c;PrintWorkflow_330e0c; C:\WINDOWS\system32\svchost.exe -k PrintWorkflow;"ServiceDll" =
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\PushToInstall.dll
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\SharedRealitySvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: procesor 100%

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

kurtkombajn
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 11 kvě 2016 01:14

Re: procesor 100%

#3 Příspěvek od kurtkombajn »

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-04-30.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-01-2018
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted MSN Homepage & Bing Search Engine

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: procesor 100%

#4 Příspěvek od Rudy »

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

kurtkombajn
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 11 kvě 2016 01:14

Re: procesor 100%

#5 Příspěvek od kurtkombajn »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.04.2018
Ran by Simona (administrator) on ANOMIS (01-05-2018 18:40:40)
Running from C:\Users\Simona\Desktop
Loaded Profiles: Simona (Available Profiles: Simona)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\WinArchiver\WAService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(forum.viry.cz) C:\Users\Simona\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [WAHELPER.EXE] => C:\Program Files\WinArchiver\WAHELPER.EXE [504632 2015-08-16] (Power Software Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [BingSvc] => C:\Users\Simona\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1462184 2018-03-27] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [Spotify] => C:\Users\Simona\AppData\Roaming\Spotify\Spotify.exe [22454160 2018-04-10] (Spotify Ltd)
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [Spotify Web Helper] => C:\Users\Simona\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-04-10] (Spotify Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1462184 2018-03-27] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{ec5c62b1-0bb3-4914-ae67-eb1ab29d8137}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-1845321611-535337565-3413128556-1001 -> DefaultScope {0E2CF617-77F6-49DC-BC37-0EEBAC3740B9} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-25] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security)

FireFox:
========
FF DefaultProfile: 8lshsdyd.default
FF ProfilePath: C:\Users\Simona\AppData\Roaming\Mozilla\Firefox\Profiles\8lshsdyd.default [2017-04-30]
FF Homepage: Mozilla\Firefox\Profiles\8lshsdyd.default -> hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
FF Extension: (Autofill Forms) - C:\Users\Simona\AppData\Roaming\Mozilla\Firefox\Profiles\8lshsdyd.default\Extensions\autofillForms@blueimp.net.xpi [2015-12-11] [Legacy]
FF Extension: (Bing Search) - C:\Users\Simona\AppData\Roaming\Mozilla\Firefox\Profiles\8lshsdyd.default\Extensions\bingsearch.full@microsoft.com [2018-04-30] [Legacy] [not signed]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] [Legacy]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default [2018-05-01]
CHR Extension: (Prezentace) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (uBlock Origin) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-04-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Bing) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-05-01]
CHR Extension: (Tabulky) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Skype) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Gmail) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-30]
CHR HKU\S-1-5-21-1845321611-535337565-3413128556-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1175056 2018-03-27] (Garmin Ltd. or its subsidiaries)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-04] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2018-02-14] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2018-03-29] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-03-29] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-03-29] (McAfee, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-29] (Microsoft Corporation)
R2 WinArchiver Service; C:\Program Files\WinArchiver\WAService.exe [257336 2015-08-16] ()
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-29] (Microsoft Corporation)
S2 WavesSysSvc; "C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-10-05] (Disc Soft Ltd)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (STMicroelectronics)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-04-01] (Intel Corporation)
R0 waemu; C:\WINDOWS\System32\Drivers\waemu.sys [142096 2015-08-16] (Power Software Ltd)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-04-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313888 2018-04-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-29] (Microsoft Corporation)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-01 18:40 - 2018-05-01 18:42 - 000020646 _____ C:\Users\Simona\Desktop\FRST.txt
2018-05-01 18:36 - 2018-05-01 18:36 - 000112640 _____ (forum.viry.cz) C:\Users\Simona\Desktop\FRSTLauncher.exe
2018-05-01 18:26 - 2018-05-01 18:26 - 000112640 _____ (forum.viry.cz) C:\Users\Simona\Downloads\Nepotvrzeno 792067.crdownload
2018-05-01 18:22 - 2018-05-01 18:40 - 000000000 ____D C:\FRST
2018-05-01 18:20 - 2018-05-01 18:20 - 002405888 _____ (Farbar) C:\Users\Simona\Desktop\FRST64.exe
2018-05-01 12:35 - 2018-05-01 12:39 - 000799572 _____ C:\WINDOWS\Minidump\050118-39453-01.dmp
2018-05-01 12:35 - 2018-05-01 12:35 - 464191364 _____ C:\WINDOWS\MEMORY.DMP
2018-05-01 09:27 - 2018-05-01 09:28 - 000000000 ____D C:\rsit
2018-05-01 09:27 - 2018-05-01 09:27 - 000000000 ____D C:\Program Files\trend micro
2018-05-01 09:26 - 2018-05-01 09:26 - 001329152 _____ C:\Users\Simona\Downloads\RSITx64.exe
2018-05-01 09:06 - 2018-05-01 12:35 - 000000000 ____D C:\Users\Simona\AppData\Local\FSDART
2018-05-01 09:06 - 2018-05-01 09:16 - 000000000 ____D C:\ProgramData\F-Secure
2018-05-01 09:06 - 2018-05-01 09:06 - 000524248 _____ (F-Secure Corporation) C:\Users\Simona\Downloads\F-SecureOnlineScanner.exe
2018-05-01 09:06 - 2018-05-01 09:06 - 000000000 ____D C:\Users\Simona\AppData\Local\F-Secure
2018-05-01 08:36 - 2018-05-01 08:37 - 063942432 _____ (Dell Inc.) C:\Users\Simona\Downloads\Dell-Touchpad-Driver_YYK15_WIN_19.2.17.64_A10_02.EXE
2018-05-01 08:35 - 2018-05-01 08:36 - 023352576 _____ (Igor Pavlov) C:\Users\Simona\Downloads\3147A12.exe
2018-05-01 08:34 - 2018-05-01 08:34 - 002219736 _____ (Dell Inc) C:\Users\Simona\Downloads\aulauncher.exe
2018-05-01 08:22 - 2018-05-01 08:22 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-04-30 22:49 - 2018-04-30 22:49 - 001790024 _____ (Malwarebytes) C:\Users\Simona\Downloads\JRT.exe
2018-04-30 22:48 - 2018-04-30 22:49 - 005659794 _____ (Swearware) C:\Users\Simona\Downloads\ComboFix.exe
2018-04-30 22:35 - 2018-04-30 22:35 - 000001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-04-30 22:35 - 2018-04-30 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-04-30 22:35 - 2018-04-30 22:35 - 000000000 ____D C:\Program Files\VS Revo Group
2018-04-30 22:34 - 2018-04-30 22:34 - 007197480 _____ (VS Revo Group ) C:\Users\Simona\Downloads\revosetup.exe
2018-04-30 22:33 - 2018-04-30 22:33 - 074520496 _____ (Malwarebytes ) C:\Users\Simona\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4922.exe
2018-04-30 22:10 - 2018-04-30 22:11 - 000000000 ____D C:\AdwCleaner
2018-04-30 22:09 - 2018-04-30 22:09 - 007271632 _____ (Malwarebytes) C:\Users\Simona\Downloads\AdwCleaner.exe
2018-04-29 12:24 - 2018-04-29 12:24 - 000002658 _____ C:\Users\Public\Desktop\Skype.lnk
2018-04-29 12:24 - 2018-04-29 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-04-14 19:37 - 2018-04-14 19:51 - 1687515136 _____ C:\Users\Simona\Downloads\Czech Made Man (2011).avi
2018-04-06 20:32 - 2018-04-06 20:32 - 000001965 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2018-04-06 20:32 - 2018-04-06 20:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-04-06 19:55 - 2018-04-06 20:02 - 733956096 _____ C:\Users\Simona\Downloads\Pane, vy jste vdova! (1970) CZ.avi
2018-04-06 19:54 - 2018-04-06 20:15 - 2095370520 _____ C:\Users\Simona\Downloads\Divočina [Wild] (2014) HD 720p CZ dabing.avi
2018-04-06 19:15 - 2018-04-06 19:15 - 000000000 ____D C:\Program Files (x86)\Dell Update
2018-04-04 18:31 - 2018-04-04 18:31 - 000000000 ____D C:\found.000

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-01 18:27 - 2014-11-01 19:37 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-05-01 18:17 - 2017-11-20 14:53 - 000000000 ____D C:\Users\Simona
2018-05-01 18:17 - 2016-03-28 05:15 - 000000000 __SHD C:\Users\Simona\IntelGraphicsProfiles
2018-05-01 18:16 - 2017-11-20 15:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-01 18:16 - 2017-11-20 14:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-01 16:48 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-01 16:47 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-01 16:47 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-01 16:38 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-01 12:40 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-01 12:35 - 2017-11-28 13:17 - 000000000 ____D C:\WINDOWS\Minidump
2018-05-01 08:59 - 2015-08-28 16:01 - 000000000 ____D C:\Users\Simona\AppData\Roaming\Skype
2018-05-01 08:21 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-04-30 22:43 - 2016-01-17 06:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2018-04-30 21:58 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-30 16:48 - 2016-03-19 01:49 - 000000000 ____D C:\Users\Simona\AppData\Local\Spotify
2018-04-30 16:34 - 2014-11-01 19:31 - 000000000 ____D C:\ProgramData\PCDr
2018-04-30 16:30 - 2016-03-19 01:49 - 000000000 ____D C:\Users\Simona\AppData\Roaming\Spotify
2018-04-29 12:39 - 2018-02-26 12:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-04-29 12:35 - 2015-03-02 09:59 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-04-29 12:35 - 2015-03-02 09:59 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-04-29 12:25 - 2015-08-28 16:00 - 000000000 ____D C:\ProgramData\Skype
2018-04-29 12:24 - 2015-08-28 16:00 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-04-11 20:58 - 2016-12-15 16:46 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-04-11 20:58 - 2016-12-15 16:37 - 000000000 ____D C:\Program Files\TrueKey
2018-04-10 21:21 - 2015-03-02 18:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-10 21:12 - 2017-10-11 05:08 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-10 21:12 - 2015-03-02 18:19 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-09 19:13 - 2017-11-20 15:19 - 006966996 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-09 19:13 - 2017-09-30 16:31 - 003433838 _____ C:\WINDOWS\system32\perfh005.dat
2018-04-09 19:13 - 2017-09-30 16:31 - 000948040 _____ C:\WINDOWS\system32\perfc005.dat
2018-04-06 20:33 - 2015-06-29 16:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-04-06 20:32 - 2017-11-20 15:23 - 000003622 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2018-04-06 20:32 - 2015-06-29 16:56 - 000000000 ____D C:\ProgramData\Garmin
2018-04-06 20:32 - 2015-06-29 16:55 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-04-06 19:40 - 2015-02-28 14:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-04-06 19:33 - 2013-08-22 15:25 - 000000199 _____ C:\WINDOWS\win.ini
2018-04-06 19:15 - 2014-11-01 19:31 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-04-06 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-04-03 21:37 - 2017-12-14 15:39 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-04-03 21:37 - 2017-12-14 15:39 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-09-27 15:36 - 2017-07-25 05:07 - 000000600 _____ () C:\Users\Simona\AppData\Roaming\winscp.rnd

Some files in TEMP:
====================
2018-04-29 12:16 - 2018-04-29 12:17 - 058834376 _____ (Skype Technologies S.A.) C:\Users\Simona\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Simona\Desktop" je 80957 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================
Přílohy
Addition.zip
(6.77 KiB) Staženo 59 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: procesor 100%

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [BingSvc] => C:\Users\Simona\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
C:\Users\Simona\AppData\Local\Microsoft\BingSvc
SearchScopes: HKU\S-1-5-21-1845321611-535337565-3413128556-1001 -> DefaultScope {0E2CF617-77F6-49DC-BC37-0EEBAC3740B9} URL =
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__ ... M__&query={searchTerms}
C:\Users\Simona\AppData\Local\Temp
Task: C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => -> No File
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0AAD648C-2E45-4EC2-BDDD-763EDE62195D} - System32\Tasks\{3D51994C-471B-444D-8D27-9079CBF81F6D} => C:\Windows\system32\pcalua.exe -a E:\Sims2SP2_Uninst.exe -d E:\
Task: {10FE8503-2D0A-4433-B9C5-0664200D843A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1741D225-72A6-4C4F-BF17-1D656E6227B9} - System32\Tasks\{8DC1705F-89CF-44C7-91C0-0D181D43FF35} => C:\Windows\system32\pcalua.exe -a C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction\TS2Sampler_Install.exe -d C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction
Task: {196B22B1-85BB-4BF3-8008-D01FB6EBB4D4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {23055A80-2E43-4B06-8276-6ACFC0F5422D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {283F018B-4E2E-4B31-A1A8-99FA4A924ED4} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
Task: {2965A01A-681F-4B16-860F-6472DE534716} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {321EC7CD-104F-4962-B170-6337FB79C4FA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {448745AA-9C4E-4466-9590-23EBCB1109F6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6C6271D4-4C01-4E37-9B93-071212906E5C} - System32\Tasks\{6AB44BD6-3765-4799-8EA2-F0CA2F3B900B} => C:\Windows\system32\pcalua.exe -a E:\eauninstall.exe -d E:\
Task: {7405D5D1-532F-44C7-98D7-110FCCCFFD3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {85835B4B-5064-41CF-A68D-560EEA021CA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8BAAF9BD-11A7-4C18-9A39-D13A8880C0E5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8BAE2DBB-8A53-4243-BF5C-0DC7C6DC2B00} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A2D8D9B3-0BE7-4F2E-AE92-41982CB8132C} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: {A3F27BEA-CE0B-40BB-BA76-EF5A0844611D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B0868ACF-525C-4056-984F-52DF46930D55} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BEEB6492-512B-405A-B564-7F4F2831DF98} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C8C3098C-F988-4E9F-98C6-E53C2C0367F9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F6FDC659-5770-431B-8E04-FA86F44D46D7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:
Velikost slozky "C:\Users\Simona\Desktop" je 80957 MB.
To je příliš mnoho a může to způsobovat zpomalený start systému. Vytvořte v C:\Users\Simona novou složku, do níž přesuňte všechna data z plochy. Na plochu si pak dejte zástupce té složky pro snazší přístup.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

