Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosímo kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosímo kontrolu
Zdravím a žádám o kontrolu,
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2017-10-24 22:55:04
Microsoft Windows 10 Home
System drive C: has 295 GB (64%) free of 464 GB
Total RAM: 3963 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:06, on 24.10.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMMON] "C:\Program Files (x86)\IM Magician\Vicamon.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} (IPCamPluginTM Control) - http://89.203.138.111:8080/IPCamPluginTM.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11781 bytes
======Listing Processes======
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservice -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\system32\DbxSvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
dashost.exe {4fc89163-a427-48fb-aa4e16ec3e055f7e}
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
c:\windows\system32\svchost.exe -k netsvcs -s BITS
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\WINDOWS\System32\igfxtray.exe"
"C:\WINDOWS\System32\hkcmd.exe"
"C:\WINDOWS\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" -Embedding
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
taskhostw.exe
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Petr\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x1f0,0x1f4,0x1f8,0x1ec,0x1fc,0x7ffd3d7d1988,0x7ffd3d7d1948,0x7ffd3d7d1958
C:\Windows\System32\InstallAgent.exe -Embedding
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2692 --on-initialized-event-handle=680 --parent-handle=684 /prefetch:6
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,23,27,29,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4459 --gpu-driver-date=5-19-2016 --service-request-channel-token=08CDA75533D790ECFE543C25E7738388 --mojo-platform-channel-handle=1400 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=D3FF51DF238057EF55B75EC2CCC6118C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D3FF51DF238057EF55B75EC2CCC6118C --renderer-client-id=3 --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=1AF76934459064F946E0892C68FB07D7 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1AF76934459064F946E0892C68FB07D7 --renderer-client-id=4 --mojo-platform-channel-handle=3284 /prefetch:1
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
Explorer.exe
taskhostw.exe
"C:\WINDOWS\System32\Taskmgr.exe" /3
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -s DPS
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\System32\svchost.exe -k LocalService -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=1D33CA21261CAC8DDB4FB152847F8173 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1D33CA21261CAC8DDB4FB152847F8173 --renderer-client-id=16 --mojo-platform-channel-handle=3652 /prefetch:1
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=D7ED141F1A5DDDCA0A10835B9FEB1532 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D7ED141F1A5DDDCA0A10835B9FEB1532 --renderer-client-id=20 --mojo-platform-channel-handle=2672 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 688 692 700 8192 696
C:\WINDOWS\System32\svchost.exe -k netsvcs -s Browser
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x4f4
"C:\Users\Petr\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2017-10-24 22:55:04
Microsoft Windows 10 Home
System drive C: has 295 GB (64%) free of 464 GB
Total RAM: 3963 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:06, on 24.10.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMMON] "C:\Program Files (x86)\IM Magician\Vicamon.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} (IPCamPluginTM Control) - http://89.203.138.111:8080/IPCamPluginTM.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11781 bytes
======Listing Processes======
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservice -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\system32\DbxSvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
dashost.exe {4fc89163-a427-48fb-aa4e16ec3e055f7e}
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
c:\windows\system32\svchost.exe -k netsvcs -s BITS
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\WINDOWS\System32\igfxtray.exe"
"C:\WINDOWS\System32\hkcmd.exe"
"C:\WINDOWS\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" -Embedding
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
taskhostw.exe
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Petr\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x1f0,0x1f4,0x1f8,0x1ec,0x1fc,0x7ffd3d7d1988,0x7ffd3d7d1948,0x7ffd3d7d1958
C:\Windows\System32\InstallAgent.exe -Embedding
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2692 --on-initialized-event-handle=680 --parent-handle=684 /prefetch:6
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,23,27,29,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4459 --gpu-driver-date=5-19-2016 --service-request-channel-token=08CDA75533D790ECFE543C25E7738388 --mojo-platform-channel-handle=1400 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=D3FF51DF238057EF55B75EC2CCC6118C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D3FF51DF238057EF55B75EC2CCC6118C --renderer-client-id=3 --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=1AF76934459064F946E0892C68FB07D7 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1AF76934459064F946E0892C68FB07D7 --renderer-client-id=4 --mojo-platform-channel-handle=3284 /prefetch:1
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
Explorer.exe
taskhostw.exe
"C:\WINDOWS\System32\Taskmgr.exe" /3
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -s DPS
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\System32\svchost.exe -k LocalService -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=1D33CA21261CAC8DDB4FB152847F8173 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1D33CA21261CAC8DDB4FB152847F8173 --renderer-client-id=16 --mojo-platform-channel-handle=3652 /prefetch:1
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=D7ED141F1A5DDDCA0A10835B9FEB1532 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D7ED141F1A5DDDCA0A10835B9FEB1532 --renderer-client-id=20 --mojo-platform-channel-handle=2672 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 688 692 700 8192 696
C:\WINDOWS\System32\svchost.exe -k netsvcs -s Browser
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x4f4
"C:\Users\Petr\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Re: Prosímo kontrolu
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe# /ua /installsource scheduler#
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c#
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-08-15 163536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-20 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-09-05 1744688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-20 187968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2017-03-09 193112]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2017-03-09 420960]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2017-03-09 463960]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-10-14 253344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [2017-08-21 601168]
"OneDrive"=C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-25 1686736]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2016-04-22 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2016-04-22 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2016-04-22 356664]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2016-04-22 67896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMMON"=C:\Program Files (x86)\IM Magician\Vicamon.exe [2010-09-28 143360]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-10-17 3566904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2017-03-09 460936]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x00000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2017-10-23 15:38:28 ----ASH---- C:\pagefile.sys
2017-10-22 10:11:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-10-22 09:46:32 ----D---- C:\ProgramData\SWCUTemp
2017-10-21 22:36:19 ----ASH---- C:\tmpgfile.sys
2017-10-21 21:58:12 ----D---- C:\$Windows.~BT
2017-10-21 21:57:46 ----HD---- C:\$SysReset
2017-10-21 21:51:05 ----ASH---- C:\hiberfil.sys
2017-10-19 10:16:06 ----D---- C:\WINDOWS\Minidump
2017-10-19 08:43:40 ----D---- C:\Users\Petr\AppData\Roaming\audacity
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2017-10-13 19:40:39 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-10-13 19:32:01 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-10-13 19:32:01 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-10-13 19:32:00 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-10-13 19:31:59 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-10-13 19:31:58 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-10-13 19:31:55 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2017-10-13 19:31:52 ----RA---- C:\WINDOWS\SYSWOW64\icuuc.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\cipher.exe
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\mgmtapi.dll
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2017-10-13 19:31:49 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-10-13 19:31:49 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-10-13 19:31:48 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-10-13 19:31:47 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-10-13 19:31:47 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-10-13 19:31:46 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\cryptngc.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\UserDataService.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\fveui.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\bdesvc.dll
2017-10-13 19:31:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-10-13 19:31:38 ----A---- C:\WINDOWS\system32\mstsc.exe
2017-10-13 19:31:38 ----A---- C:\WINDOWS\system32\manage-bde.exe
2017-10-13 19:31:36 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-13 19:31:36 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-13 19:31:35 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-10-13 19:31:35 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-13 19:31:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\lsass.exe
2017-10-13 19:31:32 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-10-13 19:31:32 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-10-13 19:31:31 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-10-13 19:31:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2017-10-13 19:31:28 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\sspisrv.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\sspicli.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\jscript.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\fvewiz.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\fvecpl.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\wer.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-13 19:31:24 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-13 19:31:24 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-10-13 19:31:22 ----A---- C:\WINDOWS\system32\winresume.exe
2017-10-13 19:31:22 ----A---- C:\WINDOWS\system32\winload.exe
2017-10-13 19:31:21 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-10-13 19:31:21 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-10-13 19:31:19 ----A---- C:\WINDOWS\system32\eShims.dll
2017-10-13 19:31:19 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-10-13 19:31:18 ----A---- C:\WINDOWS\system32\wscsvc.dll
2017-10-13 19:31:18 ----A---- C:\WINDOWS\system32\rpchttp.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\wups.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\usocore.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\efscore.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\msftedit.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\msIso.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-10-13 19:31:13 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-13 19:31:13 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\msctf.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-10-13 19:31:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-13 19:31:10 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-13 19:31:10 ----A---- C:\WINDOWS\explorer.exe
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\quartz.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\user32.dll
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-13 19:31:04 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:31:03 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2017-10-13 19:31:02 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-10-13 19:31:00 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-10-13 19:30:59 ----A---- C:\WINDOWS\system32\fveapi.dll
2017-10-13 19:30:57 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-13 19:30:57 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\wsp_health.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2017-10-13 19:30:55 ----RA---- C:\WINDOWS\system32\icuuc.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\resutils.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\clusapi.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\advapi32.dll
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\fveapibase.dll
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\easinvoker.exe
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\usoapi.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\twinapi.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\TabSvc.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\webio.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\Robocopy.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\regsvc.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\efssvc.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\cipher.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-05 20:39:27 ----D---- C:\Users\Petr\AppData\Roaming\Solvusoft
2017-10-05 20:36:29 ----D---- C:\ProgramData\Solvusoft
======List of files/folders modified in the last 1 month======
2017-10-24 22:55:05 ----D---- C:\Program Files\trend micro
2017-10-24 22:54:23 ----D---- C:\WINDOWS\Temp
2017-10-24 22:53:06 ----D---- C:\WINDOWS\Prefetch
2017-10-24 22:36:46 ----D---- C:\WINDOWS\system32\drivers
2017-10-24 22:35:34 ----D---- C:\WINDOWS\system32\sru
2017-10-24 22:35:17 ----SHD---- C:\System Volume Information
2017-10-24 22:28:06 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-10-24 22:25:45 ----D---- C:\WINDOWS\System32
2017-10-24 22:25:43 ----D---- C:\WINDOWS
2017-10-23 16:08:26 ----RD---- C:\WINDOWS\Microsoft.NET
2017-10-23 15:42:32 ----D---- C:\WINDOWS\system32\SleepStudy
2017-10-23 15:39:37 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-10-22 10:29:23 ----D---- C:\WINDOWS\system32\config
2017-10-22 10:11:26 ----D---- C:\WINDOWS\system32\Tasks
2017-10-22 09:49:19 ----D---- C:\ProgramData\AVAST Software
2017-10-22 09:46:32 ----HD---- C:\ProgramData
2017-10-21 23:16:55 ----A---- C:\WINDOWS\SMSS-PFRO86b4.tmp
2017-10-21 23:12:17 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2017-10-21 23:07:06 ----D---- C:\WINDOWS\Logs
2017-10-21 23:07:00 ----SHD---- C:\Recovery
2017-10-21 14:53:03 ----SHD---- C:\WINDOWS\Installer
2017-10-21 14:52:07 ----D---- C:\WINDOWS\SysWOW64
2017-10-21 14:52:06 ----D---- C:\WINDOWS\Tasks
2017-10-21 14:52:06 ----D---- C:\WINDOWS\AppReadiness
2017-10-21 14:52:05 ----RD---- C:\Program Files (x86)\Skype
2017-10-21 14:52:05 ----RD---- C:\Program Files
2017-10-21 14:52:05 ----D---- C:\Program Files (x86)\Java
2017-10-21 14:52:05 ----AD---- C:\Program Files\Bonjour
2017-10-21 14:52:04 ----RD---- C:\Program Files (x86)
2017-10-21 14:52:04 ----D---- C:\Program Files (x86)\GreenTree Applications
2017-10-21 14:52:04 ----D---- C:\Program Files (x86)\Common Files
2017-10-21 14:52:04 ----AD---- C:\Program Files (x86)\Bonjour
2017-10-21 14:48:23 ----D---- C:\WINDOWS\system32\wbem
2017-10-21 14:47:50 ----HD---- C:\Program Files\WindowsApps
2017-10-21 14:39:10 ----D---- C:\WINDOWS\registration
2017-10-21 14:38:53 ----D---- C:\ProgramData\Oracle
2017-10-21 13:00:07 ----D---- C:\WINDOWS\system32\WDI
2017-10-21 09:13:35 ----D---- C:\WINDOWS\system32\catroot2
2017-10-21 09:13:15 ----D---- C:\WINDOWS\CbsTemp
2017-10-21 09:12:04 ----D---- C:\WINDOWS\WinSxS
2017-10-20 22:03:15 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-10-20 21:31:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-20 21:11:31 ----D---- C:\AdwCleaner
2017-10-20 21:02:18 ----SHD---- C:\Config.Msi
2017-10-20 21:01:52 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2017-10-20 19:29:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-20 18:58:23 ----RD---- C:\WINDOWS\assembly
2017-10-20 18:24:41 ----D---- C:\Program Files (x86)\Dropbox
2017-10-19 11:47:13 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-10-19 11:45:53 ----AD---- C:\Program Files\Microsoft Office 15
2017-10-19 10:18:09 ----D---- C:\WINDOWS\LiveKernelReports
2017-10-19 08:37:56 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2017-10-17 21:09:07 ----D---- C:\WINDOWS\INF
2017-10-17 15:38:52 ----D---- C:\WINDOWS\system32\Macromed
2017-10-17 15:38:50 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-10-16 13:59:10 ----D---- C:\WINDOWS\system32\DriverStore
2017-10-15 06:36:34 ----D---- C:\WINDOWS\rescache
2017-10-15 06:24:14 ----A---- C:\WINDOWS\SMSS-PFRO789b.tmp
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\en-US
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\cs-CZ
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\Boot
2017-10-13 21:12:21 ----D---- C:\WINDOWS\ShellExperiences
2017-10-13 21:12:21 ----D---- C:\WINDOWS\Provisioning
2017-10-13 21:11:57 ----A---- C:\WINDOWS\SYSWOW64\msclmd.dll
2017-10-13 21:11:57 ----A---- C:\WINDOWS\system32\msclmd.dll
2017-10-13 21:09:39 ----AD---- C:\Program Files (x86)\TeamViewer
2017-10-13 19:45:05 ----D---- C:\WINDOWS\system32\MRT
2017-10-13 19:40:33 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-10-13 02:21:46 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-10-06 18:28:18 ----SD---- C:\ProgramData\Microsoft
2017-10-05 20:30:52 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-10-13 198976]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-10-13 343288]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-10-13 57736]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-10-14 84416]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-10-14 363440]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-10-13 321032]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-10-14 110376]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-10-13 1020536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-10-14 587168]
R1 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [2012-05-26 168608]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 MpKsl0266b75c;MpKsl0266b75c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FD472C52-2C47-4CCB-94BA-6B84668B6356}\MpKsl0266b75c.sys [2017-10-23 58120]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-08-02 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-08-02 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-08-02 62776]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-10-14 147776]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-10-14 201352]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-03-18 79872]
R3 e1cexpress;@oem14.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [2012-07-12 498032]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-03-09 5382856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 IntcDAud;@oem72.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RSUSBSTOR;@oem49.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-07-05 252048]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-10-14 47008]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2014-10-16 16088]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-10-13 281416]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-01-24 2615368]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_4b01c;UĹľivatelská sluĹľba platformy pĹ™ipojenĂ˝ch zaĹ™ĂzenĂ_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 ClickToRunSvc;SluĹľba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-09-05 3058416]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2017-10-17 51016]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 OneSyncSvc_4b01c;Hostitel synchronizace_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-10-13 7446024]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24 143144]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-17 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-03-09 300128]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24 143144]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_4b01c;Tok zaĹ™ĂzenĂ_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-04-03 1030600]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_4b01c;SluĹľba zasĂlánĂ zpráv_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-03 159960]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc_4b01c;Data kontaktĹŻ_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2017-03-18 302592]
S4 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-02-09 347200]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-17 265808]
S4 gupdate;SluĹľba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S4 gupdatem;SluĹľba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-20 194000]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
-----------------EOF-----------------
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c#
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-08-15 163536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-20 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-09-05 1744688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-20 187968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2017-03-09 193112]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2017-03-09 420960]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2017-03-09 463960]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-10-14 253344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [2017-08-21 601168]
"OneDrive"=C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-25 1686736]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2016-04-22 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2016-04-22 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2016-04-22 356664]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2016-04-22 67896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMMON"=C:\Program Files (x86)\IM Magician\Vicamon.exe [2010-09-28 143360]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-10-17 3566904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2017-03-09 460936]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x00000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2017-10-23 15:38:28 ----ASH---- C:\pagefile.sys
2017-10-22 10:11:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-10-22 09:46:32 ----D---- C:\ProgramData\SWCUTemp
2017-10-21 22:36:19 ----ASH---- C:\tmpgfile.sys
2017-10-21 21:58:12 ----D---- C:\$Windows.~BT
2017-10-21 21:57:46 ----HD---- C:\$SysReset
2017-10-21 21:51:05 ----ASH---- C:\hiberfil.sys
2017-10-19 10:16:06 ----D---- C:\WINDOWS\Minidump
2017-10-19 08:43:40 ----D---- C:\Users\Petr\AppData\Roaming\audacity
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2017-10-13 19:40:39 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-10-13 19:32:01 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-10-13 19:32:01 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-10-13 19:32:00 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-10-13 19:31:59 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-10-13 19:31:58 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-10-13 19:31:55 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2017-10-13 19:31:52 ----RA---- C:\WINDOWS\SYSWOW64\icuuc.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\cipher.exe
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\mgmtapi.dll
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2017-10-13 19:31:49 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-10-13 19:31:49 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-10-13 19:31:48 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-10-13 19:31:47 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-10-13 19:31:47 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-10-13 19:31:46 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\cryptngc.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\UserDataService.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\fveui.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\bdesvc.dll
2017-10-13 19:31:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-10-13 19:31:38 ----A---- C:\WINDOWS\system32\mstsc.exe
2017-10-13 19:31:38 ----A---- C:\WINDOWS\system32\manage-bde.exe
2017-10-13 19:31:36 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-13 19:31:36 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-13 19:31:35 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-10-13 19:31:35 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-13 19:31:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\lsass.exe
2017-10-13 19:31:32 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-10-13 19:31:32 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-10-13 19:31:31 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-10-13 19:31:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2017-10-13 19:31:28 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\sspisrv.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\sspicli.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\jscript.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\fvewiz.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\fvecpl.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\wer.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-13 19:31:24 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-13 19:31:24 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-10-13 19:31:22 ----A---- C:\WINDOWS\system32\winresume.exe
2017-10-13 19:31:22 ----A---- C:\WINDOWS\system32\winload.exe
2017-10-13 19:31:21 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-10-13 19:31:21 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-10-13 19:31:19 ----A---- C:\WINDOWS\system32\eShims.dll
2017-10-13 19:31:19 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-10-13 19:31:18 ----A---- C:\WINDOWS\system32\wscsvc.dll
2017-10-13 19:31:18 ----A---- C:\WINDOWS\system32\rpchttp.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\wups.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\usocore.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\efscore.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\msftedit.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\msIso.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-10-13 19:31:13 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-13 19:31:13 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\msctf.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-10-13 19:31:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-13 19:31:10 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-13 19:31:10 ----A---- C:\WINDOWS\explorer.exe
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\quartz.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\user32.dll
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-13 19:31:04 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:31:03 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2017-10-13 19:31:02 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-10-13 19:31:00 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-10-13 19:30:59 ----A---- C:\WINDOWS\system32\fveapi.dll
2017-10-13 19:30:57 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-13 19:30:57 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\wsp_health.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2017-10-13 19:30:55 ----RA---- C:\WINDOWS\system32\icuuc.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\resutils.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\clusapi.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\advapi32.dll
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\fveapibase.dll
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\easinvoker.exe
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\usoapi.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\twinapi.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\TabSvc.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\webio.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\Robocopy.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\regsvc.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\efssvc.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\cipher.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-05 20:39:27 ----D---- C:\Users\Petr\AppData\Roaming\Solvusoft
2017-10-05 20:36:29 ----D---- C:\ProgramData\Solvusoft
======List of files/folders modified in the last 1 month======
2017-10-24 22:55:05 ----D---- C:\Program Files\trend micro
2017-10-24 22:54:23 ----D---- C:\WINDOWS\Temp
2017-10-24 22:53:06 ----D---- C:\WINDOWS\Prefetch
2017-10-24 22:36:46 ----D---- C:\WINDOWS\system32\drivers
2017-10-24 22:35:34 ----D---- C:\WINDOWS\system32\sru
2017-10-24 22:35:17 ----SHD---- C:\System Volume Information
2017-10-24 22:28:06 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-10-24 22:25:45 ----D---- C:\WINDOWS\System32
2017-10-24 22:25:43 ----D---- C:\WINDOWS
2017-10-23 16:08:26 ----RD---- C:\WINDOWS\Microsoft.NET
2017-10-23 15:42:32 ----D---- C:\WINDOWS\system32\SleepStudy
2017-10-23 15:39:37 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-10-22 10:29:23 ----D---- C:\WINDOWS\system32\config
2017-10-22 10:11:26 ----D---- C:\WINDOWS\system32\Tasks
2017-10-22 09:49:19 ----D---- C:\ProgramData\AVAST Software
2017-10-22 09:46:32 ----HD---- C:\ProgramData
2017-10-21 23:16:55 ----A---- C:\WINDOWS\SMSS-PFRO86b4.tmp
2017-10-21 23:12:17 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2017-10-21 23:07:06 ----D---- C:\WINDOWS\Logs
2017-10-21 23:07:00 ----SHD---- C:\Recovery
2017-10-21 14:53:03 ----SHD---- C:\WINDOWS\Installer
2017-10-21 14:52:07 ----D---- C:\WINDOWS\SysWOW64
2017-10-21 14:52:06 ----D---- C:\WINDOWS\Tasks
2017-10-21 14:52:06 ----D---- C:\WINDOWS\AppReadiness
2017-10-21 14:52:05 ----RD---- C:\Program Files (x86)\Skype
2017-10-21 14:52:05 ----RD---- C:\Program Files
2017-10-21 14:52:05 ----D---- C:\Program Files (x86)\Java
2017-10-21 14:52:05 ----AD---- C:\Program Files\Bonjour
2017-10-21 14:52:04 ----RD---- C:\Program Files (x86)
2017-10-21 14:52:04 ----D---- C:\Program Files (x86)\GreenTree Applications
2017-10-21 14:52:04 ----D---- C:\Program Files (x86)\Common Files
2017-10-21 14:52:04 ----AD---- C:\Program Files (x86)\Bonjour
2017-10-21 14:48:23 ----D---- C:\WINDOWS\system32\wbem
2017-10-21 14:47:50 ----HD---- C:\Program Files\WindowsApps
2017-10-21 14:39:10 ----D---- C:\WINDOWS\registration
2017-10-21 14:38:53 ----D---- C:\ProgramData\Oracle
2017-10-21 13:00:07 ----D---- C:\WINDOWS\system32\WDI
2017-10-21 09:13:35 ----D---- C:\WINDOWS\system32\catroot2
2017-10-21 09:13:15 ----D---- C:\WINDOWS\CbsTemp
2017-10-21 09:12:04 ----D---- C:\WINDOWS\WinSxS
2017-10-20 22:03:15 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-10-20 21:31:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-20 21:11:31 ----D---- C:\AdwCleaner
2017-10-20 21:02:18 ----SHD---- C:\Config.Msi
2017-10-20 21:01:52 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2017-10-20 19:29:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-20 18:58:23 ----RD---- C:\WINDOWS\assembly
2017-10-20 18:24:41 ----D---- C:\Program Files (x86)\Dropbox
2017-10-19 11:47:13 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-10-19 11:45:53 ----AD---- C:\Program Files\Microsoft Office 15
2017-10-19 10:18:09 ----D---- C:\WINDOWS\LiveKernelReports
2017-10-19 08:37:56 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2017-10-17 21:09:07 ----D---- C:\WINDOWS\INF
2017-10-17 15:38:52 ----D---- C:\WINDOWS\system32\Macromed
2017-10-17 15:38:50 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-10-16 13:59:10 ----D---- C:\WINDOWS\system32\DriverStore
2017-10-15 06:36:34 ----D---- C:\WINDOWS\rescache
2017-10-15 06:24:14 ----A---- C:\WINDOWS\SMSS-PFRO789b.tmp
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\en-US
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\cs-CZ
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\Boot
2017-10-13 21:12:21 ----D---- C:\WINDOWS\ShellExperiences
2017-10-13 21:12:21 ----D---- C:\WINDOWS\Provisioning
2017-10-13 21:11:57 ----A---- C:\WINDOWS\SYSWOW64\msclmd.dll
2017-10-13 21:11:57 ----A---- C:\WINDOWS\system32\msclmd.dll
2017-10-13 21:09:39 ----AD---- C:\Program Files (x86)\TeamViewer
2017-10-13 19:45:05 ----D---- C:\WINDOWS\system32\MRT
2017-10-13 19:40:33 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-10-13 02:21:46 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-10-06 18:28:18 ----SD---- C:\ProgramData\Microsoft
2017-10-05 20:30:52 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-10-13 198976]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-10-13 343288]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-10-13 57736]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-10-14 84416]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-10-14 363440]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-10-13 321032]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-10-14 110376]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-10-13 1020536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-10-14 587168]
R1 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [2012-05-26 168608]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 MpKsl0266b75c;MpKsl0266b75c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FD472C52-2C47-4CCB-94BA-6B84668B6356}\MpKsl0266b75c.sys [2017-10-23 58120]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-08-02 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-08-02 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-08-02 62776]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-10-14 147776]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-10-14 201352]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-03-18 79872]
R3 e1cexpress;@oem14.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [2012-07-12 498032]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-03-09 5382856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 IntcDAud;@oem72.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RSUSBSTOR;@oem49.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-07-05 252048]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-10-14 47008]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2014-10-16 16088]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-10-13 281416]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-01-24 2615368]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_4b01c;UĹľivatelská sluĹľba platformy pĹ™ipojenĂ˝ch zaĹ™ĂzenĂ_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 ClickToRunSvc;SluĹľba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-09-05 3058416]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2017-10-17 51016]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 OneSyncSvc_4b01c;Hostitel synchronizace_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-10-13 7446024]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24 143144]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-17 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-03-09 300128]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24 143144]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_4b01c;Tok zaĹ™ĂzenĂ_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-04-03 1030600]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_4b01c;SluĹľba zasĂlánĂ zpráv_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-03 159960]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc_4b01c;Data kontaktĹŻ_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2017-03-18 302592]
S4 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-02-09 347200]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-17 265808]
S4 gupdate;SluĹľba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S4 gupdatem;SluĹľba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-20 194000]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
-----------------EOF-----------------
Re: Prosímo kontrolu
Ahoj,
Poprosim o vlozeni logu FRST.txt a Addition.txt z aplikace FRSTLauncher.exe (Farbar Recovery Scan Tool). Navod naleznes zde: https://forum.viry.cz/viewtopic.php?f=13&t=152707
Obsah Additional.txt muzes vlozit rovnou sem do vlakna.
Poprosim o vlozeni logu FRST.txt a Addition.txt z aplikace FRSTLauncher.exe (Farbar Recovery Scan Tool). Navod naleznes zde: https://forum.viry.cz/viewtopic.php?f=13&t=152707
Obsah Additional.txt muzes vlozit rovnou sem do vlakna.
Re: Prosímo kontrolu
Mám trochu problém..
Pod mým profilem počítač ihned po přihlášení přestává odpovídat. Dle správce úloh je aktivita na disku na 100%, paměť využitá tak na 40%. Po chvíli se objeví hláška chyba explorer.exe a následuje modrá obrazovka a restart počítače.
Pod druhým profilem počítač funguje bez problémů.
Je možné spustit FRST pod jiným profilem? Nebo se tam nic neukáž?
Nehas
Pod mým profilem počítač ihned po přihlášení přestává odpovídat. Dle správce úloh je aktivita na disku na 100%, paměť využitá tak na 40%. Po chvíli se objeví hláška chyba explorer.exe a následuje modrá obrazovka a restart počítače.
Pod druhým profilem počítač funguje bez problémů.
Je možné spustit FRST pod jiným profilem? Nebo se tam nic neukáž?
Nehas
Re: Prosímo kontrolu
muzes zkusit, kdyby se nahodou neukazalo vse tak snad najdeme aspon to co zatezuje procesy.
Re: Prosímo kontrolu
Tak tentokrát se zadařilo bez pádu, takže posílám log z onoho nestabilního profilu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2017 01
Ran by Petr (administrator) on PECINI (25-10-2017 15:07:06)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & Helca & Guest)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dropbox, Inc.) C:\WINDOWS\System32\DbxSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\WINDOWS\System32\DataExchangeHost.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-14] (AVAST Software)
HKLM-x32\...\Run: [IMMON] => C:\Program Files (x86)\IM Magician\Vicamon.exe [143360 2010-09-28] (Vimisoft Studio)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3566904 2017-10-17] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Run: [Google Update] => C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-08-21] (Google Inc.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [570880 2017-07-11] (Microsoft Corporation)
CHR HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.92.0.5 10.92.0.1
Tcpip\..\Interfaces\{a79d757c-dded-4c37-a8cf-2f7bf90433fe}: [DhcpNameServer] 10.92.0.5 10.92.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001 -> {92C055F5-CB0B-4329-8D59-82C54FAEE6FF} URL =
SearchScopes: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001 -> {C4E01640-2E2E-4150-B191-B248E9DA0090} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-20] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-20] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} hxxp://89.203.138.111:8080/IPCamPluginTM.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kyz391a5.default-1508529397810 [not found] <==== ATTENTION
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3697592394-1657936854-2325889698-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Petr\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3697592394-1657936854-2325889698-1001: @talk.google.com/O1DPlugin -> C:\Users\Petr\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3697592394-1657936854-2325889698-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-3697592394-1657936854-2325889698-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Petr\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Petr\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2017-10-25]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-19]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-08-21]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-03-16]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-19]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-20]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-08-21]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-06]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-20]
CHR HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-13] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-13] (AVAST Software)
S3 Browser; C:\WINDOWS\System32\browser.dll [133120 2017-03-18] (Microsoft Corporation) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-01-24] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-24] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-10-17] (Dropbox, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2013-04-03] (Macrovision Europe Ltd.) [File not signed]
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-02-09] (WildTangent)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-13] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1020536 2017-10-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-14] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-14] (AVAST Software)
R1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [498032 2012-07-12] (Intel Corporation)
U5 ggsomc; C:\Windows\System32\Drivers\ggsomc.sys [30424 2014-10-16] (Sony Mobile Communications)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error(1) reading file: "C:\WINDOWS\SysWOW64\ntvdm64.dll"
2017-10-25 15:07 - 2017-10-25 15:07 - 000020629 _____ C:\Users\Petr\Desktop\FRST.txt
2017-10-25 15:07 - 2017-10-25 15:07 - 000000000 ____D C:\FRST
2017-10-25 15:06 - 2017-10-25 15:06 - 000112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2017-10-25 14:51 - 2017-10-25 14:51 - 000445972 _____ C:\WINDOWS\Minidump\102517-48343-01.dmp
2017-10-25 14:47 - 2017-10-25 14:47 - 000448500 _____ C:\WINDOWS\Minidump\102517-23953-01.dmp
2017-10-25 11:41 - 2017-10-25 11:41 - 000378092 _____ C:\WINDOWS\Minidump\102517-28484-01.dmp
2017-10-25 11:34 - 2017-10-25 11:35 - 000433460 _____ C:\WINDOWS\Minidump\102517-31640-02.dmp
2017-10-25 11:23 - 2017-10-25 11:23 - 000421236 _____ C:\WINDOWS\Minidump\102517-29390-01.dmp
2017-10-25 11:22 - 2017-10-25 11:22 - 000000000 __SHD C:\found.000
2017-10-25 11:16 - 2017-10-25 11:17 - 000433604 _____ C:\WINDOWS\Minidump\102517-31640-01.dmp
2017-10-25 07:10 - 2017-10-25 07:10 - 000433724 _____ C:\WINDOWS\Minidump\102517-35140-01.dmp
2017-10-24 23:06 - 2017-10-24 23:06 - 008250832 _____ (Malwarebytes) C:\Users\Petr\Downloads\adwcleaner_7.0.3.1 (1).exe
2017-10-24 22:54 - 2017-10-24 22:54 - 001222144 _____ C:\Users\Petr\Desktop\RSITx64.exe
2017-10-24 22:49 - 2017-10-24 22:49 - 002403328 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2017-10-24 22:25 - 2017-10-24 22:26 - 000433596 _____ C:\WINDOWS\Minidump\102417-21203-01.dmp
2017-10-23 15:18 - 2017-10-23 15:18 - 000440140 _____ C:\WINDOWS\Minidump\102317-20406-01.dmp
2017-10-22 13:54 - 2017-10-22 13:55 - 000433508 _____ C:\WINDOWS\Minidump\102217-35781-01.dmp
2017-10-22 10:11 - 2017-10-14 06:16 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-10-22 09:49 - 2017-10-22 09:49 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys.150865855217102.150865988803102
2017-10-22 09:47 - 2017-10-22 09:47 - 007161304 _____ (AVAST Software) C:\Users\Petr\Downloads\avast_free_antivirus_setup_online.exe
2017-10-22 09:46 - 2017-10-22 09:46 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-10-21 23:21 - 2017-10-21 23:21 - 000432132 _____ C:\WINDOWS\Minidump\102117-37000-01.dmp
2017-10-21 23:20 - 2017-10-21 23:20 - 000360700 _____ C:\WINDOWS\Minidump\102117-38343-01.dmp
2017-10-21 23:11 - 2017-10-21 23:12 - 000430508 _____ C:\WINDOWS\Minidump\102117-26781-01.dmp
2017-10-21 22:36 - 2017-10-21 22:36 - 008388608 ___SH C:\tmpgfile.sys
2017-10-21 22:09 - 2017-10-21 22:09 - 000000000 _____ C:\WINDOWS\Minidump\102117-36875-01.dmp
2017-10-21 22:08 - 2017-10-21 22:08 - 000000000 _____ C:\WINDOWS\Minidump\102117-34578-01.dmp
2017-10-21 21:58 - 2017-10-21 22:33 - 000000000 ____D C:\$Windows.~BT
2017-10-21 21:57 - 2017-10-21 22:37 - 000000000 ___HD C:\$SysReset
2017-10-21 20:11 - 2017-10-21 20:11 - 000000000 _____ C:\WINDOWS\Minidump\102117-30187-01.dmp
2017-10-21 19:38 - 2017-10-21 19:39 - 000343772 _____ C:\WINDOWS\Minidump\102117-19156-01.dmp
2017-10-21 19:37 - 2017-10-21 19:37 - 000000000 _____ C:\WINDOWS\Minidump\102117-14703-01.dmp
2017-10-21 12:52 - 2017-10-21 12:52 - 000313372 _____ C:\WINDOWS\Minidump\102117-37515-01.dmp
2017-10-21 10:40 - 2017-10-21 10:40 - 000433724 _____ C:\WINDOWS\Minidump\102117-15625-01.dmp
2017-10-20 21:23 - 2017-10-20 21:23 - 000313556 _____ C:\WINDOWS\Minidump\102017-29328-01.dmp
2017-10-20 21:11 - 2017-10-20 21:11 - 008250832 _____ (Malwarebytes) C:\Users\Petr\Downloads\adwcleaner_7.0.3.1.exe
2017-10-20 19:29 - 2017-10-20 19:29 - 000433748 _____ C:\WINDOWS\Minidump\102017-19921-01.dmp
2017-10-20 18:52 - 2017-10-22 09:46 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2017-10-20 18:22 - 2017-10-20 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-19 10:16 - 2017-10-25 14:51 - 000000000 ____D C:\WINDOWS\Minidump
2017-10-19 10:16 - 2017-10-19 10:16 - 000356964 _____ C:\WINDOWS\Minidump\101917-21312-01.dmp
2017-10-19 08:47 - 2017-10-19 08:48 - 002209528 _____ C:\Users\Petr\Downloads\VirtualDub-1.10.4-AMD64.zip
2017-10-19 08:43 - 2017-10-19 08:58 - 000000000 ____D C:\Users\Petr\AppData\Roaming\audacity
2017-10-19 08:43 - 2017-10-19 08:43 - 000000000 ____D C:\Users\Petr\AppData\Local\Audacity
2017-10-19 08:42 - 2017-10-19 08:42 - 027113272 _____ (Audacity Team ) C:\Users\Petr\Downloads\audacity-win-2.1.3.exe
2017-10-17 17:48 - 2017-10-17 17:48 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-10-17 17:48 - 2017-10-17 17:48 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-10-17 17:48 - 2017-10-17 17:48 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-10-17 17:48 - 2017-10-17 17:48 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-10-13 19:40 - 2017-10-13 19:40 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-13 19:32 - 2017-09-30 04:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-13 19:32 - 2017-09-30 04:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-13 19:32 - 2017-09-30 04:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-13 19:32 - 2017-09-30 04:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-13 19:32 - 2017-09-30 04:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-13 19:32 - 2017-09-30 04:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-13 19:32 - 2017-09-30 04:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-13 19:32 - 2017-09-30 04:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-13 19:32 - 2017-09-30 04:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-13 19:32 - 2017-09-30 04:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-13 19:32 - 2017-09-30 04:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-13 19:32 - 2017-09-30 04:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-13 19:32 - 2017-09-30 04:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-13 19:32 - 2017-09-30 04:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-13 19:32 - 2017-09-30 04:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-13 19:32 - 2017-09-30 04:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-13 19:32 - 2017-09-30 04:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-13 19:32 - 2017-09-30 04:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:32 - 2017-09-29 09:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-13 19:32 - 2017-09-29 09:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-13 19:32 - 2017-09-29 09:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-13 19:32 - 2017-09-29 09:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-13 19:32 - 2017-09-29 09:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-13 19:32 - 2017-09-29 09:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-13 19:32 - 2017-09-29 09:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-13 19:32 - 2017-09-29 09:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-13 19:32 - 2017-09-29 09:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-13 19:32 - 2017-09-29 09:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-13 19:32 - 2017-09-29 09:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-13 19:32 - 2017-09-29 09:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-13 19:32 - 2017-09-29 09:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-13 19:32 - 2017-09-29 09:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-13 19:32 - 2017-09-29 09:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-13 19:32 - 2017-09-29 09:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-13 19:31 - 2017-09-30 07:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-13 19:31 - 2017-09-30 07:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-13 19:31 - 2017-09-30 07:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-13 19:31 - 2017-09-30 07:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-13 19:31 - 2017-09-30 07:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-13 19:31 - 2017-09-30 07:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-13 19:31 - 2017-09-30 07:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-13 19:31 - 2017-09-30 07:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-13 19:31 - 2017-09-30 07:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-13 19:31 - 2017-09-30 07:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-13 19:31 - 2017-09-30 07:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-13 19:31 - 2017-09-30 07:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-13 19:31 - 2017-09-30 07:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-13 19:31 - 2017-09-30 07:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-13 19:31 - 2017-09-30 07:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-13 19:31 - 2017-09-30 07:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-13 19:31 - 2017-09-30 07:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-13 19:31 - 2017-09-30 07:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-13 19:31 - 2017-09-30 07:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-13 19:31 - 2017-09-30 07:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-13 19:31 - 2017-09-30 07:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-13 19:31 - 2017-09-30 07:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-13 19:31 - 2017-09-30 07:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-13 19:31 - 2017-09-30 07:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-13 19:31 - 2017-09-30 07:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-13 19:31 - 2017-09-30 07:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-13 19:31 - 2017-09-30 07:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-13 19:31 - 2017-09-30 07:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-13 19:31 - 2017-09-30 07:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-13 19:31 - 2017-09-30 07:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-13 19:31 - 2017-09-30 07:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-13 19:31 - 2017-09-30 07:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-13 19:31 - 2017-09-30 07:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:31 - 2017-09-30 07:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-13 19:31 - 2017-09-30 07:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-13 19:31 - 2017-09-30 07:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-13 19:31 - 2017-09-30 04:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-13 19:31 - 2017-09-30 04:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-13 19:31 - 2017-09-30 04:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-13 19:31 - 2017-09-30 04:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-13 19:31 - 2017-09-30 04:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31 - 2017-09-30 04:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-13 19:31 - 2017-09-30 04:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-13 19:31 - 2017-09-30 04:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-13 19:31 - 2017-09-30 04:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-13 19:31 - 2017-09-30 04:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-13 19:31 - 2017-09-29 09:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-13 19:31 - 2017-09-29 09:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-13 19:31 - 2017-09-29 09:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-13 19:31 - 2017-09-29 09:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-13 19:31 - 2017-09-29 09:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-13 19:31 - 2017-09-29 09:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-13 19:31 - 2017-09-29 09:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-13 19:31 - 2017-09-29 09:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-13 19:31 - 2017-09-29 09:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-13 19:31 - 2017-09-29 09:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-13 19:31 - 2017-09-29 09:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-13 19:31 - 2017-09-29 09:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-13 19:31 - 2017-09-29 09:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-13 19:31 - 2017-09-29 09:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-13 19:31 - 2017-09-29 09:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-13 19:31 - 2017-09-29 09:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-13 19:31 - 2017-09-29 09:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-13 19:31 - 2017-09-29 09:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-13 19:31 - 2017-09-29 09:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-13 19:31 - 2017-09-29 09:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-13 19:31 - 2017-09-29 09:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-13 19:31 - 2017-09-29 09:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-13 19:31 - 2017-09-29 09:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-13 19:31 - 2017-09-29 09:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-13 19:31 - 2017-09-29 09:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-13 19:31 - 2017-09-29 09:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-13 19:31 - 2017-09-29 09:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-13 19:31 - 2017-09-29 09:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-13 19:31 - 2017-09-29 09:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-13 19:31 - 2017-09-29 09:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-13 19:31 - 2017-09-29 09:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-13 19:31 - 2017-09-29 09:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-13 19:31 - 2017-09-29 09:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-13 19:31 - 2017-09-29 09:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-13 19:31 - 2017-09-29 09:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-13 19:31 - 2017-09-29 09:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-13 19:31 - 2017-09-29 09:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-13 19:31 - 2017-09-29 09:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-13 19:31 - 2017-09-29 09:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-13 19:31 - 2017-09-29 09:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-13 19:31 - 2017-09-29 09:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-13 19:31 - 2017-09-29 09:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-13 19:31 - 2017-09-29 09:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-13 19:31 - 2017-09-29 09:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-13 19:31 - 2017-09-29 09:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-13 19:31 - 2017-09-29 09:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-13 19:31 - 2017-09-29 09:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-13 19:31 - 2017-09-29 09:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-13 19:31 - 2017-09-29 09:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-13 19:31 - 2017-09-29 09:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-13 19:31 - 2017-09-29 09:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-13 19:31 - 2017-09-29 09:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-13 19:31 - 2017-09-29 09:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-13 19:31 - 2017-09-29 09:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-13 19:31 - 2017-09-29 09:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-13 19:31 - 2017-09-29 09:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-13 19:31 - 2017-09-29 09:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-13 19:31 - 2017-09-29 09:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-13 19:31 - 2017-09-29 09:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-13 19:31 - 2017-09-29 09:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-13 19:31 - 2017-09-29 09:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-13 19:31 - 2017-09-29 09:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-13 19:31 - 2017-09-29 09:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-13 19:31 - 2017-09-29 09:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-13 19:31 - 2017-09-29 09:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-13 19:31 - 2017-09-29 09:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-13 19:31 - 2017-09-29 09:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-13 19:31 - 2017-09-29 09:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-13 19:31 - 2017-09-29 09:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-13 19:31 - 2017-09-29 09:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-13 19:31 - 2017-09-29 09:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-13 19:31 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-13 19:31 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-13 19:31 - 2017-09-20 17:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-13 19:31 - 2017-09-20 17:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-13 19:31 - 2017-09-20 17:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-13 19:31 - 2017-09-19 01:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-13 19:31 - 2017-09-19 01:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-13 19:31 - 2017-09-19 01:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-13 19:31 - 2017-09-19 01:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-13 19:31 - 2017-09-19 01:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-13 19:31 - 2017-09-19 01:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-13 19:31 - 2017-09-19 01:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-13 19:31 - 2017-09-19 01:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-13 19:31 - 2017-09-19 00:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-13 19:31 - 2017-09-19 00:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-13 19:31 - 2017-09-19 00:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-13 19:31 - 2017-09-19 00:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-13 19:30 - 2017-09-30 07:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-13 19:30 - 2017-09-30 07:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-13 19:30 - 2017-09-30 07:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-13 19:30 - 2017-09-30 07:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-13 19:30 - 2017-09-30 07:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-13 19:30 - 2017-09-29 09:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-13 19:30 - 2017-09-29 09:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-13 19:30 - 2017-09-29 09:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-13 19:30 - 2017-09-29 09:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-13 19:30 - 2017-09-29 09:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-13 19:30 - 2017-09-29 09:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-13 19:30 - 2017-09-29 09:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-13 19:30 - 2017-09-29 09:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-13 19:30 - 2017-09-29 09:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-13 19:30 - 2017-09-29 09:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-13 19:30 - 2017-09-29 09:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-13 19:30 - 2017-09-29 09:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-13 19:30 - 2017-09-29 09:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-13 19:30 - 2017-09-29 09:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-13 19:30 - 2017-09-29 09:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-13 19:30 - 2017-09-29 09:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-13 19:30 - 2017-09-29 09:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-13 19:30 - 2017-09-29 09:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-13 19:30 - 2017-09-29 09:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-13 19:30 - 2017-09-29 09:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-13 19:30 - 2017-09-29 09:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-13 19:30 - 2017-09-29 09:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-13 19:30 - 2017-09-29 09:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-13 19:30 - 2017-09-29 09:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-13 19:30 - 2017-09-29 09:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-13 19:30 - 2017-09-29 09:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-13 19:30 - 2017-09-19 00:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-13 19:30 - 2017-09-19 00:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-05 20:39 - 2017-10-05 20:39 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Solvusoft
2017-10-05 20:36 - 2017-10-05 20:47 - 000000000 ____D C:\Users\Petr\AppData\Local\IIIQF
2017-10-05 20:36 - 2017-10-05 20:39 - 000000000 ____D C:\ProgramData\Solvusoft
2017-10-05 20:36 - 2017-10-05 20:36 - 008932000 _____ (Solvusoft Corporation ) C:\Users\Petr\Downloads\Setup_WinThruster_2016.exe
2017-10-05 19:14 - 2017-10-05 19:18 - 000000000 ____D C:\Users\Petr\AppData\Local\TempTaskUpdateDetection39DB6DD9-AE43-4268-AF36-3EE5C71C70F3
2017-10-01 19:45 - 2017-10-21 13:12 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3697592394-1657936854-2325889698-1002
2017-09-27 19:35 - 2017-09-27 19:35 - 000000000 ____D C:\Users\Helca\AppData\Local\DBG
2017-09-27 19:33 - 2017-09-27 19:33 - 000000020 ___SH C:\Users\Helca\ntuser.ini
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-25 14:51 - 2017-08-17 09:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-25 14:51 - 2017-03-09 20:46 - 641100410 _____ C:\WINDOWS\MEMORY.DMP
2017-10-25 13:51 - 2017-08-17 09:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-25 12:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-25 11:52 - 2013-12-22 17:54 - 000000000 ____D C:\Users\Helca\AppData\Roaming\Seznam.cz
2017-10-25 11:47 - 2013-03-02 10:09 - 000000000 ____D C:\Users\Helca\AppData\Local\Packages
2017-10-25 11:40 - 2017-03-18 13:40 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2017-10-25 07:26 - 2014-01-02 13:31 - 000007597 _____ C:\Users\Petr\AppData\Local\resmon.resmoncfg
2017-10-25 07:22 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-24 23:06 - 2015-02-01 10:08 - 000000000 ____D C:\AdwCleaner
2017-10-24 22:55 - 2013-08-03 09:58 - 000000000 ____D C:\Program Files\trend micro
2017-10-23 16:12 - 2017-08-17 09:26 - 000000000 ____D C:\Users\Helca
2017-10-23 16:12 - 2017-08-17 09:26 - 000000000 ____D C:\Users\Guest
2017-10-23 15:39 - 2014-03-25 23:35 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-10-23 15:34 - 2017-03-09 22:07 - 000186522 ____N C:\WINDOWS\Minidump\102317-292437-01.dmp
2017-10-23 15:19 - 2017-08-17 09:26 - 000000000 ____D C:\Users\Petr
2017-10-22 10:11 - 2017-08-17 09:49 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-10-22 10:11 - 2017-07-14 14:44 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-10-22 10:11 - 2017-01-12 18:45 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-10-22 10:11 - 2014-11-21 23:31 - 000001971 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-10-22 09:51 - 2017-08-17 09:49 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C827C728-317A-4E6A-AE87-388480E0C7F0}
2017-10-22 09:49 - 2013-05-09 08:56 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-21 23:16 - 2017-07-14 14:44 - 000061304 _____ () C:\WINDOWS\SMSS-PFRO86b4.tmp
2017-10-21 14:52 - 2017-07-29 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2017-10-21 14:52 - 2017-07-29 12:59 - 000000000 ____D C:\Program Files (x86)\GreenTree Applications
2017-10-21 14:52 - 2017-03-16 19:08 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-10-21 14:52 - 2017-03-16 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-10-21 14:52 - 2016-01-19 10:13 - 000000000 ____D C:\Program Files\Bonjour
2017-10-21 14:52 - 2016-01-19 10:13 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-10-21 14:52 - 2015-09-30 09:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-21 14:52 - 2015-09-30 09:14 - 000000000 ____D C:\Program Files (x86)\Java
2017-10-21 14:52 - 2014-01-30 00:19 - 000000000 ____D C:\Users\Helca\AppData\Local\Skype
2017-10-21 14:39 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\registration
2017-10-21 14:38 - 2015-09-30 09:14 - 000000000 ____D C:\ProgramData\Oracle
2017-10-21 13:23 - 2014-01-29 23:25 - 000000000 __RDO C:\Users\Helca\SkyDrive
2017-10-21 13:12 - 2015-11-25 22:06 - 000002431 _____ C:\Users\Helca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-21 13:11 - 2012-10-05 23:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-21 09:13 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-20 22:03 - 2016-08-25 11:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-20 21:56 - 2016-11-21 09:59 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2017-10-20 21:40 - 2016-01-19 10:37 - 000000000 ___RD C:\Users\Petr\iCloudDrive
2017-10-20 21:31 - 2017-08-17 09:46 - 001974072 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-20 21:31 - 2017-03-20 06:43 - 000851278 _____ C:\WINDOWS\system32\perfh005.dat
2017-10-20 21:31 - 2017-03-20 06:43 - 000181040 _____ C:\WINDOWS\system32\perfc005.dat
2017-10-20 21:01 - 2015-09-30 09:15 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-10-20 21:01 - 2014-12-12 20:59 - 000001147 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-10-20 19:29 - 2013-08-03 09:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-20 19:04 - 2017-08-17 09:49 - 000003484 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2017-10-20 18:24 - 2016-02-24 17:48 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-10-19 11:47 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-19 11:45 - 2015-02-01 20:36 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-10-19 10:18 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-19 08:50 - 2013-03-11 13:37 - 000000000 ____D C:\Users\Petr\AppData\Local\Bandizip
2017-10-19 08:37 - 2013-05-25 21:07 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2017-10-17 21:09 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-17 15:38 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-17 15:38 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-15 06:36 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-15 06:24 - 2017-07-14 14:44 - 000061304 _____ () C:\WINDOWS\SMSS-PFRO789b.tmp
2017-10-14 06:16 - 2014-04-29 14:20 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-10-14 06:16 - 2013-12-18 09:46 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-10-14 06:16 - 2013-05-09 08:59 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-10-14 06:16 - 2013-05-09 08:59 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-10-14 06:16 - 2013-05-09 08:59 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-10-14 06:16 - 2013-05-09 08:59 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-10-14 06:16 - 2013-05-09 08:59 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-10-13 21:17 - 2017-03-16 01:22 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-10-13 21:17 - 2017-03-16 01:22 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-10-13 21:17 - 2017-03-16 01:22 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-10-13 21:17 - 2017-03-16 01:22 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-10-13 21:17 - 2013-05-09 08:59 - 001020536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-10-13 21:14 - 2017-08-17 09:23 - 000518856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-13 21:12 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-13 21:12 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-13 21:11 - 2017-03-18 23:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-13 21:11 - 2017-03-18 23:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-13 21:09 - 2014-05-20 12:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-13 19:45 - 2013-08-07 12:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-13 19:40 - 2013-03-01 12:17 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-13 02:21 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 02:21 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-05 20:57 - 2017-04-03 20:20 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-10-05 20:57 - 2017-04-03 20:20 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-10-05 20:30 - 2016-06-04 21:24 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\uTorrent
2017-10-05 20:30 - 2013-12-17 11:59 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2017-10-05 20:05 - 2013-03-04 11:09 - 000000000 ____D C:\Users\Petr\AppData\Local\Google
2017-09-27 20:19 - 2016-11-26 15:57 - 000000000 ____D C:\Users\Helca\AppData\LocalLow\Mozilla
2017-09-27 19:35 - 2016-09-16 15:06 - 000000000 ____D C:\Users\Helca\AppData\Local\ConnectedDevicesPlatform
2017-09-27 07:06 - 2014-02-10 09:24 - 000002508 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-27 07:06 - 2014-02-10 09:24 - 000002500 _____ C:\Users\Petr\Desktop\Google Chrome.lnk
2017-09-25 10:25 - 2017-08-17 10:29 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3697592394-1657936854-2325889698-1001
2017-09-25 10:25 - 2015-11-18 10:46 - 000002428 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-25 10:25 - 2014-01-02 13:02 - 000000000 __RDO C:\Users\Petr\SkyDrive
==================== Files in the root of some directories =======
2014-11-09 22:56 - 2014-11-09 22:56 - 000000600 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
2013-12-25 15:26 - 2013-12-25 15:27 - 000004608 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-26 18:20 - 2016-06-19 21:39 - 000000600 _____ () C:\Users\Petr\AppData\Local\PUTTY.RND
2014-12-09 22:15 - 2014-12-09 22:15 - 000009014 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel
2014-01-02 13:31 - 2017-10-25 07:26 - 000007597 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2017-10-19 08:49 - 2017-10-19 08:50 - 005285384 _____ (Bandisoft) C:\Users\Petr\AppData\Local\Temp\BANDIZIP-SETUP.EXE
2016-10-19 17:11 - 2016-10-19 17:11 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Petr\AppData\Local\Temp\libeay32.dll
2016-10-19 17:11 - 2016-10-19 17:11 - 000970912 _____ (Microsoft Corporation) C:\Users\Petr\AppData\Local\Temp\msvcr120.dll
2016-10-19 17:11 - 2016-10-19 17:11 - 000772672 _____ () C:\Users\Petr\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-20 21:35
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Acer) (Fixed) (Total:453.26 GB) (Free:293.86 GB) NTFS
Drive d: (DATA) (Fixed) (Total:454.61 GB) (Free:57.44 GB) NTFS
Available physical RAM: 2100.35 MB
Total physical RAM: 3963.09 MB
Percentage of memory in use: 47%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8CB33117)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Petr\Desktop" je 1689 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2017 01
Ran by Petr (administrator) on PECINI (25-10-2017 15:07:06)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & Helca & Guest)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dropbox, Inc.) C:\WINDOWS\System32\DbxSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\WINDOWS\System32\DataExchangeHost.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-14] (AVAST Software)
HKLM-x32\...\Run: [IMMON] => C:\Program Files (x86)\IM Magician\Vicamon.exe [143360 2010-09-28] (Vimisoft Studio)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3566904 2017-10-17] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Run: [Google Update] => C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-08-21] (Google Inc.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [570880 2017-07-11] (Microsoft Corporation)
CHR HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.92.0.5 10.92.0.1
Tcpip\..\Interfaces\{a79d757c-dded-4c37-a8cf-2f7bf90433fe}: [DhcpNameServer] 10.92.0.5 10.92.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001 -> {92C055F5-CB0B-4329-8D59-82C54FAEE6FF} URL =
SearchScopes: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001 -> {C4E01640-2E2E-4150-B191-B248E9DA0090} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-20] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-20] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} hxxp://89.203.138.111:8080/IPCamPluginTM.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kyz391a5.default-1508529397810 [not found] <==== ATTENTION
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3697592394-1657936854-2325889698-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Petr\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3697592394-1657936854-2325889698-1001: @talk.google.com/O1DPlugin -> C:\Users\Petr\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3697592394-1657936854-2325889698-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-3697592394-1657936854-2325889698-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Petr\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Petr\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2017-10-25]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-19]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-08-21]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-03-16]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-19]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-20]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-08-21]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-06]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-20]
CHR HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-13] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-13] (AVAST Software)
S3 Browser; C:\WINDOWS\System32\browser.dll [133120 2017-03-18] (Microsoft Corporation) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-01-24] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-24] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-10-17] (Dropbox, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2013-04-03] (Macrovision Europe Ltd.) [File not signed]
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-02-09] (WildTangent)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-13] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1020536 2017-10-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-14] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-14] (AVAST Software)
R1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [498032 2012-07-12] (Intel Corporation)
U5 ggsomc; C:\Windows\System32\Drivers\ggsomc.sys [30424 2014-10-16] (Sony Mobile Communications)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error(1) reading file: "C:\WINDOWS\SysWOW64\ntvdm64.dll"
2017-10-25 15:07 - 2017-10-25 15:07 - 000020629 _____ C:\Users\Petr\Desktop\FRST.txt
2017-10-25 15:07 - 2017-10-25 15:07 - 000000000 ____D C:\FRST
2017-10-25 15:06 - 2017-10-25 15:06 - 000112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2017-10-25 14:51 - 2017-10-25 14:51 - 000445972 _____ C:\WINDOWS\Minidump\102517-48343-01.dmp
2017-10-25 14:47 - 2017-10-25 14:47 - 000448500 _____ C:\WINDOWS\Minidump\102517-23953-01.dmp
2017-10-25 11:41 - 2017-10-25 11:41 - 000378092 _____ C:\WINDOWS\Minidump\102517-28484-01.dmp
2017-10-25 11:34 - 2017-10-25 11:35 - 000433460 _____ C:\WINDOWS\Minidump\102517-31640-02.dmp
2017-10-25 11:23 - 2017-10-25 11:23 - 000421236 _____ C:\WINDOWS\Minidump\102517-29390-01.dmp
2017-10-25 11:22 - 2017-10-25 11:22 - 000000000 __SHD C:\found.000
2017-10-25 11:16 - 2017-10-25 11:17 - 000433604 _____ C:\WINDOWS\Minidump\102517-31640-01.dmp
2017-10-25 07:10 - 2017-10-25 07:10 - 000433724 _____ C:\WINDOWS\Minidump\102517-35140-01.dmp
2017-10-24 23:06 - 2017-10-24 23:06 - 008250832 _____ (Malwarebytes) C:\Users\Petr\Downloads\adwcleaner_7.0.3.1 (1).exe
2017-10-24 22:54 - 2017-10-24 22:54 - 001222144 _____ C:\Users\Petr\Desktop\RSITx64.exe
2017-10-24 22:49 - 2017-10-24 22:49 - 002403328 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2017-10-24 22:25 - 2017-10-24 22:26 - 000433596 _____ C:\WINDOWS\Minidump\102417-21203-01.dmp
2017-10-23 15:18 - 2017-10-23 15:18 - 000440140 _____ C:\WINDOWS\Minidump\102317-20406-01.dmp
2017-10-22 13:54 - 2017-10-22 13:55 - 000433508 _____ C:\WINDOWS\Minidump\102217-35781-01.dmp
2017-10-22 10:11 - 2017-10-14 06:16 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-10-22 09:49 - 2017-10-22 09:49 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys.150865855217102.150865988803102
2017-10-22 09:47 - 2017-10-22 09:47 - 007161304 _____ (AVAST Software) C:\Users\Petr\Downloads\avast_free_antivirus_setup_online.exe
2017-10-22 09:46 - 2017-10-22 09:46 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-10-21 23:21 - 2017-10-21 23:21 - 000432132 _____ C:\WINDOWS\Minidump\102117-37000-01.dmp
2017-10-21 23:20 - 2017-10-21 23:20 - 000360700 _____ C:\WINDOWS\Minidump\102117-38343-01.dmp
2017-10-21 23:11 - 2017-10-21 23:12 - 000430508 _____ C:\WINDOWS\Minidump\102117-26781-01.dmp
2017-10-21 22:36 - 2017-10-21 22:36 - 008388608 ___SH C:\tmpgfile.sys
2017-10-21 22:09 - 2017-10-21 22:09 - 000000000 _____ C:\WINDOWS\Minidump\102117-36875-01.dmp
2017-10-21 22:08 - 2017-10-21 22:08 - 000000000 _____ C:\WINDOWS\Minidump\102117-34578-01.dmp
2017-10-21 21:58 - 2017-10-21 22:33 - 000000000 ____D C:\$Windows.~BT
2017-10-21 21:57 - 2017-10-21 22:37 - 000000000 ___HD C:\$SysReset
2017-10-21 20:11 - 2017-10-21 20:11 - 000000000 _____ C:\WINDOWS\Minidump\102117-30187-01.dmp
2017-10-21 19:38 - 2017-10-21 19:39 - 000343772 _____ C:\WINDOWS\Minidump\102117-19156-01.dmp
2017-10-21 19:37 - 2017-10-21 19:37 - 000000000 _____ C:\WINDOWS\Minidump\102117-14703-01.dmp
2017-10-21 12:52 - 2017-10-21 12:52 - 000313372 _____ C:\WINDOWS\Minidump\102117-37515-01.dmp
2017-10-21 10:40 - 2017-10-21 10:40 - 000433724 _____ C:\WINDOWS\Minidump\102117-15625-01.dmp
2017-10-20 21:23 - 2017-10-20 21:23 - 000313556 _____ C:\WINDOWS\Minidump\102017-29328-01.dmp
2017-10-20 21:11 - 2017-10-20 21:11 - 008250832 _____ (Malwarebytes) C:\Users\Petr\Downloads\adwcleaner_7.0.3.1.exe
2017-10-20 19:29 - 2017-10-20 19:29 - 000433748 _____ C:\WINDOWS\Minidump\102017-19921-01.dmp
2017-10-20 18:52 - 2017-10-22 09:46 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2017-10-20 18:22 - 2017-10-20 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-19 10:16 - 2017-10-25 14:51 - 000000000 ____D C:\WINDOWS\Minidump
2017-10-19 10:16 - 2017-10-19 10:16 - 000356964 _____ C:\WINDOWS\Minidump\101917-21312-01.dmp
2017-10-19 08:47 - 2017-10-19 08:48 - 002209528 _____ C:\Users\Petr\Downloads\VirtualDub-1.10.4-AMD64.zip
2017-10-19 08:43 - 2017-10-19 08:58 - 000000000 ____D C:\Users\Petr\AppData\Roaming\audacity
2017-10-19 08:43 - 2017-10-19 08:43 - 000000000 ____D C:\Users\Petr\AppData\Local\Audacity
2017-10-19 08:42 - 2017-10-19 08:42 - 027113272 _____ (Audacity Team ) C:\Users\Petr\Downloads\audacity-win-2.1.3.exe
2017-10-17 17:48 - 2017-10-17 17:48 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-10-17 17:48 - 2017-10-17 17:48 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-10-17 17:48 - 2017-10-17 17:48 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-10-17 17:48 - 2017-10-17 17:48 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-10-13 19:40 - 2017-10-13 19:40 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-13 19:32 - 2017-09-30 04:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-13 19:32 - 2017-09-30 04:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-13 19:32 - 2017-09-30 04:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-13 19:32 - 2017-09-30 04:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-13 19:32 - 2017-09-30 04:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-13 19:32 - 2017-09-30 04:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-13 19:32 - 2017-09-30 04:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-13 19:32 - 2017-09-30 04:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-13 19:32 - 2017-09-30 04:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-13 19:32 - 2017-09-30 04:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-13 19:32 - 2017-09-30 04:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-13 19:32 - 2017-09-30 04:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-13 19:32 - 2017-09-30 04:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-13 19:32 - 2017-09-30 04:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-13 19:32 - 2017-09-30 04:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-13 19:32 - 2017-09-30 04:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-13 19:32 - 2017-09-30 04:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-13 19:32 - 2017-09-30 04:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:32 - 2017-09-29 09:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-13 19:32 - 2017-09-29 09:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-13 19:32 - 2017-09-29 09:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-13 19:32 - 2017-09-29 09:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-13 19:32 - 2017-09-29 09:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-13 19:32 - 2017-09-29 09:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-13 19:32 - 2017-09-29 09:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-13 19:32 - 2017-09-29 09:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-13 19:32 - 2017-09-29 09:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-13 19:32 - 2017-09-29 09:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-13 19:32 - 2017-09-29 09:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-13 19:32 - 2017-09-29 09:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-13 19:32 - 2017-09-29 09:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-13 19:32 - 2017-09-29 09:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-13 19:32 - 2017-09-29 09:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-13 19:32 - 2017-09-29 09:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-13 19:31 - 2017-09-30 07:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-13 19:31 - 2017-09-30 07:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-13 19:31 - 2017-09-30 07:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-13 19:31 - 2017-09-30 07:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-13 19:31 - 2017-09-30 07:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-13 19:31 - 2017-09-30 07:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-13 19:31 - 2017-09-30 07:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-13 19:31 - 2017-09-30 07:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-13 19:31 - 2017-09-30 07:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-13 19:31 - 2017-09-30 07:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-13 19:31 - 2017-09-30 07:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-13 19:31 - 2017-09-30 07:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-13 19:31 - 2017-09-30 07:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-13 19:31 - 2017-09-30 07:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-13 19:31 - 2017-09-30 07:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-13 19:31 - 2017-09-30 07:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-13 19:31 - 2017-09-30 07:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-13 19:31 - 2017-09-30 07:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-13 19:31 - 2017-09-30 07:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-13 19:31 - 2017-09-30 07:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-13 19:31 - 2017-09-30 07:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-13 19:31 - 2017-09-30 07:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-13 19:31 - 2017-09-30 07:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-13 19:31 - 2017-09-30 07:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-13 19:31 - 2017-09-30 07:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-13 19:31 - 2017-09-30 07:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-13 19:31 - 2017-09-30 07:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-13 19:31 - 2017-09-30 07:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-13 19:31 - 2017-09-30 07:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-13 19:31 - 2017-09-30 07:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-13 19:31 - 2017-09-30 07:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-13 19:31 - 2017-09-30 07:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-13 19:31 - 2017-09-30 07:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-13 19:31 - 2017-09-30 07:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:31 - 2017-09-30 07:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-13 19:31 - 2017-09-30 07:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-13 19:31 - 2017-09-30 07:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-13 19:31 - 2017-09-30 04:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-13 19:31 - 2017-09-30 04:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-13 19:31 - 2017-09-30 04:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-13 19:31 - 2017-09-30 04:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-13 19:31 - 2017-09-30 04:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31 - 2017-09-30 04:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-13 19:31 - 2017-09-30 04:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-13 19:31 - 2017-09-30 04:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-13 19:31 - 2017-09-30 04:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-13 19:31 - 2017-09-30 04:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-13 19:31 - 2017-09-29 09:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-13 19:31 - 2017-09-29 09:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-13 19:31 - 2017-09-29 09:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-13 19:31 - 2017-09-29 09:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-13 19:31 - 2017-09-29 09:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-13 19:31 - 2017-09-29 09:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-13 19:31 - 2017-09-29 09:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-13 19:31 - 2017-09-29 09:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-13 19:31 - 2017-09-29 09:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-13 19:31 - 2017-09-29 09:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-13 19:31 - 2017-09-29 09:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-13 19:31 - 2017-09-29 09:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-13 19:31 - 2017-09-29 09:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-13 19:31 - 2017-09-29 09:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-13 19:31 - 2017-09-29 09:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-13 19:31 - 2017-09-29 09:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-13 19:31 - 2017-09-29 09:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-13 19:31 - 2017-09-29 09:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-13 19:31 - 2017-09-29 09:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-13 19:31 - 2017-09-29 09:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-13 19:31 - 2017-09-29 09:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-13 19:31 - 2017-09-29 09:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-13 19:31 - 2017-09-29 09:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-13 19:31 - 2017-09-29 09:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-13 19:31 - 2017-09-29 09:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-13 19:31 - 2017-09-29 09:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-13 19:31 - 2017-09-29 09:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-13 19:31 - 2017-09-29 09:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-13 19:31 - 2017-09-29 09:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-13 19:31 - 2017-09-29 09:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-13 19:31 - 2017-09-29 09:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-13 19:31 - 2017-09-29 09:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-13 19:31 - 2017-09-29 09:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-13 19:31 - 2017-09-29 09:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-13 19:31 - 2017-09-29 09:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-13 19:31 - 2017-09-29 09:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-13 19:31 - 2017-09-29 09:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-13 19:31 - 2017-09-29 09:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-13 19:31 - 2017-09-29 09:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-13 19:31 - 2017-09-29 09:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-13 19:31 - 2017-09-29 09:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-13 19:31 - 2017-09-29 09:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-13 19:31 - 2017-09-29 09:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-13 19:31 - 2017-09-29 09:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-13 19:31 - 2017-09-29 09:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-13 19:31 - 2017-09-29 09:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-13 19:31 - 2017-09-29 09:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-13 19:31 - 2017-09-29 09:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-13 19:31 - 2017-09-29 09:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-13 19:31 - 2017-09-29 09:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-13 19:31 - 2017-09-29 09:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-13 19:31 - 2017-09-29 09:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-13 19:31 - 2017-09-29 09:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-13 19:31 - 2017-09-29 09:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-13 19:31 - 2017-09-29 09:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-13 19:31 - 2017-09-29 09:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-13 19:31 - 2017-09-29 09:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-13 19:31 - 2017-09-29 09:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-13 19:31 - 2017-09-29 09:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-13 19:31 - 2017-09-29 09:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-13 19:31 - 2017-09-29 09:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-13 19:31 - 2017-09-29 09:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-13 19:31 - 2017-09-29 09:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-13 19:31 - 2017-09-29 09:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-13 19:31 - 2017-09-29 09:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-13 19:31 - 2017-09-29 09:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-13 19:31 - 2017-09-29 09:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-13 19:31 - 2017-09-29 09:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-13 19:31 - 2017-09-29 09:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-13 19:31 - 2017-09-29 09:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-13 19:31 - 2017-09-29 09:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-13 19:31 - 2017-09-29 09:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-13 19:31 - 2017-09-29 09:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-13 19:31 - 2017-09-29 09:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-13 19:31 - 2017-09-29 09:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-13 19:31 - 2017-09-29 09:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-13 19:31 - 2017-09-29 09:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-13 19:31 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-13 19:31 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-13 19:31 - 2017-09-20 17:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-13 19:31 - 2017-09-20 17:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-13 19:31 - 2017-09-20 17:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-13 19:31 - 2017-09-19 01:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-13 19:31 - 2017-09-19 01:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-13 19:31 - 2017-09-19 01:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-13 19:31 - 2017-09-19 01:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-13 19:31 - 2017-09-19 01:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-13 19:31 - 2017-09-19 01:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-13 19:31 - 2017-09-19 01:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-13 19:31 - 2017-09-19 01:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-13 19:31 - 2017-09-19 00:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-13 19:31 - 2017-09-19 00:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-13 19:31 - 2017-09-19 00:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-13 19:31 - 2017-09-19 00:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-13 19:30 - 2017-09-30 07:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-13 19:30 - 2017-09-30 07:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-13 19:30 - 2017-09-30 07:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-13 19:30 - 2017-09-30 07:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-13 19:30 - 2017-09-30 07:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-13 19:30 - 2017-09-29 09:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-13 19:30 - 2017-09-29 09:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-13 19:30 - 2017-09-29 09:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-13 19:30 - 2017-09-29 09:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-13 19:30 - 2017-09-29 09:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-13 19:30 - 2017-09-29 09:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-13 19:30 - 2017-09-29 09:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-13 19:30 - 2017-09-29 09:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-13 19:30 - 2017-09-29 09:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-13 19:30 - 2017-09-29 09:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-13 19:30 - 2017-09-29 09:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-13 19:30 - 2017-09-29 09:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-13 19:30 - 2017-09-29 09:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-13 19:30 - 2017-09-29 09:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-13 19:30 - 2017-09-29 09:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-13 19:30 - 2017-09-29 09:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-13 19:30 - 2017-09-29 09:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-13 19:30 - 2017-09-29 09:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-13 19:30 - 2017-09-29 09:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-13 19:30 - 2017-09-29 09:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-13 19:30 - 2017-09-29 09:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-13 19:30 - 2017-09-29 09:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-13 19:30 - 2017-09-29 09:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-13 19:30 - 2017-09-29 09:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-13 19:30 - 2017-09-29 09:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-13 19:30 - 2017-09-29 09:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-13 19:30 - 2017-09-19 00:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-13 19:30 - 2017-09-19 00:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-05 20:39 - 2017-10-05 20:39 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Solvusoft
2017-10-05 20:36 - 2017-10-05 20:47 - 000000000 ____D C:\Users\Petr\AppData\Local\IIIQF
2017-10-05 20:36 - 2017-10-05 20:39 - 000000000 ____D C:\ProgramData\Solvusoft
2017-10-05 20:36 - 2017-10-05 20:36 - 008932000 _____ (Solvusoft Corporation ) C:\Users\Petr\Downloads\Setup_WinThruster_2016.exe
2017-10-05 19:14 - 2017-10-05 19:18 - 000000000 ____D C:\Users\Petr\AppData\Local\TempTaskUpdateDetection39DB6DD9-AE43-4268-AF36-3EE5C71C70F3
2017-10-01 19:45 - 2017-10-21 13:12 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3697592394-1657936854-2325889698-1002
2017-09-27 19:35 - 2017-09-27 19:35 - 000000000 ____D C:\Users\Helca\AppData\Local\DBG
2017-09-27 19:33 - 2017-09-27 19:33 - 000000020 ___SH C:\Users\Helca\ntuser.ini
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-25 14:51 - 2017-08-17 09:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-25 14:51 - 2017-03-09 20:46 - 641100410 _____ C:\WINDOWS\MEMORY.DMP
2017-10-25 13:51 - 2017-08-17 09:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-25 12:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-25 11:52 - 2013-12-22 17:54 - 000000000 ____D C:\Users\Helca\AppData\Roaming\Seznam.cz
2017-10-25 11:47 - 2013-03-02 10:09 - 000000000 ____D C:\Users\Helca\AppData\Local\Packages
2017-10-25 11:40 - 2017-03-18 13:40 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2017-10-25 07:26 - 2014-01-02 13:31 - 000007597 _____ C:\Users\Petr\AppData\Local\resmon.resmoncfg
2017-10-25 07:22 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-24 23:06 - 2015-02-01 10:08 - 000000000 ____D C:\AdwCleaner
2017-10-24 22:55 - 2013-08-03 09:58 - 000000000 ____D C:\Program Files\trend micro
2017-10-23 16:12 - 2017-08-17 09:26 - 000000000 ____D C:\Users\Helca
2017-10-23 16:12 - 2017-08-17 09:26 - 000000000 ____D C:\Users\Guest
2017-10-23 15:39 - 2014-03-25 23:35 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-10-23 15:34 - 2017-03-09 22:07 - 000186522 ____N C:\WINDOWS\Minidump\102317-292437-01.dmp
2017-10-23 15:19 - 2017-08-17 09:26 - 000000000 ____D C:\Users\Petr
2017-10-22 10:11 - 2017-08-17 09:49 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-10-22 10:11 - 2017-07-14 14:44 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-10-22 10:11 - 2017-01-12 18:45 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-10-22 10:11 - 2014-11-21 23:31 - 000001971 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-10-22 09:51 - 2017-08-17 09:49 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C827C728-317A-4E6A-AE87-388480E0C7F0}
2017-10-22 09:49 - 2013-05-09 08:56 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-21 23:16 - 2017-07-14 14:44 - 000061304 _____ () C:\WINDOWS\SMSS-PFRO86b4.tmp
2017-10-21 14:52 - 2017-07-29 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2017-10-21 14:52 - 2017-07-29 12:59 - 000000000 ____D C:\Program Files (x86)\GreenTree Applications
2017-10-21 14:52 - 2017-03-16 19:08 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-10-21 14:52 - 2017-03-16 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-10-21 14:52 - 2016-01-19 10:13 - 000000000 ____D C:\Program Files\Bonjour
2017-10-21 14:52 - 2016-01-19 10:13 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-10-21 14:52 - 2015-09-30 09:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-21 14:52 - 2015-09-30 09:14 - 000000000 ____D C:\Program Files (x86)\Java
2017-10-21 14:52 - 2014-01-30 00:19 - 000000000 ____D C:\Users\Helca\AppData\Local\Skype
2017-10-21 14:39 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\registration
2017-10-21 14:38 - 2015-09-30 09:14 - 000000000 ____D C:\ProgramData\Oracle
2017-10-21 13:23 - 2014-01-29 23:25 - 000000000 __RDO C:\Users\Helca\SkyDrive
2017-10-21 13:12 - 2015-11-25 22:06 - 000002431 _____ C:\Users\Helca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-21 13:11 - 2012-10-05 23:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-21 09:13 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-20 22:03 - 2016-08-25 11:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-20 21:56 - 2016-11-21 09:59 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2017-10-20 21:40 - 2016-01-19 10:37 - 000000000 ___RD C:\Users\Petr\iCloudDrive
2017-10-20 21:31 - 2017-08-17 09:46 - 001974072 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-20 21:31 - 2017-03-20 06:43 - 000851278 _____ C:\WINDOWS\system32\perfh005.dat
2017-10-20 21:31 - 2017-03-20 06:43 - 000181040 _____ C:\WINDOWS\system32\perfc005.dat
2017-10-20 21:01 - 2015-09-30 09:15 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-10-20 21:01 - 2014-12-12 20:59 - 000001147 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-10-20 19:29 - 2013-08-03 09:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-20 19:04 - 2017-08-17 09:49 - 000003484 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2017-10-20 18:24 - 2016-02-24 17:48 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-10-19 11:47 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-19 11:45 - 2015-02-01 20:36 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-10-19 10:18 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-19 08:50 - 2013-03-11 13:37 - 000000000 ____D C:\Users\Petr\AppData\Local\Bandizip
2017-10-19 08:37 - 2013-05-25 21:07 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2017-10-17 21:09 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-17 15:38 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-17 15:38 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-15 06:36 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-15 06:24 - 2017-07-14 14:44 - 000061304 _____ () C:\WINDOWS\SMSS-PFRO789b.tmp
2017-10-14 06:16 - 2014-04-29 14:20 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-10-14 06:16 - 2013-12-18 09:46 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-10-14 06:16 - 2013-05-09 08:59 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-10-14 06:16 - 2013-05-09 08:59 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-10-14 06:16 - 2013-05-09 08:59 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-10-14 06:16 - 2013-05-09 08:59 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-10-14 06:16 - 2013-05-09 08:59 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-10-13 21:17 - 2017-03-16 01:22 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-10-13 21:17 - 2017-03-16 01:22 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-10-13 21:17 - 2017-03-16 01:22 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-10-13 21:17 - 2017-03-16 01:22 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-10-13 21:17 - 2013-05-09 08:59 - 001020536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-10-13 21:14 - 2017-08-17 09:23 - 000518856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-13 21:12 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-13 21:12 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-13 21:11 - 2017-03-18 23:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-13 21:11 - 2017-03-18 23:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-13 21:09 - 2014-05-20 12:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-13 19:45 - 2013-08-07 12:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-13 19:40 - 2013-03-01 12:17 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-13 02:21 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 02:21 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-05 20:57 - 2017-04-03 20:20 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-10-05 20:57 - 2017-04-03 20:20 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-10-05 20:30 - 2016-06-04 21:24 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\uTorrent
2017-10-05 20:30 - 2013-12-17 11:59 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2017-10-05 20:05 - 2013-03-04 11:09 - 000000000 ____D C:\Users\Petr\AppData\Local\Google
2017-09-27 20:19 - 2016-11-26 15:57 - 000000000 ____D C:\Users\Helca\AppData\LocalLow\Mozilla
2017-09-27 19:35 - 2016-09-16 15:06 - 000000000 ____D C:\Users\Helca\AppData\Local\ConnectedDevicesPlatform
2017-09-27 07:06 - 2014-02-10 09:24 - 000002508 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-27 07:06 - 2014-02-10 09:24 - 000002500 _____ C:\Users\Petr\Desktop\Google Chrome.lnk
2017-09-25 10:25 - 2017-08-17 10:29 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3697592394-1657936854-2325889698-1001
2017-09-25 10:25 - 2015-11-18 10:46 - 000002428 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-25 10:25 - 2014-01-02 13:02 - 000000000 __RDO C:\Users\Petr\SkyDrive
==================== Files in the root of some directories =======
2014-11-09 22:56 - 2014-11-09 22:56 - 000000600 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
2013-12-25 15:26 - 2013-12-25 15:27 - 000004608 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-26 18:20 - 2016-06-19 21:39 - 000000600 _____ () C:\Users\Petr\AppData\Local\PUTTY.RND
2014-12-09 22:15 - 2014-12-09 22:15 - 000009014 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel
2014-01-02 13:31 - 2017-10-25 07:26 - 000007597 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2017-10-19 08:49 - 2017-10-19 08:50 - 005285384 _____ (Bandisoft) C:\Users\Petr\AppData\Local\Temp\BANDIZIP-SETUP.EXE
2016-10-19 17:11 - 2016-10-19 17:11 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Petr\AppData\Local\Temp\libeay32.dll
2016-10-19 17:11 - 2016-10-19 17:11 - 000970912 _____ (Microsoft Corporation) C:\Users\Petr\AppData\Local\Temp\msvcr120.dll
2016-10-19 17:11 - 2016-10-19 17:11 - 000772672 _____ () C:\Users\Petr\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-20 21:35
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Acer) (Fixed) (Total:453.26 GB) (Free:293.86 GB) NTFS
Drive d: (DATA) (Fixed) (Total:454.61 GB) (Free:57.44 GB) NTFS
Available physical RAM: 2100.35 MB
Total physical RAM: 3963.09 MB
Percentage of memory in use: 47%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8CB33117)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Petr\Desktop" je 1689 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Re: Prosímo kontrolu
A rovnou ještě Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2017 01
Ran by Petr (25-10-2017 15:08:22)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-08-17 08:00:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3697592394-1657936854-2325889698-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3697592394-1657936854-2325889698-503 - Limited - Disabled)
Guest (S-1-5-21-3697592394-1657936854-2325889698-501 - Limited - Disabled) => C:\Users\Guest
Helca (S-1-5-21-3697592394-1657936854-2325889698-1002 - Limited - Enabled) => C:\Users\Helca
Petr (S-1-5-21-3697592394-1657936854-2325889698-1001 - Administrator - Enabled) => C:\Users\Petr
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.34 - Avanquest Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9045 - )
Bandizip (HKLM\...\Bandizip) (Version: 6.10 - Bandisoft.com)
BitTorrent (HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\BitTorrent) (Version: 7.9.3.40761 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bontia Studio (HKLM-x32\...\{8a154120-e18f-45f2-a463-75d8b6716260}) (Version: 5.2.4288.18799 - Bontia a.s.)
Bontia Studio 5.2 (HKLM-x32\...\{278BD020-1DCD-46C2-B9F6-36E88E10AC64}) (Version: 5.2.4288.0 - Bontia, a.s.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dropbox (HKLM-x32\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DWGSee Pro 2016 (HKLM-x32\...\{84AAA3F4-45CE-4FC6-8C16-35C98E69673C}) (Version: 4.17 - AutoDWG)
Exact Audio Copy 1.0beta4 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta4 - Andre Wiethoff)
Free DWG Viewer 7.3 (HKLM-x32\...\{BC66852F-0928-494F-B3C1-5FF5DB4F88BC}) (Version: 7.3.0.180 - IGC)
GeoGet verze 2.9.3.760 (HKLM-x32\...\GeoGet_is1) (Version: 2.9.3.760 - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Globus - domaci fotosberna (HKLM-x32\...\Globus - domaci fotosberna) (Version: 5.0.6 - CEWE Stiftung u Co. KGaA)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Chrome (HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
Microsoft Office Professional Plus 2013 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 15.0.4971.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
ProjectLibre (HKLM-x32\...\{8E2A530F-ABE9-45B4-B4EA-B9DF56698376}) (Version: 1.6.2.0 - ProjectLibre)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
SolidWorks eDrawings 2013 (HKLM-x32\...\{67B54121-76BB-4F42-975E-F8155E5EF490}) (Version: 13.2.110 - Dassault Systèmes SolidWorks Corp.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.00 - NCH Software)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
WinSCP 5.5.6 (HKLM-x32\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
YTD Video Downloader 5.8.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.4 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-14] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-14] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-03-30] (IvoSoft)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-03-30] (IvoSoft)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2009-02-09] (Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2014-05-12] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-14] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers1: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2016\DWGSeeMenu64.dll [2012-07-13] (TODO: <Company name>)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-11-30] (Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-04-22] (Apple Inc.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-14] (AVAST Software)
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2012-07-12] (Egis Technology Inc. )
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (Egis Technology Inc.)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-11-30] (Google)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-14] (AVAST Software)
ContextMenuHandlers1_S-1-5-21-3697592394-1657936854-2325889698-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers2_S-1-5-21-3697592394-1657936854-2325889698-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-3697592394-1657936854-2325889698-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers5_S-1-5-21-3697592394-1657936854-2325889698-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06972A83-F749-4316-91FB-7D90AD6169C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {09FB8A7A-8681-444A-BF74-3D27EBCDDA28} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0FF9D007-93C3-4469-A9B0-E299B4D56392} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {123CC8D2-6D50-49BC-B805-50B9935E9C47} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1F87811B-074A-482A-A926-8EEF200970BD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-13] (AVAST Software)
Task: {25C9E947-05FC-4B17-B521-14A27865D9B6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2FF841EB-6B38-43ED-98F8-5D8303E68408} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24] (Dropbox, Inc.)
Task: {31F15CA3-722C-4169-8CC1-A4013D065BCB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {346E96AF-37E3-4E31-8B4C-7CA52B2DBC2B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {39258F22-45BE-4713-AF45-A451323BB7F4} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2012-07-06] (Acer Incorporated)
Task: {4145606B-AE45-4C5D-ACBB-6C55CBBC3D07} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {45C40D6F-BF4D-47CC-8A84-5FDCDF218469} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {51F7B20C-66C6-44BE-BE25-7E3350F035DE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5F33FA58-D2BE-45E5-84D7-DCBDAFA26448} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {63700C6F-EA33-4393-8289-B482449CE6A5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {6A4BE10E-E2F3-4465-8307-65667EA3286B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-24] ()
Task: {70A32E85-0760-45CB-9D03-1433FC6D2DB8} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-04-22] (Apple Inc.)
Task: {73027017-BAA3-438C-8B02-3845829E05BC} - System32\Tasks\{8E37F217-FF0E-4080-8588-C759EB6580A7} => C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Downloads\Mafia\Game-no CD.exe" -d C:\Users\Petr\Downloads\Mafia
Task: {79BB936A-CEE6-4CE4-A98B-5B9DCA0623BB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-17] (Adobe Systems Incorporated)
Task: {7AD1D654-3E77-4DA7-97A0-4AF8D8000C16} - \WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1001 -> No File <==== ATTENTION
Task: {7B8BDD87-EB07-411B-91E6-1B0BA26EAC90} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-23] (Acer Incorporated)
Task: {847CE5C8-D2AF-44F6-9F3E-CD52500F4822} - \WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1002 -> No File <==== ATTENTION
Task: {85673B63-7DEB-4D66-AAFF-A3A24AA49312} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {866B6AA6-9A31-4C4E-B66D-C35346805A39} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {8B48BC25-D9C2-4EC8-9308-568C252C4B90} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {8DEE5022-C7A3-47D9-84CC-7DA577D369B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9CA1161E-73F0-49D6-AF65-806654E1B6AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A5AC5FCD-9456-4277-B5BF-5DD4BD01C6B2} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {A75D4144-A587-44F4-B878-E1ECDFDFC30F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {AB446599-CBFE-4E49-9FDA-98F6B141D0D0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24] (Dropbox, Inc.)
Task: {C368D476-F66E-4643-ACC8-CE483F49EEFC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {C4219090-BB37-4BA1-8880-E41398DA6FBC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {C5363976-F1B9-416F-BE5C-64A42FDF163C} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {C8E7E803-9D5E-4F4A-9E3F-F9DFAE662228} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D16C4482-4E7F-4112-9D24-470BC395D2EE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-10-13] (Microsoft Corporation)
Task: {E2D7CDDB-E752-46D7-91E3-A8D450209294} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E4813DB8-8F9A-4576-972A-6DEC66CFA0B5} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {E76A9E7D-2AD6-4BAA-8D53-741A90276DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {EAE90217-AAD0-4DCD-B3B1-0B3CBA9D0591} - System32\Tasks\avastBCLRestartS-1-5-21-3697592394-1657936854-2325889698-1001 => C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {EFB6C75E-FF02-4B50-A564-E46D6B85E572} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F0D2EED7-7ED1-4DC6-918F-ED13D92D67DE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {F7DD1472-D452-47C0-BE71-564232E021E7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {FFE96A99-F8DC-434D-B86B-E41DBD3FB1A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Petr\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\Petr\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
==================== Loaded Modules (Whitelisted) ==============
2015-02-01 20:36 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-03-02 00:12 - 2013-01-22 22:41 - 000093768 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-09 02:16 - 2017-03-09 02:16 - 000112264 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2017-10-13 21:18 - 2017-10-13 21:18 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-13 21:18 - 2017-10-13 21:18 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-07-14 14:42 - 2017-07-14 14:42 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-13 21:18 - 2017-10-13 21:18 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-13 21:18 - 2017-10-13 21:18 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-13 21:17 - 2017-10-13 21:17 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-25 11:31 - 2017-10-25 11:31 - 000703336 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 001047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 000244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2012-10-04 00:24 - 2012-07-18 05:55 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Classes\.scr: AutoCADScriptFile =>
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2013-08-03 12:28 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.92.0.5 - 10.92.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "IMMON"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{4694F7EC-85FC-4779-9465-8B689423E44A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{15EF6C42-5089-429E-BA07-B6EEC114F51C}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{6B5CA050-BE1F-42CB-9A86-C2FAA8ADC944}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{345AA646-B6A9-41DD-BA67-5DAA71F19D97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{99D51ACD-2AFF-4B84-ACDA-C48AE7E62B3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{50C8B0F7-C268-4FA1-9B10-A9FC734256F2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{44EE029F-3B7F-48C0-AF3E-01C795F8D12F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{0661FD2F-AD4F-45C8-BFE9-AC8B9CF54307}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CBD13ADB-6F02-4ED3-9C0E-A5004F9F69C7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{04E2CFA7-D210-4906-8FB5-F5F04FDB5C3A}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F755259C-B572-4FDD-8999-069B4F075427}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1D3764C1-0283-4A6B-AA27-7C6499D63FB6}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{18C56BA5-41A0-4410-9B44-86409F9DAA2E}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{E7C06A9F-4500-4847-869A-41610FB02E01}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{41DD656A-1D2A-4B95-BC04-C371AD41481E}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{39D8B42C-40F8-4D4D-9D0E-9DFDA081A1FA}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{04A48EF7-5B41-4084-867B-DC93C29CEFB4}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [UDP Query User{1C3D2666-D5AF-4085-B40B-64BFBF207A0B}C:\users\petr\documents\jperf\jperf-2.0.2\bin\iperf.exe] => (Allow) C:\users\petr\documents\jperf\jperf-2.0.2\bin\iperf.exe
FirewallRules: [TCP Query User{84891B7B-814A-40BA-80E1-478414A7FED5}C:\users\petr\documents\jperf\jperf-2.0.2\bin\iperf.exe] => (Allow) C:\users\petr\documents\jperf\jperf-2.0.2\bin\iperf.exe
FirewallRules: [UDP Query User{8DF2786A-8025-4145-B3CD-54A8C8641BCA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{D94CE705-2FAD-4632-A8FF-82B4574F3F0B}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1EFC3EEF-ACF8-4DA8-9CF6-6C4150154BDC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{FBCA39F7-2BF7-4B21-A076-3525D3A46877}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C6AA7A32-A52C-4442-9A80-F0E3851350FC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{3AE4B248-C73B-45E0-AF48-18D1A10979C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{4A2B3411-A025-44AF-BF90-B701AB8B5F6D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{0D402CAC-80AE-4C5A-8C77-34B3B1616C01}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{C5D33139-72AC-4500-B093-6A2E92990749}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B03D5227-229B-4FDD-BC1C-6E10E90DECF1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{667EE370-1400-40CC-8AF5-92820F0269DA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{CC11F6C4-4944-4E4E-BA15-E0C829F9B973}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{B9FD39BD-DB8B-451E-8414-D8ACCBF53BAB}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{126BE451-1CEB-4B4E-8ACC-F1E4472EB764}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{39C45E0E-915D-4DC5-8010-852D1DC83DD9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{77F898B3-D75E-4D5A-9552-159E93BEAB0E}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{A7F10BE9-B6C2-408A-9E18-8837357CB664}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{B073174B-C8A4-4469-BDC4-D98482E4C16A}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{2677A9B3-5285-4295-AD5F-7A9381B840EA}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [TCP Query User{50DEFCAB-1BFF-4CB8-AE46-F9806A14B87B}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{740230DF-ED3F-493B-81D5-4D35B136A5EB}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{F1001D95-AF11-4F4D-8CF2-DBB5A6DD5E15}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{8AA18C81-C1BC-423E-BF47-85F31EDA6E5B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{1A8E3701-FBDE-43ED-AA50-54FF175AF595}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{D3E2FC77-4376-4D9D-A1E1-8259C2AE4FB7}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{4000EBBE-AB64-4AEF-8F06-3576888A7A2E}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C0369266-DE5D-4479-9F1F-D5013C50B3D7}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F5D5AF26-8323-4E76-9B8E-08C811105FF5}] => (Allow) C:\Users\Petr\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2B60DCAC-7E4C-4995-BF91-CB9DB8672FE5}] => (Allow) C:\Users\Petr\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{FB298D05-E300-4607-AF67-243602426E83}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{C18EEFD1-3497-4C14-80A1-801A09ED4EF8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{DD682693-56E8-4F36-8457-AF47FC7F3695}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{C5F6AC9E-23F1-45E4-B496-391FCCE597B3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{C10CFA6B-E14D-4FB8-A385-39E87E68DB2B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DFE00F2C-E2B2-4089-89D6-48DA6CAC8E8C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{609CE756-BF41-48AD-9077-44D502C1CCA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{503F6768-CB5D-48B6-A41F-6AC1F9DA1AE2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AAA889AD-866D-45BB-890E-C45DBABDB78A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{35ADDB31-FF4D-4BC1-AE99-59E5D32536CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{452067E2-7819-488C-83F5-F7AE56431723}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{95F5BEDE-CAEE-46DB-B749-186F68060FCF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F6673431-D0A8-41B3-993C-C57607334BD5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/25/2017 02:58:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RuntimeBroker.exe, verze: 10.0.15063.0, časové razítko: 0x782fe8f8
Název chybujícího modulu: msxml3.dll, verze: 8.110.15063.483, časové razítko: 0x94f76bc9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000016ba0
ID chybujícího procesu: 0x1664
Čas spuštění chybující aplikace: 0x01d34d9027ad7fb4
Cesta k chybující aplikaci: C:\Windows\System32\RuntimeBroker.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\msxml3.dll
ID zprávy: 26af6f72-3d88-42c4-9d32-7840c5ddc967
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/25/2017 02:57:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PECINI)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (10/25/2017 02:52:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PECINI)
Description: Aplikaci Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (10/25/2017 11:52:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_wuauserv, verze: 10.0.15063.0, časové razítko: 0x02799ef5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.15063.674, časové razítko: 0x93d2100b
Kód výjimky: 0xc06d007e
Posun chyby: 0x0000000000069e08
ID chybujícího procesu: 0x1b10
Čas spuštění chybující aplikace: 0x01d34d7665057a0b
Cesta k chybující aplikaci: c:\windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: d13c9d79-2a5e-42c1-a06d-3d18862f002c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/25/2017 11:47:51 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: Pecini)
Description: C:\Users\Helca\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalStateMicrosoft.SkypeApp_kzf8qxf38zg5c-2147024894
Error: (10/25/2017 11:47:46 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: Pecini)
Description: C:\Users\Helca\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalStateMicrosoft.SkypeApp_kzf8qxf38zg5c-2147024894
Error: (10/25/2017 11:47:46 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: Pecini)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c3
Error: (10/25/2017 11:47:46 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: Pecini)
Description: C:\Users\Helca\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalStateMicrosoft.SkypeApp_kzf8qxf38zg5c-2147024894
Error: (10/25/2017 11:47:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pecini)
Description: Aplikaci Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (10/25/2017 11:39:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.exe, verze: 10.0.15063.674, časové razítko: 0xd8364343
Název chybujícího modulu: twinui.dll, verze: 10.0.15063.674, časové razítko: 0xdf077cb4
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000016940e
ID chybujícího procesu: 0x318
Čas spuštění chybující aplikace: 0x01d34d75378c14f2
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\twinui.dll
ID zprávy: 87b9fd74-1d5c-4e7f-9c9f-390011f621a4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (10/25/2017 03:05:41 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.
Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v online režimu.
Error: (10/25/2017 03:02:32 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 03:02:29 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 03:02:26 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {4991D34B-80A1-4291-83B6-3328366B9097} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/25/2017 03:02:26 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 03:00:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (10/25/2017 02:58:25 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 02:58:22 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 02:58:19 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 02:58:16 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
CodeIntegrity:
===================================
Date: 2017-10-25 11:38:59.868
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-25 11:38:52.581
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-25 11:35:13.977
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-25 11:35:13.974
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-25 11:31:34.806
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-25 11:31:34.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-25 11:25:49.875
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-25 11:25:49.872
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-24 22:26:45.174
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-24 22:26:45.171
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G645 @ 2.90GHz
Percentage of memory in use: 47%
Total physical RAM: 3963.09 MB
Available physical RAM: 2100.35 MB
Total Virtual: 7931.09 MB
Available Virtual: 6153.65 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:453.26 GB) (Free:293.86 GB) NTFS
Drive d: (DATA) (Fixed) (Total:454.61 GB) (Free:57.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8CB33117)
Partition: GPT.
==================== End of Addition.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2017 01
Ran by Petr (25-10-2017 15:08:22)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-08-17 08:00:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3697592394-1657936854-2325889698-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3697592394-1657936854-2325889698-503 - Limited - Disabled)
Guest (S-1-5-21-3697592394-1657936854-2325889698-501 - Limited - Disabled) => C:\Users\Guest
Helca (S-1-5-21-3697592394-1657936854-2325889698-1002 - Limited - Enabled) => C:\Users\Helca
Petr (S-1-5-21-3697592394-1657936854-2325889698-1001 - Administrator - Enabled) => C:\Users\Petr
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.34 - Avanquest Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9045 - )
Bandizip (HKLM\...\Bandizip) (Version: 6.10 - Bandisoft.com)
BitTorrent (HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\BitTorrent) (Version: 7.9.3.40761 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bontia Studio (HKLM-x32\...\{8a154120-e18f-45f2-a463-75d8b6716260}) (Version: 5.2.4288.18799 - Bontia a.s.)
Bontia Studio 5.2 (HKLM-x32\...\{278BD020-1DCD-46C2-B9F6-36E88E10AC64}) (Version: 5.2.4288.0 - Bontia, a.s.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dropbox (HKLM-x32\...\Dropbox) (Version: 37.4.29 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DWGSee Pro 2016 (HKLM-x32\...\{84AAA3F4-45CE-4FC6-8C16-35C98E69673C}) (Version: 4.17 - AutoDWG)
Exact Audio Copy 1.0beta4 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta4 - Andre Wiethoff)
Free DWG Viewer 7.3 (HKLM-x32\...\{BC66852F-0928-494F-B3C1-5FF5DB4F88BC}) (Version: 7.3.0.180 - IGC)
GeoGet verze 2.9.3.760 (HKLM-x32\...\GeoGet_is1) (Version: 2.9.3.760 - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Globus - domaci fotosberna (HKLM-x32\...\Globus - domaci fotosberna) (Version: 5.0.6 - CEWE Stiftung u Co. KGaA)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Chrome (HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
Microsoft Office Professional Plus 2013 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 15.0.4971.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.4971.1002 - Microsoft Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
ProjectLibre (HKLM-x32\...\{8E2A530F-ABE9-45B4-B4EA-B9DF56698376}) (Version: 1.6.2.0 - ProjectLibre)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
SolidWorks eDrawings 2013 (HKLM-x32\...\{67B54121-76BB-4F42-975E-F8155E5EF490}) (Version: 13.2.110 - Dassault Systèmes SolidWorks Corp.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.00 - NCH Software)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
WinSCP 5.5.6 (HKLM-x32\...\winscp3_is1) (Version: 5.5.6 - Martin Prikryl)
YTD Video Downloader 5.8.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.4 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll (Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-14] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-14] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-03-30] (IvoSoft)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-03-30] (IvoSoft)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2009-02-09] (Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2014-05-12] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-14] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers1: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2016\DWGSeeMenu64.dll [2012-07-13] (TODO: <Company name>)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-11-30] (Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2016-04-22] (Apple Inc.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-14] (AVAST Software)
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2012-07-12] (Egis Technology Inc. )
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (Egis Technology Inc.)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2016-11-30] (Google)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-10-17] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-14] (AVAST Software)
ContextMenuHandlers1_S-1-5-21-3697592394-1657936854-2325889698-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers2_S-1-5-21-3697592394-1657936854-2325889698-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-3697592394-1657936854-2325889698-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
ContextMenuHandlers5_S-1-5-21-3697592394-1657936854-2325889698-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Users\Petr\AppData\Local\Bandizip\bdzshl64.dll [2017-10-19] (Bandisoft.com)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06972A83-F749-4316-91FB-7D90AD6169C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {09FB8A7A-8681-444A-BF74-3D27EBCDDA28} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0FF9D007-93C3-4469-A9B0-E299B4D56392} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {123CC8D2-6D50-49BC-B805-50B9935E9C47} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1F87811B-074A-482A-A926-8EEF200970BD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-13] (AVAST Software)
Task: {25C9E947-05FC-4B17-B521-14A27865D9B6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2FF841EB-6B38-43ED-98F8-5D8303E68408} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24] (Dropbox, Inc.)
Task: {31F15CA3-722C-4169-8CC1-A4013D065BCB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {346E96AF-37E3-4E31-8B4C-7CA52B2DBC2B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {39258F22-45BE-4713-AF45-A451323BB7F4} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2012-07-06] (Acer Incorporated)
Task: {4145606B-AE45-4C5D-ACBB-6C55CBBC3D07} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {45C40D6F-BF4D-47CC-8A84-5FDCDF218469} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {51F7B20C-66C6-44BE-BE25-7E3350F035DE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5F33FA58-D2BE-45E5-84D7-DCBDAFA26448} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {63700C6F-EA33-4393-8289-B482449CE6A5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {6A4BE10E-E2F3-4465-8307-65667EA3286B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-24] ()
Task: {70A32E85-0760-45CB-9D03-1433FC6D2DB8} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-04-22] (Apple Inc.)
Task: {73027017-BAA3-438C-8B02-3845829E05BC} - System32\Tasks\{8E37F217-FF0E-4080-8588-C759EB6580A7} => C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Downloads\Mafia\Game-no CD.exe" -d C:\Users\Petr\Downloads\Mafia
Task: {79BB936A-CEE6-4CE4-A98B-5B9DCA0623BB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-17] (Adobe Systems Incorporated)
Task: {7AD1D654-3E77-4DA7-97A0-4AF8D8000C16} - \WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1001 -> No File <==== ATTENTION
Task: {7B8BDD87-EB07-411B-91E6-1B0BA26EAC90} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-23] (Acer Incorporated)
Task: {847CE5C8-D2AF-44F6-9F3E-CD52500F4822} - \WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1002 -> No File <==== ATTENTION
Task: {85673B63-7DEB-4D66-AAFF-A3A24AA49312} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {866B6AA6-9A31-4C4E-B66D-C35346805A39} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {8B48BC25-D9C2-4EC8-9308-568C252C4B90} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {8DEE5022-C7A3-47D9-84CC-7DA577D369B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9CA1161E-73F0-49D6-AF65-806654E1B6AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A5AC5FCD-9456-4277-B5BF-5DD4BD01C6B2} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {A75D4144-A587-44F4-B878-E1ECDFDFC30F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {AB446599-CBFE-4E49-9FDA-98F6B141D0D0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24] (Dropbox, Inc.)
Task: {C368D476-F66E-4643-ACC8-CE483F49EEFC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {C4219090-BB37-4BA1-8880-E41398DA6FBC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {C5363976-F1B9-416F-BE5C-64A42FDF163C} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {C8E7E803-9D5E-4F4A-9E3F-F9DFAE662228} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D16C4482-4E7F-4112-9D24-470BC395D2EE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-10-13] (Microsoft Corporation)
Task: {E2D7CDDB-E752-46D7-91E3-A8D450209294} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E4813DB8-8F9A-4576-972A-6DEC66CFA0B5} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {E76A9E7D-2AD6-4BAA-8D53-741A90276DC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {EAE90217-AAD0-4DCD-B3B1-0B3CBA9D0591} - System32\Tasks\avastBCLRestartS-1-5-21-3697592394-1657936854-2325889698-1001 => C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
Task: {EFB6C75E-FF02-4B50-A564-E46D6B85E572} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F0D2EED7-7ED1-4DC6-918F-ED13D92D67DE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {F7DD1472-D452-47C0-BE71-564232E021E7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {FFE96A99-F8DC-434D-B86B-E41DBD3FB1A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Petr\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\Petr\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
==================== Loaded Modules (Whitelisted) ==============
2015-02-01 20:36 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-03-02 00:12 - 2013-01-22 22:41 - 000093768 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-09 02:16 - 2017-03-09 02:16 - 000112264 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2017-10-13 21:18 - 2017-10-13 21:18 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-13 21:18 - 2017-10-13 21:18 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-07-14 14:42 - 2017-07-14 14:42 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-13 21:18 - 2017-10-13 21:18 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-13 21:18 - 2017-10-13 21:18 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-13 21:17 - 2017-10-13 21:17 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-25 11:31 - 2017-10-25 11:31 - 000703336 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 001047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 000244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2012-10-04 00:24 - 2012-07-18 05:55 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Classes\.scr: AutoCADScriptFile =>
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2013-08-03 12:28 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.92.0.5 - 10.92.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "IMMON"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{4694F7EC-85FC-4779-9465-8B689423E44A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{15EF6C42-5089-429E-BA07-B6EEC114F51C}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{6B5CA050-BE1F-42CB-9A86-C2FAA8ADC944}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{345AA646-B6A9-41DD-BA67-5DAA71F19D97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{99D51ACD-2AFF-4B84-ACDA-C48AE7E62B3D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{50C8B0F7-C268-4FA1-9B10-A9FC734256F2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{44EE029F-3B7F-48C0-AF3E-01C795F8D12F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{0661FD2F-AD4F-45C8-BFE9-AC8B9CF54307}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CBD13ADB-6F02-4ED3-9C0E-A5004F9F69C7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{04E2CFA7-D210-4906-8FB5-F5F04FDB5C3A}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F755259C-B572-4FDD-8999-069B4F075427}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1D3764C1-0283-4A6B-AA27-7C6499D63FB6}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{18C56BA5-41A0-4410-9B44-86409F9DAA2E}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{E7C06A9F-4500-4847-869A-41610FB02E01}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{41DD656A-1D2A-4B95-BC04-C371AD41481E}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{39D8B42C-40F8-4D4D-9D0E-9DFDA081A1FA}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{04A48EF7-5B41-4084-867B-DC93C29CEFB4}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [UDP Query User{1C3D2666-D5AF-4085-B40B-64BFBF207A0B}C:\users\petr\documents\jperf\jperf-2.0.2\bin\iperf.exe] => (Allow) C:\users\petr\documents\jperf\jperf-2.0.2\bin\iperf.exe
FirewallRules: [TCP Query User{84891B7B-814A-40BA-80E1-478414A7FED5}C:\users\petr\documents\jperf\jperf-2.0.2\bin\iperf.exe] => (Allow) C:\users\petr\documents\jperf\jperf-2.0.2\bin\iperf.exe
FirewallRules: [UDP Query User{8DF2786A-8025-4145-B3CD-54A8C8641BCA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{D94CE705-2FAD-4632-A8FF-82B4574F3F0B}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1EFC3EEF-ACF8-4DA8-9CF6-6C4150154BDC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{FBCA39F7-2BF7-4B21-A076-3525D3A46877}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C6AA7A32-A52C-4442-9A80-F0E3851350FC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{3AE4B248-C73B-45E0-AF48-18D1A10979C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{4A2B3411-A025-44AF-BF90-B701AB8B5F6D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{0D402CAC-80AE-4C5A-8C77-34B3B1616C01}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{C5D33139-72AC-4500-B093-6A2E92990749}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B03D5227-229B-4FDD-BC1C-6E10E90DECF1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{667EE370-1400-40CC-8AF5-92820F0269DA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{CC11F6C4-4944-4E4E-BA15-E0C829F9B973}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{B9FD39BD-DB8B-451E-8414-D8ACCBF53BAB}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{126BE451-1CEB-4B4E-8ACC-F1E4472EB764}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{39C45E0E-915D-4DC5-8010-852D1DC83DD9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{77F898B3-D75E-4D5A-9552-159E93BEAB0E}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{A7F10BE9-B6C2-408A-9E18-8837357CB664}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{B073174B-C8A4-4469-BDC4-D98482E4C16A}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{2677A9B3-5285-4295-AD5F-7A9381B840EA}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [TCP Query User{50DEFCAB-1BFF-4CB8-AE46-F9806A14B87B}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{740230DF-ED3F-493B-81D5-4D35B136A5EB}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{F1001D95-AF11-4F4D-8CF2-DBB5A6DD5E15}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{8AA18C81-C1BC-423E-BF47-85F31EDA6E5B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{1A8E3701-FBDE-43ED-AA50-54FF175AF595}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{D3E2FC77-4376-4D9D-A1E1-8259C2AE4FB7}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{4000EBBE-AB64-4AEF-8F06-3576888A7A2E}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C0369266-DE5D-4479-9F1F-D5013C50B3D7}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F5D5AF26-8323-4E76-9B8E-08C811105FF5}] => (Allow) C:\Users\Petr\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2B60DCAC-7E4C-4995-BF91-CB9DB8672FE5}] => (Allow) C:\Users\Petr\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{FB298D05-E300-4607-AF67-243602426E83}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{C18EEFD1-3497-4C14-80A1-801A09ED4EF8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{DD682693-56E8-4F36-8457-AF47FC7F3695}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{C5F6AC9E-23F1-45E4-B496-391FCCE597B3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{C10CFA6B-E14D-4FB8-A385-39E87E68DB2B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DFE00F2C-E2B2-4089-89D6-48DA6CAC8E8C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{609CE756-BF41-48AD-9077-44D502C1CCA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{503F6768-CB5D-48B6-A41F-6AC1F9DA1AE2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AAA889AD-866D-45BB-890E-C45DBABDB78A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{35ADDB31-FF4D-4BC1-AE99-59E5D32536CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{452067E2-7819-488C-83F5-F7AE56431723}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{95F5BEDE-CAEE-46DB-B749-186F68060FCF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F6673431-D0A8-41B3-993C-C57607334BD5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/25/2017 02:58:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RuntimeBroker.exe, verze: 10.0.15063.0, časové razítko: 0x782fe8f8
Název chybujícího modulu: msxml3.dll, verze: 8.110.15063.483, časové razítko: 0x94f76bc9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000016ba0
ID chybujícího procesu: 0x1664
Čas spuštění chybující aplikace: 0x01d34d9027ad7fb4
Cesta k chybující aplikaci: C:\Windows\System32\RuntimeBroker.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\msxml3.dll
ID zprávy: 26af6f72-3d88-42c4-9d32-7840c5ddc967
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/25/2017 02:57:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PECINI)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (10/25/2017 02:52:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PECINI)
Description: Aplikaci Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (10/25/2017 11:52:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_wuauserv, verze: 10.0.15063.0, časové razítko: 0x02799ef5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.15063.674, časové razítko: 0x93d2100b
Kód výjimky: 0xc06d007e
Posun chyby: 0x0000000000069e08
ID chybujícího procesu: 0x1b10
Čas spuštění chybující aplikace: 0x01d34d7665057a0b
Cesta k chybující aplikaci: c:\windows\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: d13c9d79-2a5e-42c1-a06d-3d18862f002c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/25/2017 11:47:51 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: Pecini)
Description: C:\Users\Helca\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalStateMicrosoft.SkypeApp_kzf8qxf38zg5c-2147024894
Error: (10/25/2017 11:47:46 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: Pecini)
Description: C:\Users\Helca\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalStateMicrosoft.SkypeApp_kzf8qxf38zg5c-2147024894
Error: (10/25/2017 11:47:46 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: Pecini)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c3
Error: (10/25/2017 11:47:46 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: Pecini)
Description: C:\Users\Helca\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalStateMicrosoft.SkypeApp_kzf8qxf38zg5c-2147024894
Error: (10/25/2017 11:47:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pecini)
Description: Aplikaci Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (10/25/2017 11:39:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.exe, verze: 10.0.15063.674, časové razítko: 0xd8364343
Název chybujícího modulu: twinui.dll, verze: 10.0.15063.674, časové razítko: 0xdf077cb4
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000016940e
ID chybujícího procesu: 0x318
Čas spuštění chybující aplikace: 0x01d34d75378c14f2
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\twinui.dll
ID zprávy: 87b9fd74-1d5c-4e7f-9c9f-390011f621a4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (10/25/2017 03:05:41 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.
Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v online režimu.
Error: (10/25/2017 03:02:32 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 03:02:29 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 03:02:26 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {4991D34B-80A1-4291-83B6-3328366B9097} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/25/2017 03:02:26 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 03:00:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (10/25/2017 02:58:25 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 02:58:22 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 02:58:19 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/25/2017 02:58:16 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
CodeIntegrity:
===================================
Date: 2017-10-25 11:38:59.868
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-25 11:38:52.581
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-25 11:35:13.977
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-25 11:35:13.974
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-25 11:31:34.806
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-25 11:31:34.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-25 11:25:49.875
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-25 11:25:49.872
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-24 22:26:45.174
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-24 22:26:45.171
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G645 @ 2.90GHz
Percentage of memory in use: 47%
Total physical RAM: 3963.09 MB
Available physical RAM: 2100.35 MB
Total Virtual: 7931.09 MB
Available Virtual: 6153.65 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:453.26 GB) (Free:293.86 GB) NTFS
Drive d: (DATA) (Fixed) (Total:454.61 GB) (Free:57.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8CB33117)
Partition: GPT.
==================== End of Addition.txt ============================
Re: Prosímo kontrolu
Teď jsem si všiml té obří porce dat na ploše.. Omylem tam byla složka s videem.. Už je pryč.
Re: Prosímo kontrolu
Odinstaluj YTD Video Downloader 5.8.4
zkus prosim otestovat tento soubor na www.virustotal.com
- pokud uz byl soubor otestovany, zvol Reanalyse.
Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:
( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).
zkus prosim otestovat tento soubor na www.virustotal.com
- pokud uz byl soubor otestovany, zvol Reanalyse.
C:\WINDOWS\system32\Drivers\lpsport.sys.150865855217102.150865988803102
Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:
( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).
start
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
CHR HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} hxxp://89.203.138.111:8080/IPCamPluginTM.cab
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kyz391a5.default-1508529397810 [not found] <==== ATTENTION
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
Task: {09FB8A7A-8681-444A-BF74-3D27EBCDDA28} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0FF9D007-93C3-4469-A9B0-E299B4D56392} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {123CC8D2-6D50-49BC-B805-50B9935E9C47} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {25C9E947-05FC-4B17-B521-14A27865D9B6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {45C40D6F-BF4D-47CC-8A84-5FDCDF218469} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {51F7B20C-66C6-44BE-BE25-7E3350F035DE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7AD1D654-3E77-4DA7-97A0-4AF8D8000C16} - \WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1001 -> No File <==== ATTENTION
Task: {847CE5C8-D2AF-44F6-9F3E-CD52500F4822} - \WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1002 -> No File <==== ATTENTION
Task: {85673B63-7DEB-4D66-AAFF-A3A24AA49312} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8DEE5022-C7A3-47D9-84CC-7DA577D369B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9CA1161E-73F0-49D6-AF65-806654E1B6AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A75D4144-A587-44F4-B878-E1ECDFDFC30F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {C8E7E803-9D5E-4F4A-9E3F-F9DFAE662228} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EFB6C75E-FF02-4B50-A564-E46D6B85E572} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FFE96A99-F8DC-434D-B86B-E41DBD3FB1A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Shortcut: C:\Users\Petr\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Classes\.scr: AutoCADScriptFile =>
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
end
Re: Prosímo kontrolu
Posílám log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2017-10-24 22:55:04
Microsoft Windows 10 Home
System drive C: has 295 GB (64%) free of 464 GB
Total RAM: 3963 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:06, on 24.10.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMMON] "C:\Program Files (x86)\IM Magician\Vicamon.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} (IPCamPluginTM Control) - http://89.203.138.111:8080/IPCamPluginTM.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11781 bytes
======Listing Processes======
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservice -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\system32\DbxSvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
dashost.exe {4fc89163-a427-48fb-aa4e16ec3e055f7e}
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
c:\windows\system32\svchost.exe -k netsvcs -s BITS
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\WINDOWS\System32\igfxtray.exe"
"C:\WINDOWS\System32\hkcmd.exe"
"C:\WINDOWS\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" -Embedding
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
taskhostw.exe
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Petr\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x1f0,0x1f4,0x1f8,0x1ec,0x1fc,0x7ffd3d7d1988,0x7ffd3d7d1948,0x7ffd3d7d1958
C:\Windows\System32\InstallAgent.exe -Embedding
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2692 --on-initialized-event-handle=680 --parent-handle=684 /prefetch:6
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,23,27,29,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4459 --gpu-driver-date=5-19-2016 --service-request-channel-token=08CDA75533D790ECFE543C25E7738388 --mojo-platform-channel-handle=1400 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=D3FF51DF238057EF55B75EC2CCC6118C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D3FF51DF238057EF55B75EC2CCC6118C --renderer-client-id=3 --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=1AF76934459064F946E0892C68FB07D7 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1AF76934459064F946E0892C68FB07D7 --renderer-client-id=4 --mojo-platform-channel-handle=3284 /prefetch:1
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
Explorer.exe
taskhostw.exe
"C:\WINDOWS\System32\Taskmgr.exe" /3
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -s DPS
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\System32\svchost.exe -k LocalService -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=1D33CA21261CAC8DDB4FB152847F8173 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1D33CA21261CAC8DDB4FB152847F8173 --renderer-client-id=16 --mojo-platform-channel-handle=3652 /prefetch:1
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=D7ED141F1A5DDDCA0A10835B9FEB1532 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D7ED141F1A5DDDCA0A10835B9FEB1532 --renderer-client-id=20 --mojo-platform-channel-handle=2672 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 688 692 700 8192 696
C:\WINDOWS\System32\svchost.exe -k netsvcs -s Browser
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x4f4
"C:\Users\Petr\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-08-15 163536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-20 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-09-05 1744688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-20 187968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2017-03-09 193112]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2017-03-09 420960]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2017-03-09 463960]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-10-14 253344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [2017-08-21 601168]
"OneDrive"=C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-25 1686736]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2016-04-22 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2016-04-22 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2016-04-22 356664]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2016-04-22 67896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMMON"=C:\Program Files (x86)\IM Magician\Vicamon.exe [2010-09-28 143360]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-10-17 3566904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2017-03-09 460936]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x00000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2017-10-23 15:38:28 ----ASH---- C:\pagefile.sys
2017-10-22 10:11:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-10-22 09:46:32 ----D---- C:\ProgramData\SWCUTemp
2017-10-21 22:36:19 ----ASH---- C:\tmpgfile.sys
2017-10-21 21:58:12 ----D---- C:\$Windows.~BT
2017-10-21 21:57:46 ----HD---- C:\$SysReset
2017-10-21 21:51:05 ----ASH---- C:\hiberfil.sys
2017-10-19 10:16:06 ----D---- C:\WINDOWS\Minidump
2017-10-19 08:43:40 ----D---- C:\Users\Petr\AppData\Roaming\audacity
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2017-10-13 19:40:39 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-10-13 19:32:01 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-10-13 19:32:01 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-10-13 19:32:00 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-10-13 19:31:59 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-10-13 19:31:58 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-10-13 19:31:55 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2017-10-13 19:31:52 ----RA---- C:\WINDOWS\SYSWOW64\icuuc.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\cipher.exe
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\mgmtapi.dll
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2017-10-13 19:31:49 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-10-13 19:31:49 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-10-13 19:31:48 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-10-13 19:31:47 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-10-13 19:31:47 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-10-13 19:31:46 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\cryptngc.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\UserDataService.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\fveui.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\bdesvc.dll
2017-10-13 19:31:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-10-13 19:31:38 ----A---- C:\WINDOWS\system32\mstsc.exe
2017-10-13 19:31:38 ----A---- C:\WINDOWS\system32\manage-bde.exe
2017-10-13 19:31:36 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-13 19:31:36 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-13 19:31:35 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-10-13 19:31:35 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-13 19:31:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\lsass.exe
2017-10-13 19:31:32 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-10-13 19:31:32 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-10-13 19:31:31 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-10-13 19:31:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2017-10-13 19:31:28 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\sspisrv.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\sspicli.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\jscript.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\fvewiz.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\fvecpl.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\wer.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-13 19:31:24 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-13 19:31:24 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-10-13 19:31:22 ----A---- C:\WINDOWS\system32\winresume.exe
2017-10-13 19:31:22 ----A---- C:\WINDOWS\system32\winload.exe
2017-10-13 19:31:21 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-10-13 19:31:21 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-10-13 19:31:19 ----A---- C:\WINDOWS\system32\eShims.dll
2017-10-13 19:31:19 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-10-13 19:31:18 ----A---- C:\WINDOWS\system32\wscsvc.dll
2017-10-13 19:31:18 ----A---- C:\WINDOWS\system32\rpchttp.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\wups.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\usocore.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\efscore.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\msftedit.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\msIso.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-10-13 19:31:13 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-13 19:31:13 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\msctf.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-10-13 19:31:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-13 19:31:10 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-13 19:31:10 ----A---- C:\WINDOWS\explorer.exe
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\quartz.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\user32.dll
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-13 19:31:04 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:31:03 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2017-10-13 19:31:02 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-10-13 19:31:00 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-10-13 19:30:59 ----A---- C:\WINDOWS\system32\fveapi.dll
2017-10-13 19:30:57 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-13 19:30:57 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\wsp_health.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2017-10-13 19:30:55 ----RA---- C:\WINDOWS\system32\icuuc.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\resutils.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\clusapi.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\advapi32.dll
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\fveapibase.dll
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\easinvoker.exe
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\usoapi.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\twinapi.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\TabSvc.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\webio.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\Robocopy.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\regsvc.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\efssvc.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\cipher.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-05 20:39:27 ----D---- C:\Users\Petr\AppData\Roaming\Solvusoft
2017-10-05 20:36:29 ----D---- C:\ProgramData\Solvusoft
======List of files/folders modified in the last 1 month======
2017-10-24 22:55:05 ----D---- C:\Program Files\trend micro
2017-10-24 22:54:23 ----D---- C:\WINDOWS\Temp
2017-10-24 22:53:06 ----D---- C:\WINDOWS\Prefetch
2017-10-24 22:36:46 ----D---- C:\WINDOWS\system32\drivers
2017-10-24 22:35:34 ----D---- C:\WINDOWS\system32\sru
2017-10-24 22:35:17 ----SHD---- C:\System Volume Information
2017-10-24 22:28:06 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-10-24 22:25:45 ----D---- C:\WINDOWS\System32
2017-10-24 22:25:43 ----D---- C:\WINDOWS
2017-10-23 16:08:26 ----RD---- C:\WINDOWS\Microsoft.NET
2017-10-23 15:42:32 ----D---- C:\WINDOWS\system32\SleepStudy
2017-10-23 15:39:37 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-10-22 10:29:23 ----D---- C:\WINDOWS\system32\config
2017-10-22 10:11:26 ----D---- C:\WINDOWS\system32\Tasks
2017-10-22 09:49:19 ----D---- C:\ProgramData\AVAST Software
2017-10-22 09:46:32 ----HD---- C:\ProgramData
2017-10-21 23:16:55 ----A---- C:\WINDOWS\SMSS-PFRO86b4.tmp
2017-10-21 23:12:17 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2017-10-21 23:07:06 ----D---- C:\WINDOWS\Logs
2017-10-21 23:07:00 ----SHD---- C:\Recovery
2017-10-21 14:53:03 ----SHD---- C:\WINDOWS\Installer
2017-10-21 14:52:07 ----D---- C:\WINDOWS\SysWOW64
2017-10-21 14:52:06 ----D---- C:\WINDOWS\Tasks
2017-10-21 14:52:06 ----D---- C:\WINDOWS\AppReadiness
2017-10-21 14:52:05 ----RD---- C:\Program Files (x86)\Skype
2017-10-21 14:52:05 ----RD---- C:\Program Files
2017-10-21 14:52:05 ----D---- C:\Program Files (x86)\Java
2017-10-21 14:52:05 ----AD---- C:\Program Files\Bonjour
2017-10-21 14:52:04 ----RD---- C:\Program Files (x86)
2017-10-21 14:52:04 ----D---- C:\Program Files (x86)\GreenTree Applications
2017-10-21 14:52:04 ----D---- C:\Program Files (x86)\Common Files
2017-10-21 14:52:04 ----AD---- C:\Program Files (x86)\Bonjour
2017-10-21 14:48:23 ----D---- C:\WINDOWS\system32\wbem
2017-10-21 14:47:50 ----HD---- C:\Program Files\WindowsApps
2017-10-21 14:39:10 ----D---- C:\WINDOWS\registration
2017-10-21 14:38:53 ----D---- C:\ProgramData\Oracle
2017-10-21 13:00:07 ----D---- C:\WINDOWS\system32\WDI
2017-10-21 09:13:35 ----D---- C:\WINDOWS\system32\catroot2
2017-10-21 09:13:15 ----D---- C:\WINDOWS\CbsTemp
2017-10-21 09:12:04 ----D---- C:\WINDOWS\WinSxS
2017-10-20 22:03:15 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-10-20 21:31:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-20 21:11:31 ----D---- C:\AdwCleaner
2017-10-20 21:02:18 ----SHD---- C:\Config.Msi
2017-10-20 21:01:52 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2017-10-20 19:29:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-20 18:58:23 ----RD---- C:\WINDOWS\assembly
2017-10-20 18:24:41 ----D---- C:\Program Files (x86)\Dropbox
2017-10-19 11:47:13 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-10-19 11:45:53 ----AD---- C:\Program Files\Microsoft Office 15
2017-10-19 10:18:09 ----D---- C:\WINDOWS\LiveKernelReports
2017-10-19 08:37:56 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2017-10-17 21:09:07 ----D---- C:\WINDOWS\INF
2017-10-17 15:38:52 ----D---- C:\WINDOWS\system32\Macromed
2017-10-17 15:38:50 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-10-16 13:59:10 ----D---- C:\WINDOWS\system32\DriverStore
2017-10-15 06:36:34 ----D---- C:\WINDOWS\rescache
2017-10-15 06:24:14 ----A---- C:\WINDOWS\SMSS-PFRO789b.tmp
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\en-US
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\cs-CZ
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\Boot
2017-10-13 21:12:21 ----D---- C:\WINDOWS\ShellExperiences
2017-10-13 21:12:21 ----D---- C:\WINDOWS\Provisioning
2017-10-13 21:11:57 ----A---- C:\WINDOWS\SYSWOW64\msclmd.dll
2017-10-13 21:11:57 ----A---- C:\WINDOWS\system32\msclmd.dll
2017-10-13 21:09:39 ----AD---- C:\Program Files (x86)\TeamViewer
2017-10-13 19:45:05 ----D---- C:\WINDOWS\system32\MRT
2017-10-13 19:40:33 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-10-13 02:21:46 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-10-06 18:28:18 ----SD---- C:\ProgramData\Microsoft
2017-10-05 20:30:52 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-10-13 198976]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-10-13 343288]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-10-13 57736]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-10-14 84416]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-10-14 363440]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-10-13 321032]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-10-14 110376]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-10-13 1020536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-10-14 587168]
R1 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [2012-05-26 168608]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 MpKsl0266b75c;MpKsl0266b75c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FD472C52-2C47-4CCB-94BA-6B84668B6356}\MpKsl0266b75c.sys [2017-10-23 58120]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-08-02 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-08-02 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-08-02 62776]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-10-14 147776]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-10-14 201352]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-03-18 79872]
R3 e1cexpress;@oem14.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [2012-07-12 498032]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-03-09 5382856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 IntcDAud;@oem72.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RSUSBSTOR;@oem49.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-07-05 252048]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-10-14 47008]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2014-10-16 16088]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-10-13 281416]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-01-24 2615368]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_4b01c;Uživatelská služba platformy připojených zařízení_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-09-05 3058416]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2017-10-17 51016]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 OneSyncSvc_4b01c;Hostitel synchronizace_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-10-13 7446024]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24 143144]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-17 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-03-09 300128]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24 143144]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_4b01c;Tok zařízení_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-04-03 1030600]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_4b01c;Služba zasílání zpráv_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-03 159960]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc_4b01c;Data kontaktů_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2017-03-18 302592]
S4 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-02-09 347200]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-17 265808]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-20 194000]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2017-10-24 22:55:04
Microsoft Windows 10 Home
System drive C: has 295 GB (64%) free of 464 GB
Total RAM: 3963 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:06, on 24.10.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMMON] "C:\Program Files (x86)\IM Magician\Vicamon.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} (IPCamPluginTM Control) - http://89.203.138.111:8080/IPCamPluginTM.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11781 bytes
======Listing Processes======
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservice -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\system32\DbxSvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
dashost.exe {4fc89163-a427-48fb-aa4e16ec3e055f7e}
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
c:\windows\system32\svchost.exe -k netsvcs -s BITS
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\WINDOWS\System32\igfxtray.exe"
"C:\WINDOWS\System32\hkcmd.exe"
"C:\WINDOWS\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" -Embedding
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
taskhostw.exe
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Petr\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x1f0,0x1f4,0x1f8,0x1ec,0x1fc,0x7ffd3d7d1988,0x7ffd3d7d1948,0x7ffd3d7d1958
C:\Windows\System32\InstallAgent.exe -Embedding
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2692 --on-initialized-event-handle=680 --parent-handle=684 /prefetch:6
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,23,27,29,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4459 --gpu-driver-date=5-19-2016 --service-request-channel-token=08CDA75533D790ECFE543C25E7738388 --mojo-platform-channel-handle=1400 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=D3FF51DF238057EF55B75EC2CCC6118C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D3FF51DF238057EF55B75EC2CCC6118C --renderer-client-id=3 --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=1AF76934459064F946E0892C68FB07D7 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1AF76934459064F946E0892C68FB07D7 --renderer-client-id=4 --mojo-platform-channel-handle=3284 /prefetch:1
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
Explorer.exe
taskhostw.exe
"C:\WINDOWS\System32\Taskmgr.exe" /3
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -s DPS
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\System32\svchost.exe -k LocalService -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=1D33CA21261CAC8DDB4FB152847F8173 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1D33CA21261CAC8DDB4FB152847F8173 --renderer-client-id=16 --mojo-platform-channel-handle=3652 /prefetch:1
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,4120989097626574026,11769141386509061467,131072 --service-pipe-token=D7ED141F1A5DDDCA0A10835B9FEB1532 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D7ED141F1A5DDDCA0A10835B9FEB1532 --renderer-client-id=20 --mojo-platform-channel-handle=2672 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 688 692 700 8192 696
C:\WINDOWS\System32\svchost.exe -k netsvcs -s Browser
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x4f4
"C:\Users\Petr\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-08-15 163536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-20 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-09-05 1744688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-20 187968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2017-03-09 193112]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2017-03-09 420960]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2017-03-09 463960]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-02 12921488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-10-14 253344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [2017-08-21 601168]
"OneDrive"=C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-25 1686736]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2016-04-22 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2016-04-22 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2016-04-22 356664]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2016-04-22 67896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMMON"=C:\Program Files (x86)\IM Magician\Vicamon.exe [2010-09-28 143360]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-10-17 3566904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2017-03-09 460936]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x00000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 month======
2017-10-23 15:38:28 ----ASH---- C:\pagefile.sys
2017-10-22 10:11:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-10-22 09:46:32 ----D---- C:\ProgramData\SWCUTemp
2017-10-21 22:36:19 ----ASH---- C:\tmpgfile.sys
2017-10-21 21:58:12 ----D---- C:\$Windows.~BT
2017-10-21 21:57:46 ----HD---- C:\$SysReset
2017-10-21 21:51:05 ----ASH---- C:\hiberfil.sys
2017-10-19 10:16:06 ----D---- C:\WINDOWS\Minidump
2017-10-19 08:43:40 ----D---- C:\Users\Petr\AppData\Roaming\audacity
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2017-10-17 17:48:08 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2017-10-13 19:40:39 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-10-13 19:32:07 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2017-10-13 19:32:06 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-10-13 19:32:05 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-10-13 19:32:04 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-10-13 19:32:03 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-13 19:32:02 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-10-13 19:32:01 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-10-13 19:32:01 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-10-13 19:32:00 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-10-13 19:31:59 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-10-13 19:31:58 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-10-13 19:31:57 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-10-13 19:31:56 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-10-13 19:31:55 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2017-10-13 19:31:54 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-10-13 19:31:53 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2017-10-13 19:31:52 ----RA---- C:\WINDOWS\SYSWOW64\icuuc.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2017-10-13 19:31:52 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-10-13 19:31:51 ----A---- C:\WINDOWS\SYSWOW64\cipher.exe
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\mgmtapi.dll
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2017-10-13 19:31:50 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2017-10-13 19:31:49 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-10-13 19:31:49 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-10-13 19:31:48 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-10-13 19:31:47 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-10-13 19:31:47 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-10-13 19:31:46 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-13 19:31:41 ----A---- C:\WINDOWS\system32\cryptngc.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\UserDataService.dll
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-13 19:31:40 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\fveui.dll
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-13 19:31:39 ----A---- C:\WINDOWS\system32\bdesvc.dll
2017-10-13 19:31:38 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-10-13 19:31:38 ----A---- C:\WINDOWS\system32\mstsc.exe
2017-10-13 19:31:38 ----A---- C:\WINDOWS\system32\manage-bde.exe
2017-10-13 19:31:36 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-13 19:31:36 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-13 19:31:35 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-10-13 19:31:35 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-13 19:31:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-13 19:31:33 ----A---- C:\WINDOWS\system32\lsass.exe
2017-10-13 19:31:32 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-10-13 19:31:32 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-10-13 19:31:31 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-10-13 19:31:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-13 19:31:29 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2017-10-13 19:31:28 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\sspisrv.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\sspicli.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\jscript.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-13 19:31:28 ----A---- C:\WINDOWS\system32\fvewiz.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\fvecpl.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-10-13 19:31:27 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-10-13 19:31:26 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\wer.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-13 19:31:25 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-13 19:31:24 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-13 19:31:24 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-10-13 19:31:22 ----A---- C:\WINDOWS\system32\winresume.exe
2017-10-13 19:31:22 ----A---- C:\WINDOWS\system32\winload.exe
2017-10-13 19:31:21 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-10-13 19:31:21 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-10-13 19:31:19 ----A---- C:\WINDOWS\system32\eShims.dll
2017-10-13 19:31:19 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-10-13 19:31:18 ----A---- C:\WINDOWS\system32\wscsvc.dll
2017-10-13 19:31:18 ----A---- C:\WINDOWS\system32\rpchttp.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-13 19:31:17 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\wups.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\usocore.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\efscore.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-10-13 19:31:16 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\msftedit.dll
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-10-13 19:31:15 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\msIso.dll
2017-10-13 19:31:14 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-10-13 19:31:13 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-13 19:31:13 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-10-13 19:31:12 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\msctf.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-10-13 19:31:11 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-10-13 19:31:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-13 19:31:10 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-13 19:31:10 ----A---- C:\WINDOWS\explorer.exe
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-13 19:31:09 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\quartz.dll
2017-10-13 19:31:08 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\user32.dll
2017-10-13 19:31:07 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-10-13 19:31:06 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-13 19:31:05 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-13 19:31:04 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-13 19:31:03 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2017-10-13 19:31:02 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-13 19:31:01 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-10-13 19:31:00 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-10-13 19:30:59 ----A---- C:\WINDOWS\system32\fveapi.dll
2017-10-13 19:30:57 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-13 19:30:57 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\wsp_health.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2017-10-13 19:30:56 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2017-10-13 19:30:55 ----RA---- C:\WINDOWS\system32\icuuc.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\resutils.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\clusapi.dll
2017-10-13 19:30:55 ----A---- C:\WINDOWS\system32\advapi32.dll
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\fveapibase.dll
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\easinvoker.exe
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-10-13 19:30:54 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\usoapi.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\twinapi.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\TabSvc.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-13 19:30:53 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\webio.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\Robocopy.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\regsvc.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\efssvc.dll
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\cipher.exe
2017-10-13 19:30:52 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-05 20:39:27 ----D---- C:\Users\Petr\AppData\Roaming\Solvusoft
2017-10-05 20:36:29 ----D---- C:\ProgramData\Solvusoft
======List of files/folders modified in the last 1 month======
2017-10-24 22:55:05 ----D---- C:\Program Files\trend micro
2017-10-24 22:54:23 ----D---- C:\WINDOWS\Temp
2017-10-24 22:53:06 ----D---- C:\WINDOWS\Prefetch
2017-10-24 22:36:46 ----D---- C:\WINDOWS\system32\drivers
2017-10-24 22:35:34 ----D---- C:\WINDOWS\system32\sru
2017-10-24 22:35:17 ----SHD---- C:\System Volume Information
2017-10-24 22:28:06 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-10-24 22:25:45 ----D---- C:\WINDOWS\System32
2017-10-24 22:25:43 ----D---- C:\WINDOWS
2017-10-23 16:08:26 ----RD---- C:\WINDOWS\Microsoft.NET
2017-10-23 15:42:32 ----D---- C:\WINDOWS\system32\SleepStudy
2017-10-23 15:39:37 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-10-22 10:29:23 ----D---- C:\WINDOWS\system32\config
2017-10-22 10:11:26 ----D---- C:\WINDOWS\system32\Tasks
2017-10-22 09:49:19 ----D---- C:\ProgramData\AVAST Software
2017-10-22 09:46:32 ----HD---- C:\ProgramData
2017-10-21 23:16:55 ----A---- C:\WINDOWS\SMSS-PFRO86b4.tmp
2017-10-21 23:12:17 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2017-10-21 23:07:06 ----D---- C:\WINDOWS\Logs
2017-10-21 23:07:00 ----SHD---- C:\Recovery
2017-10-21 14:53:03 ----SHD---- C:\WINDOWS\Installer
2017-10-21 14:52:07 ----D---- C:\WINDOWS\SysWOW64
2017-10-21 14:52:06 ----D---- C:\WINDOWS\Tasks
2017-10-21 14:52:06 ----D---- C:\WINDOWS\AppReadiness
2017-10-21 14:52:05 ----RD---- C:\Program Files (x86)\Skype
2017-10-21 14:52:05 ----RD---- C:\Program Files
2017-10-21 14:52:05 ----D---- C:\Program Files (x86)\Java
2017-10-21 14:52:05 ----AD---- C:\Program Files\Bonjour
2017-10-21 14:52:04 ----RD---- C:\Program Files (x86)
2017-10-21 14:52:04 ----D---- C:\Program Files (x86)\GreenTree Applications
2017-10-21 14:52:04 ----D---- C:\Program Files (x86)\Common Files
2017-10-21 14:52:04 ----AD---- C:\Program Files (x86)\Bonjour
2017-10-21 14:48:23 ----D---- C:\WINDOWS\system32\wbem
2017-10-21 14:47:50 ----HD---- C:\Program Files\WindowsApps
2017-10-21 14:39:10 ----D---- C:\WINDOWS\registration
2017-10-21 14:38:53 ----D---- C:\ProgramData\Oracle
2017-10-21 13:00:07 ----D---- C:\WINDOWS\system32\WDI
2017-10-21 09:13:35 ----D---- C:\WINDOWS\system32\catroot2
2017-10-21 09:13:15 ----D---- C:\WINDOWS\CbsTemp
2017-10-21 09:12:04 ----D---- C:\WINDOWS\WinSxS
2017-10-20 22:03:15 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-10-20 21:31:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-20 21:11:31 ----D---- C:\AdwCleaner
2017-10-20 21:02:18 ----SHD---- C:\Config.Msi
2017-10-20 21:01:52 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2017-10-20 19:29:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-20 18:58:23 ----RD---- C:\WINDOWS\assembly
2017-10-20 18:24:41 ----D---- C:\Program Files (x86)\Dropbox
2017-10-19 11:47:13 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-10-19 11:45:53 ----AD---- C:\Program Files\Microsoft Office 15
2017-10-19 10:18:09 ----D---- C:\WINDOWS\LiveKernelReports
2017-10-19 08:37:56 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2017-10-17 21:09:07 ----D---- C:\WINDOWS\INF
2017-10-17 15:38:52 ----D---- C:\WINDOWS\system32\Macromed
2017-10-17 15:38:50 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-10-16 13:59:10 ----D---- C:\WINDOWS\system32\DriverStore
2017-10-15 06:36:34 ----D---- C:\WINDOWS\rescache
2017-10-15 06:24:14 ----A---- C:\WINDOWS\SMSS-PFRO789b.tmp
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-10-13 21:12:24 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\en-US
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\cs-CZ
2017-10-13 21:12:22 ----D---- C:\WINDOWS\system32\Boot
2017-10-13 21:12:21 ----D---- C:\WINDOWS\ShellExperiences
2017-10-13 21:12:21 ----D---- C:\WINDOWS\Provisioning
2017-10-13 21:11:57 ----A---- C:\WINDOWS\SYSWOW64\msclmd.dll
2017-10-13 21:11:57 ----A---- C:\WINDOWS\system32\msclmd.dll
2017-10-13 21:09:39 ----AD---- C:\Program Files (x86)\TeamViewer
2017-10-13 19:45:05 ----D---- C:\WINDOWS\system32\MRT
2017-10-13 19:40:33 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-10-13 02:21:46 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-10-06 18:28:18 ----SD---- C:\ProgramData\Microsoft
2017-10-05 20:30:52 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-10-13 198976]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-10-13 343288]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-10-13 57736]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-10-14 84416]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-10-14 363440]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-10-13 321032]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-10-14 110376]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-10-13 1020536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-10-14 587168]
R1 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [2012-05-26 168608]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 MpKsl0266b75c;MpKsl0266b75c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FD472C52-2C47-4CCB-94BA-6B84668B6356}\MpKsl0266b75c.sys [2017-10-23 58120]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-08-02 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-08-02 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-08-02 62776]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-10-14 147776]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-10-14 201352]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-03-18 79872]
R3 e1cexpress;@oem14.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c63x64.sys [2012-07-12 498032]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-03-09 5382856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-07-10 4083600]
R3 IntcDAud;@oem72.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RSUSBSTOR;@oem49.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-07-05 252048]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-10-14 47008]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2014-10-16 16088]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-10-13 281416]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-01-24 2615368]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_4b01c;Uživatelská služba platformy připojených zařízení_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-09-05 3058416]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2017-10-17 51016]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 OneSyncSvc_4b01c;Hostitel synchronizace_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-10-13 7446024]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24 143144]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-17 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-03-09 300128]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24 143144]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_4b01c;Tok zařízení_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-04-03 1030600]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_4b01c;Služba zasílání zpráv_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-10-03 159960]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc_4b01c;Data kontaktů_4b01c; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2017-03-18 302592]
S4 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-02-09 347200]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-17 265808]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-20 194000]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
-----------------EOF-----------------
Re: Prosímo kontrolu
soubor je prý čistý https://www.virustotal.com/#/file/9743e ... /detection
Re: Prosímo kontrolu
YTD Video Downloader 5.8.4 je odinstalovaný
Re: Prosímo kontrolu
Postnul jsem špatný log.
Zde je správný.
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
Ran by Petr (26-10-2017 09:35:36) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & Helca & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
CHR HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} hxxp://89.203.138.111:8080/IPCamPluginTM.cab
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kyz391a5.default-1508529397810 [not found] <==== ATTENTION
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
Task: {09FB8A7A-8681-444A-BF74-3D27EBCDDA28} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0FF9D007-93C3-4469-A9B0-E299B4D56392} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {123CC8D2-6D50-49BC-B805-50B9935E9C47} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {25C9E947-05FC-4B17-B521-14A27865D9B6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {45C40D6F-BF4D-47CC-8A84-5FDCDF218469} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {51F7B20C-66C6-44BE-BE25-7E3350F035DE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7AD1D654-3E77-4DA7-97A0-4AF8D8000C16} - \WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1001 -> No File <==== ATTENTION
Task: {847CE5C8-D2AF-44F6-9F3E-CD52500F4822} - \WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1002 -> No File <==== ATTENTION
Task: {85673B63-7DEB-4D66-AAFF-A3A24AA49312} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8DEE5022-C7A3-47D9-84CC-7DA577D369B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9CA1161E-73F0-49D6-AF65-806654E1B6AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A75D4144-A587-44F4-B878-E1ECDFDFC30F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {C8E7E803-9D5E-4F4A-9E3F-F9DFAE662228} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EFB6C75E-FF02-4B50-A564-E46D6B85E572} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FFE96A99-F8DC-434D-B86B-E41DBD3FB1A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Shortcut: C:\Users\Petr\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Classes\.scr: AutoCADScriptFile =>
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
end
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\SOFTWARE\Policies\Google => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{CAA6C3B6-662B-4D14-BB64-EADB88213BFE} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{CAA6C3B6-662B-4D14-BB64-EADB88213BFE} => key removed successfully
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default => path removed successfully
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kyz391a5.default-1508529397810 => path removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => not found.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => key removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => key removed successfully
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09FB8A7A-8681-444A-BF74-3D27EBCDDA28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09FB8A7A-8681-444A-BF74-3D27EBCDDA28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FF9D007-93C3-4469-A9B0-E299B4D56392} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FF9D007-93C3-4469-A9B0-E299B4D56392} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{123CC8D2-6D50-49BC-B805-50B9935E9C47} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{123CC8D2-6D50-49BC-B805-50B9935E9C47} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25C9E947-05FC-4B17-B521-14A27865D9B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25C9E947-05FC-4B17-B521-14A27865D9B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45C40D6F-BF4D-47CC-8A84-5FDCDF218469} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45C40D6F-BF4D-47CC-8A84-5FDCDF218469} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51F7B20C-66C6-44BE-BE25-7E3350F035DE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51F7B20C-66C6-44BE-BE25-7E3350F035DE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AD1D654-3E77-4DA7-97A0-4AF8D8000C16} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AD1D654-3E77-4DA7-97A0-4AF8D8000C16} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{847CE5C8-D2AF-44F6-9F3E-CD52500F4822} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{847CE5C8-D2AF-44F6-9F3E-CD52500F4822} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1002 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85673B63-7DEB-4D66-AAFF-A3A24AA49312} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85673B63-7DEB-4D66-AAFF-A3A24AA49312} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DEE5022-C7A3-47D9-84CC-7DA577D369B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DEE5022-C7A3-47D9-84CC-7DA577D369B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CA1161E-73F0-49D6-AF65-806654E1B6AA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CA1161E-73F0-49D6-AF65-806654E1B6AA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A75D4144-A587-44F4-B878-E1ECDFDFC30F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A75D4144-A587-44F4-B878-E1ECDFDFC30F} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8E7E803-9D5E-4F4A-9E3F-F9DFAE662228} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8E7E803-9D5E-4F4A-9E3F-F9DFAE662228} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFB6C75E-FF02-4B50-A564-E46D6B85E572} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFB6C75E-FF02-4B50-A564-E46D6B85E572} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FFE96A99-F8DC-434D-B86B-E41DBD3FB1A3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFE96A99-F8DC-434D-B86B-E41DBD3FB1A3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
C:\Users\Petr\Favorites\NCH Software Download Site.lnk => moved successfully
"C:\ProgramData\Reprise" => ":wupeogjxldtlfudivq`qsp`26hfm" ADS not found.
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Classes\AutoCADScriptFile => key removed successfully
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Classes\.scr => key removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\McAfee Security Scan Plus.lnk => value removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 152697315 B
Java, Flash, Steam htmlcache => 5273 B
Windows/system/drivers => 211443642 B
Edge => 259305530 B
Chrome => 397344204 B
Firefox => 221368 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7524 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 30292 B
NetworkService => 13216 B
Petr => 15438321941 B
Helca => 65770863 B
Guest => 103503 B
RecycleBin => 376567 B
EmptyTemp: => 15.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:37:15 ====
Zde je správný.
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
Ran by Petr (26-10-2017 09:35:36) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr & Helca & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
CHR HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {CAA6C3B6-662B-4D14-BB64-EADB88213BFE} hxxp://89.203.138.111:8080/IPCamPluginTM.cab
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kyz391a5.default-1508529397810 [not found] <==== ATTENTION
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
CustomCLSID: HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
Task: {09FB8A7A-8681-444A-BF74-3D27EBCDDA28} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0FF9D007-93C3-4469-A9B0-E299B4D56392} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {123CC8D2-6D50-49BC-B805-50B9935E9C47} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {25C9E947-05FC-4B17-B521-14A27865D9B6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {45C40D6F-BF4D-47CC-8A84-5FDCDF218469} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {51F7B20C-66C6-44BE-BE25-7E3350F035DE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7AD1D654-3E77-4DA7-97A0-4AF8D8000C16} - \WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1001 -> No File <==== ATTENTION
Task: {847CE5C8-D2AF-44F6-9F3E-CD52500F4822} - \WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1002 -> No File <==== ATTENTION
Task: {85673B63-7DEB-4D66-AAFF-A3A24AA49312} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8DEE5022-C7A3-47D9-84CC-7DA577D369B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9CA1161E-73F0-49D6-AF65-806654E1B6AA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A75D4144-A587-44F4-B878-E1ECDFDFC30F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {C8E7E803-9D5E-4F4A-9E3F-F9DFAE662228} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EFB6C75E-FF02-4B50-A564-E46D6B85E572} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FFE96A99-F8DC-434D-B86B-E41DBD3FB1A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Shortcut: C:\Users\Petr\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Classes\.scr: AutoCADScriptFile =>
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
end
*****************
Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\SOFTWARE\Policies\Google => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{CAA6C3B6-662B-4D14-BB64-EADB88213BFE} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{CAA6C3B6-662B-4D14-BB64-EADB88213BFE} => key removed successfully
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\h6yooc5s.default => path removed successfully
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kyz391a5.default-1508529397810 => path removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => key removed successfully
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => not found.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => key removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => key removed successfully
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09FB8A7A-8681-444A-BF74-3D27EBCDDA28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09FB8A7A-8681-444A-BF74-3D27EBCDDA28} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FF9D007-93C3-4469-A9B0-E299B4D56392} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FF9D007-93C3-4469-A9B0-E299B4D56392} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{123CC8D2-6D50-49BC-B805-50B9935E9C47} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{123CC8D2-6D50-49BC-B805-50B9935E9C47} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25C9E947-05FC-4B17-B521-14A27865D9B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25C9E947-05FC-4B17-B521-14A27865D9B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45C40D6F-BF4D-47CC-8A84-5FDCDF218469} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45C40D6F-BF4D-47CC-8A84-5FDCDF218469} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001Core => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51F7B20C-66C6-44BE-BE25-7E3350F035DE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51F7B20C-66C6-44BE-BE25-7E3350F035DE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AD1D654-3E77-4DA7-97A0-4AF8D8000C16} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AD1D654-3E77-4DA7-97A0-4AF8D8000C16} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{847CE5C8-D2AF-44F6-9F3E-CD52500F4822} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{847CE5C8-D2AF-44F6-9F3E-CD52500F4822} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3697592394-1657936854-2325889698-1002 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85673B63-7DEB-4D66-AAFF-A3A24AA49312} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85673B63-7DEB-4D66-AAFF-A3A24AA49312} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DEE5022-C7A3-47D9-84CC-7DA577D369B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DEE5022-C7A3-47D9-84CC-7DA577D369B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CA1161E-73F0-49D6-AF65-806654E1B6AA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CA1161E-73F0-49D6-AF65-806654E1B6AA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A75D4144-A587-44F4-B878-E1ECDFDFC30F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A75D4144-A587-44F4-B878-E1ECDFDFC30F} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3697592394-1657936854-2325889698-1001UA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8E7E803-9D5E-4F4A-9E3F-F9DFAE662228} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8E7E803-9D5E-4F4A-9E3F-F9DFAE662228} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFB6C75E-FF02-4B50-A564-E46D6B85E572} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFB6C75E-FF02-4B50-A564-E46D6B85E572} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FFE96A99-F8DC-434D-B86B-E41DBD3FB1A3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFE96A99-F8DC-434D-B86B-E41DBD3FB1A3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
C:\Users\Petr\Favorites\NCH Software Download Site.lnk => moved successfully
"C:\ProgramData\Reprise" => ":wupeogjxldtlfudivq`qsp`26hfm" ADS not found.
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Classes\AutoCADScriptFile => key removed successfully
HKU\S-1-5-21-3697592394-1657936854-2325889698-1001\Software\Classes\.scr => key removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\McAfee Security Scan Plus.lnk => value removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 152697315 B
Java, Flash, Steam htmlcache => 5273 B
Windows/system/drivers => 211443642 B
Edge => 259305530 B
Chrome => 397344204 B
Firefox => 221368 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7524 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 30292 B
NetworkService => 13216 B
Petr => 15438321941 B
Helca => 65770863 B
Guest => 103503 B
RecycleBin => 376567 B
EmptyTemp: => 15.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:37:15 ====
Re: Prosímo kontrolu
Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.
nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,dej úplný sken
-Log zkopíruj sem.
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.
nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,dej úplný sken
-Log zkopíruj sem.
Re: Prosímo kontrolu
# AdwCleaner 7.0.3.1 - Logfile created on Thu Oct 26 12:08:07 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\Solvusoft
Deleted: C:\Users\All Users\Solvusoft
Deleted: C:\Users\Petr\AppData\Roaming\Solvusoft
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\WinThrusterSetup.exe
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\Setup_WinThruster_2016.exe
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [2331 B] - [2016/12/4 22:22:57]
C:/AdwCleaner/AdwCleaner[C2].txt - [1545 B] - [2016/12/5 17:4:45]
C:/AdwCleaner/AdwCleaner[S1].txt - [2344 B] - [2016/12/4 22:20:4]
C:/AdwCleaner/AdwCleaner[S2].txt - [2417 B] - [2016/12/4 22:22:15]
C:/AdwCleaner/AdwCleaner[S3].txt - [1155 B] - [2015/2/1 8:13:20]
C:/AdwCleaner/AdwCleaner[S4].txt - [1726 B] - [2016/12/4 22:30:42]
C:/AdwCleaner/AdwCleaner[S5].txt - [1860 B] - [2016/12/5 17:1:28]
C:/AdwCleaner/AdwCleaner[S6].txt - [2010 B] - [2016/12/6 15:6:31]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\Solvusoft
Deleted: C:\Users\All Users\Solvusoft
Deleted: C:\Users\Petr\AppData\Roaming\Solvusoft
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\WinThrusterSetup.exe
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\Setup_WinThruster_2016.exe
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [2331 B] - [2016/12/4 22:22:57]
C:/AdwCleaner/AdwCleaner[C2].txt - [1545 B] - [2016/12/5 17:4:45]
C:/AdwCleaner/AdwCleaner[S1].txt - [2344 B] - [2016/12/4 22:20:4]
C:/AdwCleaner/AdwCleaner[S2].txt - [2417 B] - [2016/12/4 22:22:15]
C:/AdwCleaner/AdwCleaner[S3].txt - [1155 B] - [2015/2/1 8:13:20]
C:/AdwCleaner/AdwCleaner[S4].txt - [1726 B] - [2016/12/4 22:30:42]
C:/AdwCleaner/AdwCleaner[S5].txt - [1860 B] - [2016/12/5 17:1:28]
C:/AdwCleaner/AdwCleaner[S6].txt - [2010 B] - [2016/12/6 15:6:31]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########