Právě je 25 zář 2017 21:39

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z RSIT [návod zde] nebo FRST [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 6 ] 
Autor Zpráva
 Předmět příspěvku: Prosím o kontrolu
PříspěvekNapsal: 12 zář 2017 19:53 
Offline
Návštěvník
Návštěvník

Registrován: 19 kvě 2010 23:16
Příspěvky: 8
Dobrý den prosím o kontrolu děkuji.


LOG:

Logfile of random's system information tool 1.16 (written by random/random)
Run by tomina at 2017-09-12 20:51:11
Microsoft Windows 10 Home
System drive C: has 38 GB (50%) free of 76 GB
Total RAM: 3071 MB (37% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:51:18, on 12.9.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\tomina_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: PDF Architect 5 Helper - {AEA429F3-D2D4-4BD7-A03E-5357DA017733} - C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\tomina\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [ExpoThemes-Driver] C:\Program Files (x86)\ExpoThemes\Ex8Starter.exe /s
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Express Invoice Invoicing Software (ExpressInvoiceService) - Unknown owner - C:\Program Files (x86)\NCH Software\ExpressInvoice\expressinvoice.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect 5 - pdfforge GmbH - C:\Program Files\PDF Architect 5\ws.exe
O23 - Service: PDF Architect 5 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 5\crash-handler-ws.exe
O23 - Service: PDF Architect 5 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 5\creator-ws.exe
O23 - Service: PDF Architect 5 Manager - © pdfforge GmbH. - C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Common Connectivity Framework (STCServ) - Intel Corporation - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11481 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\PDF Architect 5\creator-ws.exe"
"C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 72b011fe-4191-4617-9180-f41b7e25f8ef 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\System32\fontdrvhost.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Program Files\CCleaner\CCleaner64.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\svchost.exe -k defragsvc
C:\WINDOWS\system32\AUDIODG.EXE 0x4b8
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c40c219e-34cc-4c71-821a-9772cd20a752 -SystemEventPortName:HostProcess-e3010a44-3aac-40f0-8fed-897263987c23 -IoCancelEventPortName:HostProcess-0877a647-013c-441e-857d-99049a010a6b -NonStateChangingEventPortName:HostProcess-95b78150-29cb-48aa-891d-87d3b5a6b89e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:74b1c41a-4060-4ae2-a508-92dcfa12b57a -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\tomina\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\tomina\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=60.0.3112.113 --initial-client-data=0x274,0x278,0x27c,0x270,0x280,0x72607de8,0x72607dfc,0x72607dd0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1800 --on-initialized-event-handle=772 --parent-handle=776 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1464,8427066052648519539,460579223083373742,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,20,21,24,43,77 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x0a2d --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.4201 --gpu-driver-date=11-14-2016 --service-request-channel-token=1F485B4DDFC766B5F55E1852322956A1 --mojo-platform-channel-handle=1480 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1464,8427066052648519539,460579223083373742,131072 --service-pipe-token=81C76C730F15A099F4C87304596E66E9 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=81C76C730F15A099F4C87304596E66E9 --renderer-client-id=7 --mojo-platform-channel-handle=2484 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1464,8427066052648519539,460579223083373742,131072 --service-pipe-token=B672D5309D72BCEE5538DA2C2C40B5D5 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=B672D5309D72BCEE5538DA2C2C40B5D5 --renderer-client-id=4 --mojo-platform-channel-handle=2972 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1464,8427066052648519539,460579223083373742,131072 --service-pipe-token=E4796B18E32974F434017B4E2920B24A --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=E4796B18E32974F434017B4E2920B24A --renderer-client-id=5 --mojo-platform-channel-handle=3184 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1464,8427066052648519539,460579223083373742,131072 --service-pipe-token=25E6D2340CF6E70A8D89CEC46333FA18 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=25E6D2340CF6E70A8D89CEC46333FA18 --renderer-client-id=6 --mojo-platform-channel-handle=3380 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1464,8427066052648519539,460579223083373742,131072 --service-pipe-token=41302272885B6EEEA8C8DE33B5F87790 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=41302272885B6EEEA8C8DE33B5F87790 --renderer-client-id=8 --mojo-platform-channel-handle=2828 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1464,8427066052648519539,460579223083373742,131072 --service-pipe-token=950FB950E3726112D30968824269DF6E --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=950FB950E3726112D30968824269DF6E --renderer-client-id=10 --mojo-platform-channel-handle=4884 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe54_ Global\UsGthrCtrlFltPipeMssGthrPipe54 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 688 692 700 8192 696
"C:\Users\tomina\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

====== Scheduled tasks folder ======

C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe -check pepperplugin
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\WINDOWS\system32\tasks\ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\DriverMaxAgent - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe -AGENT
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\IntelBootstrapCCDashExe - C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe /tasktrayonly
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-2352800535-2043464664-2724596817-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\RtHDVBg_ListenToDevice - "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
C:\WINDOWS\system32\tasks\RTKCPL - "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{75C002F1-51D8-4DA4-8F30-86CAEADA8142} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{2954D6F3-00BF-40DE-8C9C-9A147BEAE3CA} - C:\WINDOWS\system32\pcalua.exe -a C:\Users\tomina\Desktop\cardworkssetup.exe -d C:\Users\tomina\Desktop
C:\WINDOWS\system32\tasks\{2D9B56A1-8EAE-4337-9B06-4F14B01C83C7} - C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Belltech Business Card Designer Pro\unins000.exe"
C:\WINDOWS\system32\tasks\{707D14F6-0941-4856-95B4-CE9CB2EDF9F8} - C:\WINDOWS\system32\pcalua.exe -a "D:\Games\London 2012 The Official Video Game of the Olympic Games\london2012.exe" -d "D:\Games\London 2012 The Official Video Game of the Olympic Games"
C:\WINDOWS\system32\tasks\{E23BD63B-F25A-4D0B-8C09-818DC4799689} - C:\WINDOWS\system32\pcalua.exe -a C:\WINDOWS\ipuninst.exe -d C:\Windows\ImmersiveControlPanel -c -fD:\Games\Fallout2\uninst.log
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-2352800535-2043464664-2724596817-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\NCH Software\ExpressInvoiceSchedBackup - C:\Program Files (x86)\NCH Software\ExpressInvoice\ExpressInvoice.exe -schedbackup
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - %systemroot%\system32\MusNotification.exe LogonUpdateResults
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunCampaignManager - %windir%\System32\UNP\UNPCampaignManager.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe

=========Google Chrome=========

C:\Users\tomina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension dnedfaenfnkikficknkklbdedlecmpgc
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 1 Adobe Acrobat 15.1.0.6
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 0.0.0.8
Extension fcoecifcadmambfikillppkoafmgachp 1 Foxtab Speed Dial 9.2.1
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 0 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.15.0
Extension gpdpldlbafdmhlmcdllcjgoigmpjonfc 1 Simple Speed Dial 2.5.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nfoohegdndjidhanbamkijmamcldindl 0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.4
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pgbdhkpacgdhfabeceekiafonfkipohm 1 Late Night 1.0
Extension picdndbpdnapajibahnnogkjofaeooof
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6017.605.1.4
Extension plimopelmdneikoknbgpopffpbmlhgpa 0
Homepage: http://www.google.com/
default_search_provider.search_url:
C:\Users\tomina\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-03 210120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-03 3226824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEA429F3-D2D4-4BD7-A03E-5357DA017733}]
PDF Architect 5 Helper - C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10 43400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]
{84F23192-A475-4038-B5C0-8584777F2DF4} - PDF Architect 5 Toolbar - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10 553352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10 16174352]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-13 2585744]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-10-13 1514528]
"IntelConnectCenter"=C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16 90112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"OneDrive"=C:\Users\tomina\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-10 1674960]
"ExpoThemes-Driver"=C:\Program Files (x86)\ExpoThemes\Ex8Starter.exe [2014-01-28 5120]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-11-30 4179288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2014-01-17 1284680]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2014-01-15 438888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"aux"=wdmaud.drv
"aux1"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux4"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-08-13 22:59:02 ----A---- C:\WINDOWS\SYSWOW64\IpNatHlpClient.dll
2017-08-13 22:59:02 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-08-13 22:59:02 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2017-08-13 22:59:01 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-08-13 22:59:01 ----A---- C:\WINDOWS\system32\tquery.dll
2017-08-13 22:59:00 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-08-13 22:59:00 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2017-08-13 22:59:00 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2017-08-13 22:59:00 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-08-13 22:58:59 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-08-13 22:58:58 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-08-13 22:58:58 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-08-13 22:58:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-08-13 22:58:57 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-08-13 22:58:57 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2017-08-13 22:58:56 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-08-13 22:58:55 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-08-13 22:58:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-08-13 22:58:54 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-08-13 22:58:53 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-08-13 22:58:52 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-08-13 22:58:51 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-08-13 22:58:50 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-08-13 22:58:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-08-13 22:58:49 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-08-13 22:58:48 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-08-13 22:58:47 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-08-13 22:58:46 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-08-13 22:58:46 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-08-13 22:58:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-08-13 22:58:44 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-08-13 22:58:43 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-08-13 22:58:42 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-08-13 22:58:42 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-08-13 22:58:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-08-13 22:58:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-08-13 22:58:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-13 22:58:38 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-08-13 22:58:37 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-08-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-08-13 22:58:36 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-08-13 22:58:35 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-08-13 22:58:34 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2017-08-13 22:58:33 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-08-13 22:58:32 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-08-13 22:58:28 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-08-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\msrepl40.dll
2017-08-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2017-08-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2017-08-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\msjtes40.dll
2017-08-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\msjetoledb40.dll
2017-08-13 22:58:27 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2017-08-13 22:58:26 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-08-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2017-08-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-08-13 22:58:25 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-08-13 22:58:25 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2017-08-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-08-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2017-08-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2017-08-13 22:58:24 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2017-08-13 22:58:24 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-08-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2017-08-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-08-13 22:58:23 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-08-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-08-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-08-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\mswdat10.dll
2017-08-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\msjter40.dll
2017-08-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2017-08-13 22:58:21 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-08-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-08-13 22:58:20 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2017-08-13 22:58:18 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2017-08-13 22:58:17 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-08-13 22:58:17 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2017-08-13 22:58:17 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-08-13 22:58:17 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2017-08-13 22:58:16 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2017-08-13 22:58:15 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2017-08-13 22:58:15 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2017-08-13 22:58:15 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-08-13 22:58:15 ----A---- C:\WINDOWS\SYSWOW64\autofmt.exe
2017-08-13 22:58:15 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2017-08-13 22:58:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-13 22:58:14 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-08-13 22:58:14 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2017-08-13 22:58:13 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2017-08-13 22:58:13 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2017-08-13 22:58:13 ----A---- C:\WINDOWS\system32\cmintegrator.dll
2017-08-13 22:58:12 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-08-13 22:58:12 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-08-13 22:58:12 ----A---- C:\WINDOWS\SYSWOW64\cmintegrator.dll
2017-08-13 22:58:11 ----A---- C:\WINDOWS\SYSWOW64\shlwapi.dll
2017-08-13 22:58:11 ----A---- C:\WINDOWS\SYSWOW64\msacm32.dll
2017-08-13 22:58:11 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2017-08-13 22:58:10 ----A---- C:\WINDOWS\SYSWOW64\sscore.dll
2017-08-13 22:58:10 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2017-08-13 22:58:10 ----A---- C:\WINDOWS\SYSWOW64\fdeploy.dll
2017-08-13 22:58:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-13 22:58:09 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2017-08-13 22:58:09 ----A---- C:\WINDOWS\SYSWOW64\tokenbinding.dll
2017-08-13 22:58:09 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2017-08-13 22:58:08 ----A---- C:\WINDOWS\SYSWOW64\spbcd.dll
2017-08-13 22:58:08 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2017-08-13 22:58:08 ----A---- C:\WINDOWS\SYSWOW64\qasf.dll
2017-08-13 22:58:08 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-08-13 22:58:08 ----A---- C:\WINDOWS\system32\drivers\UcmUcsi.sys
2017-08-13 22:58:07 ----A---- C:\WINDOWS\SYSWOW64\shsvcs.dll
2017-08-13 22:57:57 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-08-13 22:57:52 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-08-13 22:57:51 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-08-13 22:57:46 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-08-13 22:57:21 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-08-13 22:57:13 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-13 22:57:13 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-08-13 22:57:09 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-08-13 22:57:01 ----A---- C:\WINDOWS\system32\VCardParser.dll
2017-08-13 22:56:59 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-08-13 22:56:58 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-08-13 22:56:58 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-08-13 22:56:51 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-08-13 22:56:50 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-08-13 22:56:48 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-13 22:56:48 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-08-13 22:56:47 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-08-13 22:56:46 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-13 22:56:43 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-08-13 22:56:43 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2017-08-13 22:56:42 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-08-13 22:56:40 ----A---- C:\WINDOWS\system32\InputService.dll
2017-08-13 22:56:39 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-08-13 22:56:37 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-08-13 22:56:33 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2017-08-13 22:56:28 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-08-13 22:56:24 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-08-13 22:56:16 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-08-13 22:55:38 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-08-13 22:55:38 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2017-08-13 22:55:37 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-08-13 22:55:37 ----A---- C:\WINDOWS\system32\rastlsext.dll
2017-08-13 22:55:21 ----A---- C:\WINDOWS\system32\psmsrv.dll
2017-08-13 22:55:15 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-08-13 22:55:13 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-08-13 22:55:12 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-08-13 22:55:10 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-13 22:55:09 ----A---- C:\WINDOWS\system32\ole32.dll
2017-08-13 22:55:09 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-08-13 22:55:08 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-08-13 22:55:05 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-08-13 22:55:03 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-08-13 22:54:59 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-08-13 22:54:57 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-08-13 22:54:56 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-13 22:54:48 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-08-13 22:54:43 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-08-13 22:54:23 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-08-13 22:54:20 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-13 22:54:19 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-13 22:54:18 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2017-08-13 22:54:17 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-13 22:54:17 ----A---- C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-13 22:54:16 ----A---- C:\WINDOWS\system32\wer.dll
2017-08-13 22:54:15 ----A---- C:\WINDOWS\system32\services.exe
2017-08-13 22:54:15 ----A---- C:\WINDOWS\system32\hal.dll
2017-08-13 22:54:15 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-08-13 22:54:14 ----A---- C:\WINDOWS\SYSWOW64\bcd.dll
2017-08-13 22:54:14 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-08-13 22:54:12 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-13 22:54:11 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-08-13 22:54:11 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-08-13 22:54:11 ----A---- C:\WINDOWS\system32\dxgi.dll
2017-08-13 22:54:10 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-13 22:54:10 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-13 22:54:10 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-13 22:54:10 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-13 22:54:10 ----A---- C:\WINDOWS\system32\bcd.dll
2017-08-13 22:53:55 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-08-13 22:53:24 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-13 22:53:22 ----A---- C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-13 22:53:22 ----A---- C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-13 22:53:21 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-13 22:53:20 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-13 22:53:19 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-08-13 22:53:18 ----A---- C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-13 22:53:18 ----A---- C:\WINDOWS\system32\officecsp.dll
2017-08-13 22:53:17 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-08-13 22:53:09 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-08-13 22:53:05 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-08-13 22:53:03 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-08-13 22:53:02 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-08-13 22:53:01 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-13 22:53:00 ----A---- C:\WINDOWS\system32\dwmredir.dll
2017-08-13 22:52:53 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-13 22:52:51 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-08-13 22:52:11 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-13 22:52:06 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-08-13 22:52:05 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-08-13 22:52:05 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2017-08-13 22:52:04 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-13 22:52:04 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-08-13 22:52:03 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-13 22:52:03 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-13 22:52:02 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-08-13 22:52:00 ----A---- C:\WINDOWS\system32\twinui.dll
2017-08-13 22:51:58 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-08-13 22:51:57 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-13 22:51:57 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-13 22:51:56 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-13 22:51:56 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-08-13 22:51:56 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-08-13 22:51:56 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-08-13 22:51:55 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-08-13 22:51:55 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-08-13 22:51:54 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-08-13 22:51:54 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-13 22:51:54 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-13 22:51:53 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-13 22:51:52 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-13 22:51:52 ----A---- C:\WINDOWS\system32\rastls.dll
2017-08-13 22:51:50 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-08-13 22:51:50 ----A---- C:\WINDOWS\system32\comdlg32.dll
2017-08-13 22:51:49 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-08-13 22:51:49 ----A---- C:\WINDOWS\system32\rasapi32.dll
2017-08-13 22:51:49 ----A---- C:\WINDOWS\system32\msIso.dll
2017-08-13 22:51:48 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-08-13 22:51:48 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-08-13 22:51:48 ----A---- C:\WINDOWS\system32\FrameServer.dll
2017-08-13 22:51:47 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-08-13 22:51:47 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-08-13 22:51:46 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-08-13 22:51:45 ----A---- C:\WINDOWS\system32\shell32.dll
2017-08-13 22:51:43 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-13 22:51:42 ----A---- C:\WINDOWS\system32\bcdedit.exe
2017-08-13 22:51:41 ----A---- C:\WINDOWS\system32\bcdboot.exe
2017-08-13 22:51:40 ----A---- C:\WINDOWS\system32\policymanager.dll
2017-08-13 22:51:40 ----A---- C:\WINDOWS\system32\efscore.dll
2017-08-13 22:51:40 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2017-08-13 22:51:40 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-08-13 22:51:39 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-08-13 22:51:38 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-13 22:51:37 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-08-13 22:51:37 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-13 22:51:37 ----A---- C:\WINDOWS\system32\reseteng.dll
2017-08-13 22:51:36 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-13 22:51:35 ----A---- C:\WINDOWS\system32\wininit.exe
2017-08-13 22:51:35 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-13 22:51:35 ----A---- C:\WINDOWS\system32\scksp.dll
2017-08-13 22:51:35 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-08-13 22:51:34 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2017-08-13 22:51:34 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-13 22:51:34 ----A---- C:\WINDOWS\system32\lpasvc.dll
2017-08-13 22:51:33 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-08-13 22:51:33 ----A---- C:\WINDOWS\system32\autochk.exe
2017-08-13 22:51:32 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-13 22:51:32 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2017-08-13 22:51:32 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-08-13 22:51:31 ----A---- C:\WINDOWS\system32\ReAgent.dll
2017-08-13 22:51:31 ----A---- C:\WINDOWS\system32\msacm32.dll
2017-08-13 22:51:30 ----A---- C:\WINDOWS\system32\untfs.dll
2017-08-13 22:51:30 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-08-13 22:51:30 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-13 22:51:30 ----A---- C:\WINDOWS\system32\autofmt.exe
2017-08-13 22:51:30 ----A---- C:\WINDOWS\system32\autoconv.exe
2017-08-13 22:51:29 ----A---- C:\WINDOWS\system32\werui.dll
2017-08-13 22:51:29 ----A---- C:\WINDOWS\system32\ofdeploy.exe
2017-08-13 22:51:28 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-08-13 22:51:28 ----A---- C:\WINDOWS\system32\profsvcext.dll
2017-08-13 22:51:28 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-13 22:51:28 ----A---- C:\WINDOWS\system32\fdeploy.dll
2017-08-13 22:51:28 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-08-13 22:51:27 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-08-13 22:51:27 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-13 22:51:27 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2017-08-13 22:51:26 ----A---- C:\WINDOWS\system32\shlwapi.dll
2017-08-13 22:51:25 ----A---- C:\WINDOWS\system32\sscore.dll
2017-08-13 22:51:25 ----A---- C:\WINDOWS\system32\netlogon.dll
2017-08-13 22:51:25 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2017-08-13 22:51:25 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-13 22:51:25 ----A---- C:\WINDOWS\system32\coredpus.dll
2017-08-13 22:51:25 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2017-08-13 22:51:24 ----A---- C:\WINDOWS\system32\tokenbinding.dll
2017-08-13 22:51:24 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-13 22:51:24 ----A---- C:\WINDOWS\system32\qasf.dll
2017-08-13 22:51:24 ----A---- C:\WINDOWS\system32\configmanager2.dll
2017-08-13 22:51:23 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-08-13 22:51:23 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-08-13 22:51:23 ----A---- C:\WINDOWS\system32\spbcd.dll
2017-08-13 22:51:23 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-13 22:51:23 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2017-08-13 22:51:22 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2017-08-13 22:51:22 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2017-08-13 22:51:22 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-08-13 22:51:21 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-13 22:51:21 ----A---- C:\WINDOWS\system32\dmcsps.dll
2017-08-13 22:51:21 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-13 22:51:20 ----A---- C:\WINDOWS\system32\shsvcs.dll
2017-08-13 22:51:20 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-13 22:51:20 ----A---- C:\WINDOWS\system32\dui70.dll
2017-08-13 22:51:19 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2017-08-13 22:51:19 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2017-08-13 22:51:18 ----A---- C:\WINDOWS\system32\IpNatHlpClient.dll

====== List of files/folders modified in the last 1 month ======

2017-09-12 20:51:16 ----D---- C:\Program Files\trend micro
2017-09-12 20:51:04 ----D---- C:\WINDOWS\Temp
2017-09-12 20:49:04 ----D---- C:\WINDOWS\Prefetch
2017-09-12 20:31:44 ----D---- C:\WINDOWS\system32\config
2017-09-12 20:29:57 ----D---- C:\WINDOWS\system32\MRT
2017-09-12 20:29:47 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-09-12 20:28:43 ----D---- C:\WINDOWS\SysWOW64
2017-09-12 20:28:22 ----D---- C:\WINDOWS\system32\Macromed
2017-09-12 20:28:12 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-09-12 20:27:38 ----D---- C:\WINDOWS\WinSxS
2017-09-12 20:26:04 ----SHD---- C:\System Volume Information
2017-09-12 20:25:57 ----D---- C:\WINDOWS\INF
2017-09-12 20:23:35 ----D---- C:\WINDOWS\system32\SleepStudy
2017-09-12 20:22:37 ----D---- C:\WINDOWS\CbsTemp
2017-09-12 20:08:03 ----D---- C:\WINDOWS\system32\sru
2017-09-12 19:47:36 ----D---- C:\WINDOWS\system32\catroot2
2017-09-12 19:26:21 ----RD---- C:\WINDOWS\Microsoft.NET
2017-09-12 19:12:16 ----HD---- C:\Program Files\WindowsApps
2017-09-11 21:24:06 ----AD---- C:\KMPlayer
2017-09-11 19:57:52 ----D---- C:\WINDOWS\AppReadiness
2017-09-10 08:37:25 ----D---- C:\WINDOWS\system32\Tasks
2017-09-10 08:36:52 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-09-10 08:36:52 ----D---- C:\WINDOWS\System32
2017-09-07 20:26:23 ----D---- C:\Users\tomina\AppData\Roaming\vlc
2017-09-04 20:36:45 ----D---- C:\Windows
2017-09-04 16:55:30 ----SHD---- C:\WINDOWS\Installer
2017-09-04 16:54:01 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-09-03 12:41:57 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-09-03 12:41:17 ----D---- C:\Program Files (x86)\Common Files
2017-09-02 17:15:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-08-27 16:00:29 ----D---- C:\ProgramData\CanonIJPLM
2017-08-22 21:45:40 ----D---- C:\WINDOWS\debug
2017-08-17 15:28:37 ----D---- C:\WINDOWS\system32\CatRoot
2017-08-17 15:28:36 ----D---- C:\WINDOWS\system32\DriverStore
2017-08-15 18:34:49 ----D---- C:\WINDOWS\rescache
2017-08-15 14:52:02 ----RD---- C:\WINDOWS\assembly
2017-08-14 21:22:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-14 21:17:59 ----SHD---- C:\Boot
2017-08-14 15:58:53 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2017-08-14 15:58:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-08-14 15:58:52 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-08-14 15:58:45 ----D---- C:\WINDOWS\system32\WinMetadata
2017-08-14 15:58:45 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-08-14 15:58:44 ----D---- C:\WINDOWS\system32\oobe
2017-08-14 15:58:43 ----D---- C:\WINDOWS\system32\en-US
2017-08-14 15:58:43 ----D---- C:\WINDOWS\system32\drivers
2017-08-14 15:58:43 ----D---- C:\WINDOWS\system32\cs-CZ
2017-08-14 15:58:37 ----D---- C:\WINDOWS\ShellExperiences
2017-08-14 15:58:31 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-08-14 15:58:30 ----D---- C:\WINDOWS\AppPatch
2017-08-14 15:58:30 ----D---- C:\Program Files\Windows Photo Viewer
2017-08-14 15:58:30 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-08-13 22:43:02 ----D---- C:\WINDOWS\LiveKernelReports
2017-08-13 21:58:13 ----D---- C:\WINDOWS\system32\WDI
2017-08-13 21:52:45 ----HD---- C:\ProgramData

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2017-03-02 132272]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2017-03-02 180544]
R1 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2017-03-02 70960]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2017-03-18 4233728]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 ETD;@oem6.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2017-07-16 177664]
R3 MTsensor;@oem9.inf,%ATKACPI.DisplayName%;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-12-09 12914360]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-13 19600]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-03-18 604160]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-10-13 15488]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-12-31 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2015-12-31 46392]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 ivusb;Initio Driver for USB Default Controller; C:\WINDOWS\System32\drivers\ivusb.sys [2010-07-29 29720]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-07-16 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NVHDA;@oem17.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-12-09 206776]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-10-13 38032]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\apphostsvc.dll
R2 CDPUserSvc_10a323a;Uživatelská služba platformy připojených zařízení_10a323a; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-08-28 4424384]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2017-03-02 2836296]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-13 1148560]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2017-07-16 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-13 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-10-13 21833360]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-11-14 932728]
R2 OneSyncSvc_10a323a;Hostitel synchronizace_10a323a; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 PDF Architect 5 Creator;PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [2017-02-10 856976]
R2 PDF Architect 5 Manager;PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [2017-02-28 985904]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-07-16 336320]
R3 PimIndexMaintenanceSvc_10a323a;Data kontaktů_10a323a; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\TimeBrokerServer.dll
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\TokenBroker.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
S2 STCServ;Intel(R) Common Connectivity Framework; C:\Program Files\Intel\STCServ\STCServ.exe [2015-03-16 8095456]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-18 52920]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_10a323a;Tok zařízení_10a323a; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1368408]
S3 ExpressInvoiceService;Express Invoice Invoicing Software; C:\Program Files (x86)\NCH Software\ExpressInvoice\expressinvoice.exe [2016-02-08 2342160]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_10a323a;Služba zasílání zpráv_10a323a; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-08-28 213696]
S3 PDF Architect 5 CrashHandler;PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [2017-02-10 1048976]
S3 PDF Architect 5;PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2017-02-10 2706824]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosím o kontrolu
PříspěvekNapsal: 13 zář 2017 18:10 
Offline
Moderátor
Moderátor
Uživatelský avatar

Registrován: 26 lis 2006 13:37
Příspěvky: 13337
Bydliště: ČR
Zdravím,

stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

_________________
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosím o kontrolu
PříspěvekNapsal: 13 zář 2017 21:07 
Offline
Návštěvník
Návštěvník

Registrován: 19 kvě 2010 23:16
Příspěvky: 8
Zdravím zde je report :



# AdwCleaner 7.0.2.1 - Logfile created on Wed Sep 13 20:02:09 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

Deleted: C:\\user.js


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-2352800535-2043464664-2724596817-1001\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S2].txt - [1594 B] - [2014/5/23 20:23:36]
C:/AdwCleaner/AdwCleaner[S3].txt - [1327 B] - [2014/10/12 19:45:15]
C:/AdwCleaner/AdwCleaner[S4].txt - [1893 B] - [2015/3/27 22:39:27]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosím o kontrolu
PříspěvekNapsal: 14 zář 2017 16:28 
Offline
Moderátor
Moderátor
Uživatelský avatar

Registrován: 26 lis 2006 13:37
Příspěvky: 13337
Bydliště: ČR
Bezva uklizeno, je tedy nějaký problém s PC ?

_________________
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosím o kontrolu
PříspěvekNapsal: 14 zář 2017 18:45 
Offline
Návštěvník
Návštěvník

Registrován: 19 kvě 2010 23:16
Příspěvky: 8
Super mockrát děkuji. Pc jede jak má :-) .


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosím o kontrolu
PříspěvekNapsal: 15 zář 2017 18:57 
Offline
Moderátor
Moderátor
Uživatelský avatar

Registrován: 26 lis 2006 13:37
Příspěvky: 13337
Bydliště: ČR
Není zač a :closed:

_________________
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:


Nahoru
 Profil  
 
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 6 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějte na provoz fóra!
>