kurtkombajn
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 11 kvě 2016 01:14

Re: procesor 100%

#7 Příspěvek od kurtkombajn »

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.05.2018
Ran by Simona (06-05-2018 17:20:58) Run:1
Running from C:\Users\Simona\Desktop
Loaded Profiles: Simona (Available Profiles: Simona)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [BingSvc] => C:\Users\Simona\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (� 2015 Microsoft Corporation)
C:\Users\Simona\AppData\Local\Microsoft\BingSvc
SearchScopes: HKU\S-1-5-21-1845321611-535337565-3413128556-1001 -> DefaultScope {0E2CF617-77F6-49DC-BC37-0EEBAC3740B9} URL =
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__ ... M__&query={searchTerms}
C:\Users\Simona\AppData\Local\Temp
Task: C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => -> No File
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0AAD648C-2E45-4EC2-BDDD-763EDE62195D} - System32\Tasks\{3D51994C-471B-444D-8D27-9079CBF81F6D} => C:\Windows\system32\pcalua.exe -a E:\Sims2SP2_Uninst.exe -d E:\
Task: {10FE8503-2D0A-4433-B9C5-0664200D843A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1741D225-72A6-4C4F-BF17-1D656E6227B9} - System32\Tasks\{8DC1705F-89CF-44C7-91C0-0D181D43FF35} => C:\Windows\system32\pcalua.exe -a C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction\TS2Sampler_Install.exe -d C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction
Task: {196B22B1-85BB-4BF3-8008-D01FB6EBB4D4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {23055A80-2E43-4B06-8276-6ACFC0F5422D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {283F018B-4E2E-4B31-A1A8-99FA4A924ED4} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
Task: {2965A01A-681F-4B16-860F-6472DE534716} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {321EC7CD-104F-4962-B170-6337FB79C4FA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {448745AA-9C4E-4466-9590-23EBCB1109F6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6C6271D4-4C01-4E37-9B93-071212906E5C} - System32\Tasks\{6AB44BD6-3765-4799-8EA2-F0CA2F3B900B} => C:\Windows\system32\pcalua.exe -a E:\eauninstall.exe -d E:\
Task: {7405D5D1-532F-44C7-98D7-110FCCCFFD3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {85835B4B-5064-41CF-A68D-560EEA021CA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8BAAF9BD-11A7-4C18-9A39-D13A8880C0E5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8BAE2DBB-8A53-4243-BF5C-0DC7C6DC2B00} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A2D8D9B3-0BE7-4F2E-AE92-41982CB8132C} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: {A3F27BEA-CE0B-40BB-BA76-EF5A0844611D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B0868ACF-525C-4056-984F-52DF46930D55} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BEEB6492-512B-405A-B564-7F4F2831DF98} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C8C3098C-F988-4E9F-98C6-E53C2C0367F9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F6FDC659-5770-431B-8E04-FA86F44D46D7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1845321611-535337565-3413128556-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
C:\Users\Simona\AppData\Local\Microsoft\BingSvc => moved successfully
"HKU\S-1-5-21-1845321611-535337565-3413128556-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully

"C:\Users\Simona\AppData\Local\Temp" folder move:

Could not move "C:\Users\Simona\AppData\Local\Temp" => Scheduled to move on reboot.

C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => moved successfully
C:\WINDOWS\Tasks\simplitec Power Suite.job => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DBARFileBackuped" => removed successfully
HKLM\Software\Classes\CLSID\{831cebdd-6baf-4432-be76-9e0989c14aef} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DBARFileNotBackuped" => removed successfully
HKLM\Software\Classes\CLSID\{275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AAD648C-2E45-4EC2-BDDD-763EDE62195D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AAD648C-2E45-4EC2-BDDD-763EDE62195D}" => removed successfully
C:\WINDOWS\System32\Tasks\{3D51994C-471B-444D-8D27-9079CBF81F6D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3D51994C-471B-444D-8D27-9079CBF81F6D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10FE8503-2D0A-4433-B9C5-0664200D843A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10FE8503-2D0A-4433-B9C5-0664200D843A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1741D225-72A6-4C4F-BF17-1D656E6227B9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1741D225-72A6-4C4F-BF17-1D656E6227B9}" => removed successfully
C:\WINDOWS\System32\Tasks\{8DC1705F-89CF-44C7-91C0-0D181D43FF35} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8DC1705F-89CF-44C7-91C0-0D181D43FF35}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{196B22B1-85BB-4BF3-8008-D01FB6EBB4D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{196B22B1-85BB-4BF3-8008-D01FB6EBB4D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23055A80-2E43-4B06-8276-6ACFC0F5422D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23055A80-2E43-4B06-8276-6ACFC0F5422D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{283F018B-4E2E-4B31-A1A8-99FA4A924ED4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{283F018B-4E2E-4B31-A1A8-99FA4A924ED4}" => removed successfully
C:\WINDOWS\System32\Tasks\simplitec Power Suite => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\simplitec Power Suite" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2965A01A-681F-4B16-860F-6472DE534716}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2965A01A-681F-4B16-860F-6472DE534716}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{321EC7CD-104F-4962-B170-6337FB79C4FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{321EC7CD-104F-4962-B170-6337FB79C4FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{448745AA-9C4E-4466-9590-23EBCB1109F6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{448745AA-9C4E-4466-9590-23EBCB1109F6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C6271D4-4C01-4E37-9B93-071212906E5C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C6271D4-4C01-4E37-9B93-071212906E5C}" => removed successfully
C:\WINDOWS\System32\Tasks\{6AB44BD6-3765-4799-8EA2-F0CA2F3B900B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6AB44BD6-3765-4799-8EA2-F0CA2F3B900B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7405D5D1-532F-44C7-98D7-110FCCCFFD3F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7405D5D1-532F-44C7-98D7-110FCCCFFD3F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85835B4B-5064-41CF-A68D-560EEA021CA1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85835B4B-5064-41CF-A68D-560EEA021CA1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BAAF9BD-11A7-4C18-9A39-D13A8880C0E5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BAAF9BD-11A7-4C18-9A39-D13A8880C0E5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BAE2DBB-8A53-4243-BF5C-0DC7C6DC2B00}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BAE2DBB-8A53-4243-BF5C-0DC7C6DC2B00}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A2D8D9B3-0BE7-4F2E-AE92-41982CB8132C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2D8D9B3-0BE7-4F2E-AE92-41982CB8132C}" => removed successfully
C:\WINDOWS\System32\Tasks\simplitec Power Suite (Tray) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\simplitec Power Suite (Tray)" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3F27BEA-CE0B-40BB-BA76-EF5A0844611D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3F27BEA-CE0B-40BB-BA76-EF5A0844611D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0868ACF-525C-4056-984F-52DF46930D55}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0868ACF-525C-4056-984F-52DF46930D55}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEEB6492-512B-405A-B564-7F4F2831DF98}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEEB6492-512B-405A-B564-7F4F2831DF98}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8C3098C-F988-4E9F-98C6-E53C2C0367F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8C3098C-F988-4E9F-98C6-E53C2C0367F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F6FDC659-5770-431B-8E04-FA86F44D46D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6FDC659-5770-431B-8E04-FA86F44D46D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8675328 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45571107 B
Java, Flash, Steam htmlcache => 2130 B
Windows/system/drivers => 6146931 B
Edge => 1429137 B
Chrome => 542062209 B
Firefox => 64824698 B
Opera => 4118896 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 704512 B
NetworkService => 884388 B
Simona => 265948812 B

RecycleBin => 0 B
EmptyTemp: => 896.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-05-2018 17:34:20)

C:\Users\Simona\AppData\Local\Temp => moved successfully

Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.

==== End of Fixlog 17:34:31 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: procesor 100%

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

kurtkombajn
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 11 kvě 2016 01:14

Re: procesor 100%

#9 Příspěvek od kurtkombajn »

Stale 100% , nyni pruzkumnik mel treba 70% ale vetsinou to preskakuje a je to kazdou chvili neco jinyho

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: procesor 100%

#10 Příspěvek od Rudy »

Na zkoušku vypněte aut. aktualizace a zjistěte, zda zátěž poklesla.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět