Prosba o kontrolu LOGu z RSIT - vyskakuje černé okno cmd.exe

[Sully111]

Logfile of random's system information tool 1.16 (written by random/random)
Run by Opra at 2018-06-13 22:32:27
Microsoft Windows 10 Home
System drive C: has 380 GB (40%) free of 953 GB
Total RAM: 8146 MB (64% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:32:49, on 13.6.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Super Ovladac\SOTray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Opra\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Opra\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Users\Opra\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Opra\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
C:\Program Files\trend micro\Opra_RSITx64 (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Ask Shopping Toolbar BHO - {4F524A2D-5637-2D53-4154-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7-SAT\Passport.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll
O3 - Toolbar: Lišta Centrum.cz - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O3 - Toolbar: Ask Toolbar - {4F524A2D-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll" (file missing)
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O3 - Toolbar: Ask Shopping Toolbar - {4F524A2D-5637-2D53-4154-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7-SAT\Passport.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\Opra\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Opra\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Opra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'DefaultAppPool')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'DefaultAppPool')
O4 - Startup: Facebook Gameroom.lnk = Opra\AppData\Local\Facebook\Games\FacebookGameroom.exe
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HP Touchpoint Analytics (HPTouchpointAnalyticsService) - HP Inc. - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service: All History Cleaner Service (HSService) - Unknown owner - C:\Program Files (x86)\All History Cleaner\HSService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH Authentication Agent (ssh-agent) - Unknown owner - C:\WINDOWS\System32\OpenSSH\ssh-agent.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SYSWOW64\VMNAT.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 14051 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k dcomlaunch -p -s DeviceInstall
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\WINDOWS\system32\nvvsvc.exe"
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files (x86)\All History Cleaner\HSService.exe"
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k iissvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
"c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe" -netmsmqactivator
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
C:\WINDOWS\System32\msdtc.exe
"C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\DllHost.exe /Processid:{48DA6741-1BF0-4A44-8325-293086C79077}
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\System32\fontdrvhost.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\sihost.exe
c:\windows\system32\taskhostw.exe
"C:\Program Files (x86)\Super Ovladac\SOTray.exe"
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Users\Opra\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\Opra\AppData\Local\Facebook\Games\FacebookGameroom.exe" fbgames://windows_startup/
C:\Users\Opra\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\Opra\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Users\Opra\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClient.exe"
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
c:\windows\system32\inetsrv\w3wp.exe -ap "DefaultAppPool" -v "v4.0" -l "webengine4.dll" -a \\.\pipe\iisipm55e085dc-e93d-4fef-beef-ecd38ec9439a -h "C:\inetpub\temp\apppools\DefaultAppPool\DefaultAppPool.config" -w "" -m 0 -t 20 -ta 0
C:\Program Files\DriverSetupUtility\FUB\LiveUpdateChecker.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Opra\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Opra\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Opra\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.181 --initial-client-data=0x1e0,0x1e4,0x1e8,0x1dc,0x1ec,0x7ffa38c33218,0x7ffa38c33228,0x7ffa38c33238
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=9940 --on-initialized-event-handle=656 --parent-handle=660 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1320,16307558710344755829,371164378274762098,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=A789E58DEF6BE2CB476F6098F0D3110D --mojo-platform-channel-handle=1336 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1320,16307558710344755829,371164378274762098,131072 --service-pipe-token=8DE0508E278E9B9805A0A60B2C14E7B1 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=8DE0508E278E9B9805A0A60B2C14E7B1 --renderer-client-id=3 --mojo-platform-channel-handle=2880 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1320,16307558710344755829,371164378274762098,131072 --service-pipe-token=438706C5DE50A64E1719D6707F60FA89 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=438706C5DE50A64E1719D6707F60FA89 --renderer-client-id=4 --mojo-platform-channel-handle=3088 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1320,16307558710344755829,371164378274762098,131072 --service-pipe-token=A57CFEEFABA5F9A953D86CB067EB9C6A --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=A57CFEEFABA5F9A953D86CB067EB9C6A --renderer-client-id=5 --mojo-platform-channel-handle=3100 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1320,16307558710344755829,371164378274762098,131072 --service-pipe-token=551EA7C82EAB2778678E921C51252328 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=551EA7C82EAB2778678E921C51252328 --renderer-client-id=6 --mojo-platform-channel-handle=3108 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1320,16307558710344755829,371164378274762098,131072 --service-pipe-token=FA2C43D9673A187D2073D451C5692957 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=FA2C43D9673A187D2073D451C5692957 --renderer-client-id=7 --mojo-platform-channel-handle=3116 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1320,16307558710344755829,371164378274762098,131072 --service-pipe-token=B53C7262C963C2265688081900965F2E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=B53C7262C963C2265688081900965F2E --renderer-client-id=10 --mojo-platform-channel-handle=5724 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x67c
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe169_ Global\UsGthrCtrlFltPipeMssGthrPipe169 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 760 764 772 8192 768
"C:\Users\Opra\Downloads\RSITx64 (1).exe"

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-947716104-2938785294-3829513973-1001Core.job - C:\Users\Opra\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-947716104-2938785294-3829513973-1001UA.job - C:\Users\Opra\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\Communicator.exe
C:\WINDOWS\tasks\HPCeeScheduleForOpra.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForOpra (null)
C:\WINDOWS\system32\tasks\ACC - C:\Program Files\DriverSetupUtility\FUB\FUB_Send.bat
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1ce51a743c728e9 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf4a3cebd14e96 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-947716104-2938785294-3829513973-1001Core - C:\Users\Opra\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-947716104-2938785294-3829513973-1001Core1d25853eef2f3b1 - C:\Users\Opra\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-947716104-2938785294-3829513973-1001UA - C:\Users\Opra\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-947716104-2938785294-3829513973-1001UA1d25853ef2363b5 - C:\Users\Opra\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\HP Photo Creations Communicator - C:\ProgramData\HP Photo Creations\Communicator.exe
C:\WINDOWS\system32\tasks\HPCeeScheduleForOpra - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForOpra (null)
C:\WINDOWS\system32\tasks\HPCustParticipation HP Deskjet 2050 J510 series - "C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe" /UA 9.5 /DDV 0x0800
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-947716104-2938785294-3829513973-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Super Ovladac Schedule - "C:\Program Files (x86)\Super Ovladac\SOTray.exe"
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{2074AD77-4132-40D2-BBB3-D454EF2770D8} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{1CA8A5A3-B1CF-4DDA-BF4C-D3CD764ACA3B} - C:\Windows\system32\pcalua.exe -a D:\autorun.exe -d D:\
C:\WINDOWS\system32\tasks\{5006DD04-1446-4467-B831-9B473EEE76EA} - C:\Windows\system32\pcalua.exe -a "C:\Users\Opra\Desktop\The Walking Dead - Episode 4 CZ.exe" -d C:\Users\Opra\Desktop
C:\WINDOWS\system32\tasks\{73E7B450-6548-45C3-A7D3-B33D54FDDDD4} - C:\Windows\system32\pcalua.exe -a C:\Users\Opra\Downloads\www.INFOEK.cz---The-Walking-Dead-Episode-2---Čeština.exe -d C:\Users\Opra\Desktop
C:\WINDOWS\system32\tasks\{7963E52C-FB35-45AA-8CAE-98320FB84433} - C:\Windows\system32\pcalua.exe -a "C:\Users\Opra\Desktop\The Walking Dead - Episode 5 CZ.exe" -d C:\Users\Opra\Desktop
C:\WINDOWS\system32\tasks\{7BF3CF4C-12DB-4722-9C7B-34172EB69AFC} - C:\Windows\system32\pcalua.exe -a "C:\Users\Opra\Desktop\The Waking Dead - Episode 2 CZ.exe" -d "C:\Program Files (x86)\Skype\Phone"
C:\WINDOWS\system32\tasks\{8275975B-754A-41F3-825C-E644120C11DB} - C:\Windows\system32\pcalua.exe -a "C:\Disk (D)\Pruvodce\unins000.exe" -d "C:\Disk (D)\Pruvodce"
C:\WINDOWS\system32\tasks\{9A9D2B04-A767-47C0-92C6-552E5419F850} - D:\ResidentEvil.exe
C:\WINDOWS\system32\tasks\{B286585E-78ED-4BAD-93AF-578118FDC8CB} - C:\Windows\system32\pcalua.exe -a D:\Setup.exe -d D:\
C:\WINDOWS\system32\tasks\{C0E8DD23-9701-4FCD-8264-FEAC1D70E855} - C:\Windows\system32\pcalua.exe -a "C:\Users\Opra\Desktop\The Walking Dead - Episode 3 CZ.exe" -d C:\Users\Opra\Desktop
C:\WINDOWS\system32\tasks\{D36C3C84-BD16-44D9-B184-6E20D6E2373F} - C:\Windows\system32\pcalua.exe -a C:\Users\Opra\Downloads\The_Kelly_Family_-_The_Complete_Story-DMXCrew.exe -d C:\Users\Opra\Desktop
C:\WINDOWS\system32\tasks\{F871AD5C-FE17-461E-86BF-5692A130450B} - C:\Windows\system32\pcalua.exe -a C:\Instal\CodePad\uninst.exe -d C:\Instal\CodePad
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-947716104-2938785294-3829513973-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Nero\Nero Info - "C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe" -shedul
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Recovery-Check - %SystemRoot%\System32\dsregcmd.exe /checkrecovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Download - %systemroot%\system32\usoclient.exe StartDownload
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr - %windir%\System32\UNP\UpdateNotificationMgr.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\HeadsetButtonPress - %windir%\system32\speech_onecore\common\SpeechRuntime.exe StartedFromTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\LoginCheck - %windir%\system32\sc.exe start pushtoinstall login
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\Registration - %windir%\system32\sc.exe start pushtoinstall registration
C:\WINDOWS\system32\tasks\Microsoft\Windows\Printing\EduPrintProv - %windir%\system32\eduprintprov.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\HelloFace\FODCleanupTask - %WinDir%\System32\WinBioPlugIns\FaceFodUninstaller.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\DirectX\DXGIAdapterCache - %windir%\system32\dxgiadaptercache.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Chkdsk\SyspartRepair - %windir%\system32\bcdboot.exe %windir% /sysrepair
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - c:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task

=========Google Chrome=========

C:\Users\Opra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 1 Seznam doplněk - Email 4.2.4
Extension blmojkbhnkkphngknkmgccmlenfaelkd 0 Seznam doplněk - Esko- 4.2.4
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.20
Extension dbnfnbehhjknomdbfhcobpgpphnlnikp 1 Tipli do prohlížeče 1.6.1
Extension ecmgkhgjmodembdmiimbacpjgcdimiek 1 Plná Peněženka Lištička 4.1.4
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 0.0.0.5
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension iiekfaemafmplemocgimeccahephhdgf 1 VratnePenize.cz Připomínáček 2.0.11.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 1 Skype 10.2.0.9950
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.7
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam doplněk - Esko 4.2.4
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6618.312.0.2
Homepage: https://www.facebook.com/index.php
default_search_provider.search_url:
C:\Users\Opra\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 11.7.700.179 Shockwave Flash C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\PepperFlash\pepflashplayer.dll
Plugin Chrome Remote Desktop Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\pdf.dll
Plugin 7.1.1.1580 Google Earth Plugin C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
Plugin 1.3.21.145 Google Update C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
Plugin 7.17.13.1422 NVIDIA 3D Vision C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin 7.17.13.1422 NVIDIA 3D VISION C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin 2.5.0208.0000 PDF-XChange Viewer C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-2D53-4154-7A786E7484D7}]
Ask Shopping Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7-SAT\Passport_x64.dll [2018-05-08 12360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll [2016-12-12 12352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-2D53-4154-7A786E7484D7}]
Ask Shopping Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7-SAT\Passport.dll [2018-05-08 10824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll [2016-12-12 10816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
{4F524A2D-5637-4300-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport_x64.dll [2016-12-12 12352]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12 1154720]
{4F524A2D-5637-2D53-4154-7A786E7484D7} - Ask Shopping Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7-SAT\Passport_x64.dll [2018-05-08 12360]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
{4F524A2D-5637-4300-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Passport.dll [2016-12-12 10816]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12 1431712]
{4F524A2D-5637-2D53-4154-7A786E7484D7} - Ask Shopping Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7-SAT\Passport.dll [2018-05-08 10824]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-12-09 1803976]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmds.exe [2018-04-19 178496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Opra\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [2018-05-17 601680]
"OneDrive"=C:\Users\Opra\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-06-07 1628840]
"cz.seznam.software.szndesktop"=C:\Users\Opra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2018-05-08 2267720]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-11 766208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]

C:\Users\Opra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Gameroom.lnk - C:\Users\Opra\AppData\Local\Facebook\Games\FacebookGameroom.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-06-13 22:30:03 ----D---- C:\Program Files\trend micro
2018-06-13 22:30:02 ----D---- C:\rsit
2018-05-16 19:25:31 ----D---- C:\Program Files\Common Files\SpeechEngines
2018-05-16 19:24:34 ----AS---- C:\WINDOWS\bootstat.dat
2018-05-16 19:23:36 ----D---- C:\WINDOWS\system32\Microsoft
2018-05-16 19:23:36 ----D---- C:\WINDOWS\ServiceProfiles
2018-05-16 19:20:48 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-05-16 19:20:48 ----A---- C:\WINDOWS\system32\wmp.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-05-16 19:20:35 ----A---- C:\WINDOWS\system32\jscript.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\MixedReality.Broker.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-05-16 19:20:34 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\wininet.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\itss.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-05-16 19:20:31 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\credssp.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\wuapi.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\winload.exe
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\WerFault.exe
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\wer.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\tzres.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\TSpkg.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\tquery.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\shell32.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\rpcss.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\rdpnano.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\oleaut32.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\msxml3.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\mstscax.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\msi.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\credssp.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\comsvcs.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\cdp.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-16 19:20:30 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-05-16 19:16:08 ----D---- C:\ProgramData\Microsoft OneDrive
2018-05-16 19:15:17 ----D---- C:\WINDOWS\SYSWOW64\BestPractices
2018-05-16 19:15:17 ----D---- C:\WINDOWS\system32\msmq
2018-05-16 19:15:17 ----D---- C:\WINDOWS\system32\BestPractices
2018-05-16 19:15:17 ----D---- C:\inetpub
2018-05-16 19:14:46 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2018-05-16 19:14:45 ----D---- C:\Program Files\Reference Assemblies
2018-05-16 19:14:45 ----D---- C:\Program Files\MSBuild
2018-05-16 19:14:45 ----D---- C:\Program Files (x86)\Reference Assemblies
2018-05-16 19:14:45 ----D---- C:\Program Files (x86)\MSBuild
2018-05-16 19:14:20 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2018-05-16 19:14:20 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2018-05-16 19:14:20 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-05-16 19:14:19 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-05-16 19:14:19 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-05-16 19:14:18 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2018-05-16 19:12:50 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-05-16 19:12:50 ----A---- C:\WINDOWS\SYSWOW64\XpsFilt.dll
2018-05-16 19:12:49 ----A---- C:\WINDOWS\SYSWOW64\XPSSHHDR.dll
2018-05-16 19:12:49 ----A---- C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-16 19:12:49 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2018-05-16 19:12:49 ----A---- C:\WINDOWS\system32\XpsFilt.dll
2018-05-16 19:12:24 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2018-05-16 19:12:24 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2018-05-16 19:12:23 ----A---- C:\WINDOWS\system32\prm0009.dll
2018-05-16 19:12:23 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2018-05-16 19:12:23 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2018-05-16 19:09:21 ----SHD---- C:\Recovery
2018-05-16 19:08:54 ----D---- C:\WINDOWS\system32\drivers\wd
2018-05-16 18:50:50 ----ASH---- C:\hiberfil.sys
2018-05-16 18:44:19 ----SD---- C:\Users\Opra\AppData\Roaming\Microsoft
2018-05-16 18:44:19 ----D---- C:\Users\Opra\AppData\Roaming\Media Center Programs
2018-05-16 18:39:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-16 18:38:29 ----D---- C:\ProgramData\USOShared
2018-05-16 18:38:04 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2018-05-16 18:35:35 ----D---- C:\WINDOWS\Prefetch
2018-05-16 18:33:59 ----D---- C:\WINDOWS\system32\SleepStudy
2018-05-16 18:33:53 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-15 11:43:16 ----DC---- C:\WINDOWS\Panther

====== List of files/folders modified in the last 1 month ======

2018-06-13 22:32:14 ----D---- C:\WINDOWS\Temp
2018-06-13 22:30:03 ----RD---- C:\Program Files
2018-06-13 22:26:19 ----D---- C:\ProgramData\updater2
2018-06-13 21:58:05 ----D---- C:\WINDOWS\system32\sru
2018-06-13 20:09:44 ----D---- C:\WINDOWS\system32\catroot2
2018-06-13 20:09:40 ----SHD---- C:\System Volume Information
2018-06-13 20:03:31 ----D---- C:\WINDOWS\INF
2018-06-13 19:15:41 ----D---- C:\WINDOWS\CbsTemp
2018-06-13 18:31:41 ----D---- C:\WINDOWS\Logs
2018-06-12 18:20:58 ----D---- C:\WINDOWS\system32\LogFiles
2018-06-12 13:34:56 ----HD---- C:\Program Files\WindowsApps
2018-06-12 13:34:05 ----RD---- C:\WINDOWS\Microsoft.NET
2018-06-12 12:25:13 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-06-10 15:09:03 ----D---- C:\WINDOWS\AppReadiness
2018-06-09 21:59:07 ----D---- C:\WINDOWS\system32\config
2018-06-07 19:53:51 ----D---- C:\WINDOWS\WinSxS
2018-06-07 19:53:51 ----D---- C:\WINDOWS\SysWOW64
2018-06-07 19:52:56 ----D---- C:\WINDOWS\system32\Tasks
2018-06-06 01:29:25 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-06-05 08:48:39 ----D---- C:\WINDOWS\LiveKernelReports
2018-06-04 21:08:12 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-06-04 21:08:12 ----D---- C:\WINDOWS\System32
2018-06-04 10:26:45 ----D---- C:\Users\Opra\AppData\Roaming\vlc
2018-06-04 09:45:43 ----D---- C:\WINDOWS\Tasks
2018-05-23 21:18:55 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2018-05-18 23:04:23 ----SHD---- C:\WINDOWS\Installer
2018-05-18 23:04:23 ----HD---- C:\Config.Msi
2018-05-18 22:59:23 ----RD---- C:\Program Files (x86)
2018-05-17 21:33:05 ----RD---- C:\WINDOWS\assembly
2018-05-17 21:18:20 ----D---- C:\WINDOWS\system32\DriverStore
2018-05-17 09:40:48 ----D---- C:\WINDOWS\system32\drivers
2018-05-17 09:40:44 ----D---- C:\WINDOWS\debug
2018-05-17 08:54:02 ----D---- C:\WINDOWS\appcompat
2018-05-16 21:53:29 ----D---- C:\WINDOWS\system32\restore
2018-05-16 21:52:48 ----D---- C:\WINDOWS\system32\WDI
2018-05-16 19:32:49 ----RSD---- C:\WINDOWS\Fonts
2018-05-16 19:32:49 ----D---- C:\WINDOWS\twain_32
2018-05-16 19:32:49 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-05-16 19:32:49 ----D---- C:\WINDOWS\SYSWOW64\IME
2018-05-16 19:32:49 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2018-05-16 19:32:49 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-05-16 19:32:49 ----D---- C:\WINDOWS\SYSWOW64\drivers
2018-05-16 19:32:49 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-05-16 19:32:49 ----D---- C:\WINDOWS\system32\WinBioDatabase
2018-05-16 19:32:49 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2018-05-16 19:32:49 ----D---- C:\WINDOWS\system32\drivers\etc
2018-05-16 19:32:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2018-05-16 19:32:48 ----D---- C:\WINDOWS\system32\zh-HK
2018-05-16 19:32:48 ----D---- C:\WINDOWS\system32\spool
2018-05-16 19:32:48 ----D---- C:\WINDOWS\system32\oobe
2018-05-16 19:32:48 ----D---- C:\WINDOWS\system32\NDF
2018-05-16 19:32:48 ----D---- C:\WINDOWS\system32\migration
2018-05-16 19:32:48 ----D---- C:\WINDOWS\system32\IME
2018-05-16 19:32:48 ----D---- C:\WINDOWS\system32\en-US
2018-05-16 19:32:48 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2018-05-16 19:32:48 ----D---- C:\WINDOWS\system32\cs-CZ
2018-05-16 19:32:48 ----D---- C:\WINDOWS\schemas
2018-05-16 19:32:48 ----D---- C:\WINDOWS\ShellNew
2018-05-16 19:32:48 ----D---- C:\WINDOWS\PolicyDefinitions
2018-05-16 19:32:48 ----D---- C:\WINDOWS\oem
2018-05-16 19:32:42 ----SHD---- C:\Program Files\Windows Sidebar
2018-05-16 19:32:42 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2018-05-16 19:32:42 ----SD---- C:\WINDOWS\Downloaded Program Files
2018-05-16 19:32:42 ----D---- C:\WINDOWS\Help
2018-05-16 19:32:42 ----D---- C:\Program Files\internet explorer
2018-05-16 19:32:42 ----D---- C:\Program Files\Common Files\microsoft shared
2018-05-16 19:32:42 ----D---- C:\Program Files\Common Files
2018-05-16 19:32:42 ----D---- C:\Program Files (x86)\Microsoft.NET
2018-05-16 19:32:42 ----D---- C:\Program Files (x86)\Common Files
2018-05-16 19:32:42 ----AD---- C:\Program Files\UNP
2018-05-16 19:32:41 ----HD---- C:\WINDOWS\system32\GroupPolicy
2018-05-16 19:32:41 ----D---- C:\WINDOWS\system32\Recovery
2018-05-16 19:32:37 ----D---- C:\WINDOWS\Setup
2018-05-16 19:27:05 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2018-05-16 19:25:47 ----D---- C:\WINDOWS\ehome
2018-05-16 19:25:34 ----D---- C:\Program Files (x86)\Windows Mail
2018-05-16 19:25:32 ----D---- C:\Program Files\Windows Mail
2018-05-16 19:25:31 ----D---- C:\Program Files\Microsoft Games
2018-05-16 19:21:37 ----D---- C:\WINDOWS\TextInput
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\vi-VN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ur-PK
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ug-CN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\tt-RU
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\tk-TM
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\te-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ta-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\sw-KE
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\sq-AL
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\si-LK
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\setup
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\quz-PE
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\prs-AF
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\pa-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\or-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\nn-NO
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ne-NP
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\mt-MT
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ms-MY
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\mr-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\mn-MN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ml-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\mk-MK
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\mi-NZ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\lo-LA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\lb-LU
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ky-KG
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\kok-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\kn-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\km-KH
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\kk-KZ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ka-GE
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\is-IS
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\id-ID
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\hy-AM
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\gu-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\gd-GB
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ga-IE
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\fil-PH
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\fa-IR
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\cy-GB
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\bn-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\bn-BD
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\be-BY
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\as-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\am-ET
2018-05-16 19:21:37 ----D---- C:\WINDOWS\SYSWOW64\af-ZA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\zu-ZA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\yo-NG
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\xh-ZA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\wo-SN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\vi-VN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ur-PK
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ug-CN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\tt-RU
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\tn-ZA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\tk-TM
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ti-ET
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\te-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ta-in
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\sw-KE
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\sq-AL
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\si-lk
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\setup
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\rw-RW
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\quz-PE
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\prs-AF
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\pa-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\or-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\nso-ZA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\nn-NO
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ne-NP
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\mt-MT
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ms-MY
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\mr-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\mn-MN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ml-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\mk-MK
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\mi-NZ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\lo-LA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\lb-LU
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ky-KG
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\kok-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\kn-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\km-KH
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\kk-KZ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ka-GE
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\is-IS
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ig-NG
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\id-ID
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\hy-AM
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\gu-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\gd-GB
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ga-IE
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\fil-PH
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\fa-IR
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\cy-GB
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\Boot
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\bn-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\bn-BD
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\be-BY
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\as-IN
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\appraiser
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\am-et
2018-05-16 19:21:37 ----D---- C:\WINDOWS\system32\af-ZA
2018-05-16 19:21:37 ----D---- C:\WINDOWS\Provisioning
2018-05-16 19:21:36 ----D---- C:\WINDOWS\bcastdvr
2018-05-16 19:21:36 ----D---- C:\WINDOWS\apppatch
2018-05-16 19:21:36 ----D---- C:\Program Files\Windows Photo Viewer
2018-05-16 19:21:36 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2018-05-16 19:16:08 ----HD---- C:\ProgramData
2018-05-16 19:15:17 ----D---- C:\WINDOWS\system32\inetsrv
2018-05-16 19:15:17 ----D---- C:\WINDOWS\system32\drivers\en-US
2018-05-16 19:14:46 ----D---- C:\WINDOWS\SYSWOW64\MUI
2018-05-16 19:14:46 ----D---- C:\WINDOWS\system32\MUI
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\fr-CA
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\es-MX
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2018-05-16 19:12:55 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\zh-TW
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\zh-CN
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\uk-UA
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\tr-TR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\th-TH
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\sv-SE
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\sl-SI
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\sk-SK
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\ru-RU
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\ro-RO
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\pt-PT
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\pt-BR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\pl-PL
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\nl-NL
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\nb-NO
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\lv-LV
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\lt-LT
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\ko-KR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\ja-jp
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\it-IT
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\hu-HU
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\hr-HR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\he-IL
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\fr-FR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\fr-CA
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\fi-FI
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\et-EE
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\es-MX
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\es-ES
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\en-GB
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\el-GR
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\de-DE
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\da-DK
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\bg-BG
2018-05-16 19:12:55 ----D---- C:\WINDOWS\system32\ar-SA
2018-05-16 19:12:34 ----D---- C:\WINDOWS\OCR
2018-05-16 19:09:36 ----D---- C:\WINDOWS\SoftwareDistribution
2018-05-16 19:09:21 ----D---- C:\Program Files\windows nt
2018-05-16 19:07:48 ----D---- C:\Windows
2018-05-16 19:07:41 ----D---- C:\WINDOWS\Registration
2018-05-16 19:04:27 ----D---- C:\Program Files (x86)\All History Cleaner
2018-05-16 19:00:00 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-05-16 18:58:56 ----D---- C:\WINDOWS\system32\wbem
2018-05-16 18:58:49 ----SD---- C:\ProgramData\Microsoft
2018-05-16 18:58:44 ----RSD---- C:\WINDOWS\media
2018-05-16 18:47:48 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2018-05-16 18:44:29 ----D---- C:\WINDOWS\system32\CodeIntegrity
2018-05-16 18:44:19 ----RD---- C:\Users
2018-05-16 18:38:58 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2018-05-16 18:38:30 ----D---- C:\ProgramData\USOPrivate
2018-05-16 18:38:18 ----D---- C:\ProgramData\NVIDIA
2018-05-16 18:36:48 ----D---- C:\Program Files\NVIDIA Corporation

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2018-04-12 110432]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 AsIO;AsIO; SysWow64\drivers\AsIO.sys []
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2018-04-12 137928]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2018-04-12 196112]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2018-04-12 82816]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2018-04-12 108320]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-20 59648]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-04-12 414208]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2018-04-12 50136]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-10-11 52376]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2018-04-12 178688]
R3 NVHDA;@oem1.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-12-09 206776]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-12-09 12914360]
R3 nvvad_WaveExtensible;@oem3.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 rt640x64;@oem6.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-01-02 947712]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2018-02-19 15872]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-04-12 128416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-04-12 73632]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [2018-04-12 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2018-04-12 197632]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2018-04-12 1921944]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-11 344064]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2018-05-08 194632]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\apphostsvc.dll
R2 CDPUserSvc_158f7894;Uživatelská služba platformy připojených zařízení_158f7894; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2018-04-19 2240264]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2018-05-02 332656]
R2 HPTouchpointAnalyticsService;HP Touchpoint Analytics; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [2017-11-22 332216]
R2 HSService;All History Cleaner Service; C:\Program Files (x86)\All History Cleaner\HSService.exe [2014-04-22 294072]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2018-04-12 26112]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2016-09-14 805752]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-04-12 136296]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-04-12 136296]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-11-14 932728]
R2 OneSyncSvc_158f7894;Hostitel synchronizace_158f7894; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2013-11-22 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\syswow64\PnkBstrB.exe [2013-11-22 103736]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-04-12 761440]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-12 247968]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\BthAvctpSvc.dll
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2018-04-19 2240264]
R3 PimIndexMaintenanceSvc_158f7894;Data kontaktů_158f7894; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-12 193696]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-04-12 136296]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-03-14 317400]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-04-12 52832]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; %SystemRoot%\system32\svchost.exe -k BcastDVRUserService;"ServiceDll" = %SystemRoot%\System32\BcastDVRUserService.dll
S3 BcastDVRUserService_158f7894;Uživatelská služba pro GameDVR a vysílání her_158f7894; C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService;"ServiceDll" =
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; %SystemRoot%\system32\svchost.exe -k BthAppGroup;"ServiceDll" = %SystemRoot%\System32\Microsoft.Bluetooth.UserService.dll
S3 BluetoothUserService_158f7894;Služba pro podporu uživatelů Bluetooth_158f7894; C:\WINDOWS\system32\svchost.exe -k BthAppGroup;"ServiceDll" =
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\BTAGService.dll
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; %SystemRoot%\system32\svchost.exe -k appmodel -p;"ServiceDll" = %SystemRoot%\system32\CapabilityAccessManager.dll
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\Windows.Devices.Picker.dll
S3 DevicePickerUserSvc_158f7894;DevicePicker_158f7894; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_158f7894;Tok zařízení_158f7894; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k diagnostics;"ServiceDll" = %systemroot%\system32\DiagSvc.dll
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-16 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k GraphicsPerfSvcGroup;"ServiceDll" = %SystemRoot%\System32\GraphicsPerfSvc.dll
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-05-15 194032]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\InstallService.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\LanguageOverlayServer.dll
S3 MessagingService_158f7894;Služba zasílání zpráv_158f7894; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; %SystemRoot%\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = %SystemRoot%\System32\PrintWorkflowService.dll
S3 PrintWorkflowUserSvc_158f7894;PrintWorkflow_158f7894; C:\WINDOWS\system32\svchost.exe -k PrintWorkflow;"ServiceDll" =
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\PushToInstall.dll
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\SharedRealitySvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-05-16 976384]
S3 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-10 495616]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi