Dobrý den,
prosím o kontrolu logu. Poslední dobou velké zpomalení PC, zasekávání aplikací. Děkuji
Logfile of random's system information tool 1.16 (written by random/random)
Run by Marek at 2017-12-04 17:14:34
Microsoft Windows 10 Home
System drive C: has 185 GB (65%) free of 286 GB
Total RAM: 6062 MB (11% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:15:01, on 04.12.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\iCapture\iCaptureMonitor.exe
C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe
C:\Program Files (x86)\iCapture\iCaptureNotificationArea.exe
C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Apteryx\Apteryx Imaging\DrSuni.exe
C:\Program Files (x86)\Dialog MIS\doktor.EXE
C:\Program Files (x86)\Dialog MIS\MSMWS002.DLL
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflsr32.exe
C:\Program Files (x86)\Dialog MIS\Dialog.Goblin.exe
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflbu32.exe
C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
C:\Program Files\trend micro\Marek_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ROGNB] "C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Marek\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [STUISpeedLauncher] "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "D:\PROGRAM FILES (X86)\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify] C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Keenai Desktop.lnk = C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe
O4 - Global Startup: iCapture Monitor.lnk = C:\Program Files (x86)\iCapture\iCaptureMonitor.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: Name Grabber.lnk = C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: cgm.brevir-1 - Unknown owner - D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
O23 - Service: cgm.ecommunication-1 - CompuGroup Medical Česká republika s.r.o. - D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
O23 - Service: cgm.etrzby-1 - CompuGroup Medical Česká republika s.r.o. - D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe
O23 - Service: cgm.postgres - PostgreSQL Global Development Group - D:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe
O23 - Service: cgm.servercore - CGM - D:\CGMSERVER\bin\core\cgm.servercore.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\WINDOWS\system32\hasplms.exe (file missing)
O23 - Service: HCS.MedConnect.Service - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe
O23 - Service: HCS.MEDCONNECT.SERVICEMANAGER - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: KaVo DIAGNOcam Joystick Service 4.00 - Unknown owner - C:\WINDOWS\system32\DIAGNOjoy.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\program files\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
--
End of file - 16121 bytes
====== Enumerating Processes ======
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe"
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\system32\dashost.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\system32\DIAGNOjoy.exe
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\system32\hasplms.exe -run
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
D:\CGMSERVER\bin\pgsql\bin\pg_ctl.exe
c:\windows\system32\svchost.exe -k netsvcs -s Browser
D:\CGMSERVER\bin\core\cgm.servercore.exe
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"D:\CGMSERVER\jre\bin\java.exe" -Xms50m -Xmx512m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath="D:\CGMSERVER\logs\java.dump" -jar ..\jetty\start.jar STOP.KEY=cgm.jetty.stop STOP.PORT=12384 -Djava.io.tmpdir=..\temp\jetty
\??\C:\WINDOWS\system32\conhost.exe 0x4
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
c:\windows\system32\svchost.exe -k netsvcs -s BITS
D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe
D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s DeviceInstall
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -s seclogon
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SensorService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -s NcdAutoSetup
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
c:\windows\system32\taskhostw.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\taskhostw.exe
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Windows\SysWOW64\UMonit64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\iCapture\iCaptureMonitor.exe" /hide
"C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe"
"C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe" -shortcut
C:\Program Files (x86)\iCapture\iCaptureNotificationArea.exe
"C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k networkservice -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
"C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\Apteryx\Apteryx Imaging\DrSuni.exe"
"C:\Program Files (x86)\Dialog MIS\doktor.EXE"
C:\Program Files (x86)\Dialog MIS\MSMWS002.DLL
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflsr32.exe
"C:\Program Files (x86)\Dialog MIS\Dialog.Goblin.exe" PCDENT 99304
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflbu32.exe
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.34.12002.0_x64__8wekyb3d8bbwe\CallsApp.exe" -ServerName:App.AppX86h4f1wzakn0578e3nh53tw85abztemz.mca
c:\windows\system32\svchost.exe -k localservice -s PhoneSvc
"C:\Program Files\WindowsApps\Microsoft.Messaging_3.34.25004.0_x64__8wekyb3d8bbwe\MessagingApplication.exe" -ServerName:x27e26f40ye031y48a6yb130yd1f20388991ax.AppX4vyq5e9tkwa75gjkqsjevyh36d6vk0pz.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17102.13911.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\InstallAgent.exe -Embedding
C:\WINDOWS\splwow64.exe 12288
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\WINDOWS\system32\AUDIODG.EXE 0x6f0
"C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe" -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
"C:\Users\Marek\Desktop\RSITx64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
C:\WINDOWS\system32\wbem\wmiprvse.exe
====== Scheduled tasks folder ======
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\ASUS InstantOn Config - C:\Program Files\ASUS\P4G\InsOnCfg.exe
C:\WINDOWS\system32\tasks\ASUS Live Update1 - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -critical
C:\WINDOWS\system32\tasks\ASUS Live Update2 - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -check
C:\WINDOWS\system32\tasks\ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\WINDOWS\system32\tasks\ASUS Splendid ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\tasks\ASUS Splendid ColorU - C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\WINDOWS\system32\tasks\ASUS USB Charger Plus - "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\system32\tasks\AsusVibeSchedule - "C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe" /start
C:\WINDOWS\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\EPM Preload - C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe /preload
C:\WINDOWS\system32\tasks\GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Update Checker - C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Download - %systemroot%\system32\usoclient.exe StartDownload
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunCampaignManager - %windir%\System32\UNP\UNPCampaignManager.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
=========Google Chrome=========
C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.6
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.5
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6217.911.0.5
Homepage:
default_search_provider.search_url:
C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-18 211120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-06-13 66176]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-06 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-06 187968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-06-22 3348712]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"UMonit64"=C:\Windows\SysWOW64\UMonit64.exe [2013-03-14 40960]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14 557768]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2017-03-18 20488312]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-11-08 10024624]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-03-28 1421736]
"cz.seznam.software.autoupdate"=C:\Users\Marek\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"STUISpeedLauncher"=C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [2015-02-09 411136]
"Zoner Photo Studio Autoupdate"=D:\PROGRAM FILES (X86)\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-08-25 27832272]
"Spotify"=C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe [2017-11-28 21076080]
"Spotify Web Helper"=C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-11-28 777840]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]
"ROGNB"=C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [2011-09-19 466944]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-10-15 2694320]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2017-02-14 144696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
iCapture Monitor.lnk - C:\Program Files (x86)\iCapture\iCaptureMonitor.exe
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
Name Grabber.lnk - C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Keenai Desktop.lnk - C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-12-04 17:14:34 ----D---- C:\rsit
2017-11-24 07:26:39 ----A---- C:\WINDOWS\system32\drivers\klupd_KLIF_klbg.sys
2017-11-24 07:26:39 ----A---- C:\WINDOWS\system32\drivers\klupd_KLIF_arkmon.sys
2017-11-20 16:12:57 ----D---- C:\Users\Marek\AppData\Roaming\Spotify
2017-11-16 12:13:44 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2017-11-16 12:13:44 ----A---- C:\WINDOWS\SYSWOW64\CertPKICmdlet.dll
2017-11-16 12:13:43 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-11-16 12:13:39 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-11-16 12:13:38 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-11-16 12:13:38 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-11-16 12:13:36 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-11-16 12:13:36 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-11-16 12:13:34 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-11-16 12:13:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2017-11-16 12:13:32 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-11-16 12:13:32 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-11-16 12:13:30 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-11-16 12:13:30 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-11-16 12:13:30 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-11-16 12:13:26 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-11-16 12:13:26 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-11-16 12:13:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-11-16 12:13:22 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-11-16 12:13:17 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2017-11-16 12:13:17 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2017-11-16 12:13:14 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-11-16 12:13:13 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-11-16 12:13:13 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-11-16 12:13:12 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-11-16 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2017-11-16 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2017-11-16 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-11-16 12:13:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-11-16 12:13:09 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-11-16 12:13:09 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-11-16 12:13:08 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-11-16 12:13:06 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2017-11-16 12:13:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2017-11-16 12:13:05 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-11-16 12:13:04 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-11-16 12:13:04 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-11-16 12:13:04 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2017-11-16 12:09:33 ----A---- C:\WINDOWS\system32\tquery.dll
2017-11-16 12:09:33 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-11-16 12:09:32 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-16 12:09:31 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-16 12:09:29 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-11-16 12:09:29 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2017-11-16 12:09:25 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-11-16 12:09:11 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-11-16 12:09:11 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-16 12:09:09 ----A---- C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-16 12:09:08 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-11-16 12:09:06 ----A---- C:\WINDOWS\system32\wpdshext.dll
2017-11-16 12:09:06 ----A---- C:\WINDOWS\system32\wow64win.dll
2017-11-16 12:09:06 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-11-16 12:09:05 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-11-16 12:09:05 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-11-16 12:09:05 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wups.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-11-16 12:08:58 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-11-16 12:08:56 ----A---- C:\WINDOWS\system32\dsreg.dll
2017-11-16 12:08:55 ----A---- C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-16 12:08:55 ----A---- C:\WINDOWS\system32\user32.dll
2017-11-16 12:08:55 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-16 12:08:50 ----A---- C:\WINDOWS\system32\usocore.dll
2017-11-16 12:08:50 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 12:08:49 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 12:08:49 ----A---- C:\WINDOWS\system32\ubpm.dll
2017-11-16 12:08:49 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-11-16 12:08:44 ----A---- C:\WINDOWS\system32\utcutil.dll
2017-11-16 12:08:44 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-11-16 12:08:42 ----A---- C:\WINDOWS\system32\schedsvc.dll
2017-11-16 12:08:40 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-11-16 12:08:37 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 12:08:37 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-11-16 12:08:36 ----A---- C:\WINDOWS\system32\shell32.dll
2017-11-16 12:08:35 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-16 12:08:35 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2017-11-16 12:08:35 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\jscript.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-11-16 12:08:30 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-11-16 12:08:27 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-11-16 12:08:20 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-11-16 12:08:20 ----A---- C:\WINDOWS\system32\RMapi.dll
2017-11-16 12:08:19 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-11-16 12:08:19 ----A---- C:\WINDOWS\system32\profsvc.dll
2017-11-16 12:08:18 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-16 12:08:07 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-11-16 12:08:05 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-16 12:08:03 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-11-16 12:08:01 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-11-16 12:08:01 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2017-11-16 12:08:01 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-11-16 12:08:00 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-16 12:07:59 ----A---- C:\WINDOWS\system32\SEMgrPS.dll
2017-11-16 12:07:58 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-11-16 12:07:57 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-11-16 12:07:56 ----A---- C:\WINDOWS\system32\wmp.dll
2017-11-16 12:07:56 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\luafv.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-16 12:07:50 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-11-16 12:07:47 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-11-16 12:07:46 ----A---- C:\WINDOWS\system32\msIso.dll
2017-11-16 12:07:46 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-11-16 12:07:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 12:07:44 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-11-16 12:07:44 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 12:07:44 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-11-16 12:07:42 ----A---- C:\WINDOWS\system32\wininet.dll
2017-11-16 12:07:41 ----A---- C:\WINDOWS\system32\tzres.dll
2017-11-16 12:07:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-11-16 12:07:32 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-11-16 12:07:32 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-16 12:07:32 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\werui.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\wer.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 12:07:28 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 12:07:26 ----A---- C:\WINDOWS\system32\drivers\Dumpstorport.sys
2017-11-16 12:07:26 ----A---- C:\WINDOWS\system32\drivers\Diskdump.sys
2017-11-16 12:07:26 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-16 12:07:25 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-16 12:07:25 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 12:07:25 ----A---- C:\WINDOWS\system32\dcntel.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-11-16 12:07:19 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-11-16 12:07:19 ----A---- C:\WINDOWS\system32\ci.dll
2017-11-16 12:07:11 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-11-16 12:07:10 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\invagent.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\devinv.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\aitstatic.exe
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-11-16 12:06:57 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-11-16 12:06:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-11-16 12:06:56 ----A---- C:\WINDOWS\system32\pcasvc.dll
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-11-16 12:06:51 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-11-06 11:33:31 ----D---- C:\Users\Marek\AppData\Roaming\Sun
2017-11-06 11:33:23 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-64.dll
2017-11-06 11:32:23 ----D---- C:\Program Files (x86)\Java
====== List of files/folders modified in the last 1 month ======
2017-12-04 17:14:50 ----D---- C:\WINDOWS\Temp
2017-12-04 17:14:48 ----D---- C:\Program Files\trend micro
2017-12-04 17:14:41 ----D---- C:\WINDOWS\Prefetch
2017-12-04 17:12:45 ----D---- C:\Users\Marek\AppData\Roaming\AIMP
2017-12-04 17:02:57 ----D---- C:\WINDOWS\system32\SleepStudy
2017-12-04 16:56:02 ----D---- C:\WINDOWS\system32\sru
2017-12-04 16:53:54 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2017-12-04 14:18:31 ----SHD---- C:\System Volume Information
2017-12-04 13:36:38 ----AD---- C:\Program Files (x86)\Dialog MIS
2017-12-04 13:05:49 ----RD---- C:\WINDOWS\Microsoft.NET
2017-12-04 12:56:02 ----D---- C:\WINDOWS\system32\Tasks
2017-12-04 07:30:21 ----D---- C:\WINDOWS\AppReadiness
2017-12-04 07:30:19 ----HD---- C:\Program Files\WindowsApps
2017-12-04 07:18:45 ----SHDC---- C:\WINDOWS\Installer
2017-12-04 07:18:45 ----HD---- C:\Config.Msi
2017-12-01 07:31:42 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-12-01 07:31:07 ----D---- C:\Program Files (x86)\Common Files
2017-12-01 07:30:05 ----D---- C:\WINDOWS\INF
2017-12-01 07:29:39 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-12-01 07:23:04 ----D---- C:\WINDOWS\SysWOW64
2017-11-27 13:52:57 ----D---- C:\WINDOWS\system32\NDF
2017-11-24 07:26:40 ----D---- C:\WINDOWS\system32\drivers
2017-11-24 07:23:05 ----D---- C:\WINDOWS\SoftwareDistribution
2017-11-24 07:23:02 ----D---- C:\Windows
2017-11-23 11:24:19 ----D---- C:\WINDOWS\system32\config
2017-11-22 17:27:43 ----D---- C:\Program Files (x86)\Keenai Desktop
2017-11-21 17:41:52 ----D---- C:\WINDOWS\debug
2017-11-20 14:48:07 ----D---- C:\WINDOWS\WinSxS
2017-11-20 14:48:07 ----D---- C:\WINDOWS\system32\DriverStore
2017-11-20 14:43:36 ----D---- C:\WINDOWS\system32\catroot2
2017-11-20 14:28:56 ----D---- C:\WINDOWS\rescache
2017-11-20 14:25:34 ----D---- C:\WINDOWS\system32\MRT
2017-11-20 14:16:13 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-20 14:15:49 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-11-18 16:18:27 ----D---- C:\WINDOWS\System32
2017-11-18 16:18:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-18 16:13:26 ----D---- C:\WINDOWS\system32\CatRoot
2017-11-18 16:10:55 ----D---- C:\ProgramData\NVIDIA
2017-11-18 16:06:31 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-11-18 16:06:26 ----D---- C:\WINDOWS\system32\wbem
2017-11-18 16:06:26 ----D---- C:\WINDOWS\system32\cs-CZ
2017-11-18 16:06:26 ----D---- C:\WINDOWS\system32\appraiser
2017-11-18 16:06:22 ----D---- C:\WINDOWS\ShellExperiences
2017-11-18 16:06:22 ----D---- C:\WINDOWS\Provisioning
2017-11-18 16:06:22 ----D---- C:\WINDOWS\AppPatch
2017-11-18 16:06:22 ----D---- C:\Program Files\Windows Photo Viewer
2017-11-18 16:06:22 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-11-16 12:22:18 ----D---- C:\WINDOWS\CbsTemp
2017-11-16 07:48:02 ----HD---- C:\ProgramData
2017-11-15 08:26:07 ----RD---- C:\Program Files (x86)
2017-11-14 07:10:55 ----AD---- C:\Program Files (x86)\iCapture
2017-11-07 16:43:11 ----AD---- C:\Program Files\CCleaner
2017-11-07 16:43:03 ----D---- C:\Program Files (x86)\Google
2017-11-06 11:35:16 ----D---- C:\ProgramData\Oracle
2017-11-06 11:34:04 ----RD---- C:\Program Files
2017-11-06 11:33:11 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2017-11-06 11:33:10 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2017-11-05 02:40:50 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-05-03 677360]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2016-08-02 554416]
R0 klupd_KLIF_arkmon;klupd_KLIF_arkmon; C:\WINDOWS\System32\Drivers\klupd_KLIF_arkmon.sys [2017-11-24 230312]
R0 klupd_KLIF_klbg;klupd_KLIF_klbg; C:\WINDOWS\System32\Drivers\klupd_KLIF_klbg.sys [2017-11-24 107680]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 klhk;Kaspersky Lab service driver; C:\WINDOWS\system32\DRIVERS\klhk.sys [2016-08-02 422344]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2016-08-02 1005512]
R2 aksdf;aksdf; \??\C:\WINDOWS\system32\drivers\aksdf.sys [2015-09-24 109200]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys [2015-09-24 205528]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2015-09-24 350552]
R2 plctrl;plctrl; \??\C:\Program Files\ASUS\P4G\plctrl.sys [2013-06-19 18232]
R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [2015-01-30 11576]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2017-03-18 4233728]
R3 BTATH_BUS;@oem33.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-06-13 34384]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-06-29 609992]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 ETD;@oem110.inf,%PS2DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-06-22 447576]
R3 HIDSwitch;@oem98.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 kbfiltr;@oem9.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2016-08-02 191944]
R3 klupd_KLIF_kimul;klupd_KLIF_kimul; C:\WINDOWS\System32\Drivers\klupd_KLIF_kimul.sys [2017-03-18 87584]
R3 klupd_KLIF_klark;klupd_KLIF_klark; C:\WINDOWS\System32\Drivers\klupd_KLIF_klark.sys [2017-04-07 252232]
R3 klupd_KLIF_mark;klupd_KLIF_mark; C:\WINDOWS\System32\Drivers\klupd_KLIF_mark.sys [2017-02-28 164888]
R3 klupd_KLIF_mark_D0B29808;klupd_KLIF_mark_D0B29808; \??\C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\D0B29808F37C6F6373AB16B716D9A1F8\klupd_KLIF_mark.sys [2017-11-18 173144]
R3 L1C;@oem2.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-09-18 130248]
R3 NVHDA;@oem87.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-09-12 240712]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [2016-09-12 13754936]
R3 nvvad_WaveExtensible;@oem68.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys [2016-08-02 28792]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-07-28 105472]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-07-28 97280]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-05 130560]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-07-28 982016]
S3 CeflaHDCamLF;CeflaHDCamLF; \??\C:\Program Files (x86)\iCapture\DriverCeflaHDCam\CeflaHDCamLF.sys [2015-10-22 16864]
S3 CYUSB;@oem34.inf,%CYUSB_Description%;Cypress Generic USB Driver; C:\WINDOWS\System32\Drivers\DGC.sys [2015-05-18 55504]
S3 dg_ssudbus;@oem103.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-01-16 131712]
S3 GeneStor;@oem71.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\WINDOWS\System32\drivers\GeneStor.sys [2013-03-22 91368]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 klupd_KLIF_arkmon_53812426;klupd_KLIF_arkmon_53812426; \??\C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\53812426F96605CE7466F078BBD38A1C\klupd_KLIF_arkmon.sys [2017-11-24 230312]
S3 klupd_KLIF_klark_3D8B3598;klupd_KLIF_klark_3D8B3598; \??\C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\3D8B3598E023D2370CE01D2D1A644830\klupd_KLIF_klark.sys [2017-11-24 253192]
S3 klupd_KLIF_mark_469C0469;klupd_KLIF_mark_469C0469; \??\C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\469C046986E9CEF73A2F6234477DF3BA\klupd_KLIF_mark.sys [2017-11-24 173664]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-04-19 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-08-01 180736]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;@oem58.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-01-16 165504]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-06-19 277120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 CDPUserSvc_a408a18;Uživatelská služba platformy připojených zařízení_a408a18; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 cgm.brevir-1;cgm.brevir-1; D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe [2017-05-15 265728]
R2 cgm.ebooking-1;cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [2017-06-15 33888]
R2 cgm.ecommunication-1;cgm.ecommunication-1; D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [2017-07-28 85088]
R2 cgm.etrzby-1;cgm.etrzby-1; D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe [2017-05-19 22112]
R2 cgm.postgres;cgm.postgres; D:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N cgm.postgres -D D:/CGMSERVER/data/pgsql []
R2 cgm.servercore;cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [2016-12-15 51200]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-11-22 8063664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 hasplms;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2015-09-24 4665168]
R2 HCS.MEDCONNECT.SERVICEMANAGER;HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [2016-11-03 91648]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-05-15 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-15 169432]
R2 KaVo DIAGNOcam Joystick Service 4.00;KaVo DIAGNOcam Joystick Service 4.00; C:\WINDOWS\system32\DIAGNOjoy.exe [2016-06-13 110592]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 OneSyncSvc_a408a18;Hostitel synchronizace_a408a18; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [2016-08-04 143664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-06-03 424384]
R3 PimIndexMaintenanceSvc_a408a18;Data kontaktů_a408a18; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-15 366552]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\System32\HPZinw12.dll
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\System32\HPZipm12.dll
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_a408a18;Tok zařízení_a408a18; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-03-28 1099280]
S3 HCS.MedConnect.Service;HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [2016-11-03 46080]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_a408a18;Služba zasílání zpráv_a408a18; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 Origin Client Service;Origin Client Service; D:\program files\Origin\OriginClientService.exe [2015-08-19 2007048]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-11-22 209072]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o ko logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o ko logu
Zdravím,
v první řadě odinstaluj vše od Seznam.cz
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Pak použij Mbam z mého podpisu a dej mi sem z něj log po odstranění nepořádku.
v první řadě odinstaluj vše od Seznam.cz
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Pak použij Mbam z mého podpisu a dej mi sem z něj log po odstranění nepořádku.
Re: Prosím o ko logu
Zdravím,
mám 2 problémy. Aplikace od seznamu nejdou ani pomocí Ccleaneru odinstalovat. Píše to chybu, nelze spustit soubor install.bat. Zkoušeno i přes samotná program. Další je, že při spuštění Adwcleaneru mi Windows napíší, že tento program nelze spustit na Vašem PC.
Zkoušel jsem pustit jako správce, i v režimu různé kompatibility. Nic. Díky
mám 2 problémy. Aplikace od seznamu nejdou ani pomocí Ccleaneru odinstalovat. Píše to chybu, nelze spustit soubor install.bat. Zkoušeno i přes samotná program. Další je, že při spuštění Adwcleaneru mi Windows napíší, že tento program nelze spustit na Vašem PC.
Zkoušel jsem pustit jako správce, i v režimu různé kompatibility. Nic. DíkyRe: Prosím o ko logu
Adwcleaner :
# AdwCleaner 7.0.5.0 - Logfile created on Wed Dec 06 20:05:15 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Users\Marek\AppData\LocalLow\BS_Player_ControlBar_B
Deleted: C:\Users\Marek\AppData\LocalLow\Check Point Software Technologies LTD
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Deleted: C:\Program Files (x86)\myfree codec
Deleted: C:\ProgramData\Tbccint
Deleted: C:\Users\All Users\Tbccint
Deleted: C:\Users\Marek\AppData\LocalLow\Tbccint
Deleted: C:\Users\Marek\AppData\LocalLow\PriceGong
***** [ Files ] *****
Deleted: C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\AppDataLow\Software\BS_Player_ControlBar_B
Deleted: [Key] - HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Deleted: [Key] - HKLM\SOFTWARE\Myfree Codec
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Myfree Codec
Deleted: [Key] - HKCU\Software\Myfree Codec
Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\Software\SavePass 1.1
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\SavePass 1.1
Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\Software\SavePass 1.1
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{31264A33-A653-46C4-AF49-1232C59A7DA5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escort.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\AppDataLow\Software\Tbccint
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Tbccint
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\AppDataLow\Software\TbccintSearchScopes
Deleted: [Key] - HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\AppDataLow\Software\PriceGong
Deleted: [Key] - HKCU\Software\AppDataLow\Software\PriceGong
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\AppDataLow\Toolbar
Deleted: [Key] - HKCU\Software\AppDataLow\Toolbar
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
Deleted: [Key] - HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7171097f-9c9d-4466-9d70-63e42bbd0f07}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [8657 B] - [2017/12/6 20:2:57]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Mbam :
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 06.12.17
Čas skenování: 21:17
Logovací soubor: 6f9eeb0c-dac2-11e7-821b-d850e605b24b.json
Správce: Ano
-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3427
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 15063.726)
CPU: x64
Systém souborů: NTFS
Uživatel: MAREKNB\Marek
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 320477
Zjištěné hrozby: 45
Hrozby umístěné do karantény: 45
Uplynulý čas: 11 min, 33 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 21
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1003F7F1-A9B2-43BC-BF8F-1E96B4A8CE2B}, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{266685FA-9E7A-4D8D-BC68-CD6B4BE15AFD}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AFF15D4-B573-421D-B59C-54E614B77BB7}, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4D566ED9-A4D4-4721-965B-6B32119F99D0}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C5C347E-B4F9-4803-8CD0-E1228A17542B}, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5CD81F28-2ACA-4BD6-8B76-1FF612B63E2B}, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{644A600B-445D-461B-A4E6-34E22071ABA2}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{658A74E3-4806-4E29-B832-2642308AF386}, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6868D085-C9FB-4C36-AFA9-036DFE863730}, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68D55661-9D03-47F3-B724-C3143DCC56CF}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7171097f-9c9d-4466-9d70-63e42bbd0f07}, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8DAB4E23-C575-4F75-B110-BF5FDB3511A5}, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad432262-acc0-427d-8ac5-18ef5268e55b}, Smazání při restartu, [193], [237486],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B09DF3B2-D95B-4963-AAC0-FAC836F0497B}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DE9547A6-FD74-4DC6-AB52-C152CA851CAE}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EADA2868-45FD-46AA-B3F7-80EB49E9A920}, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F01E5EC5-38C2-484F-94BA-5E6BB61D8DBC}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.SavePass, HKLM\SOFTWARE\WOW6432NODE\SavePass 1.1-nv, Smazání při restartu, [3195], [242554],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD432262-ACC0-427D-8AC5-18EF5268E55B}, Smazání při restartu, [193], [237508],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad432262-acc0-427d-8ac5-18ef5268e55b}, Smazání při restartu, [193], [237508],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7171097f-9c9d-4466-9d70-63e42bbd0f07}, Smazání při restartu, [193], [237510],1.0.3427
Hodnota v registru: 21
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1003F7F1-A9B2-43BC-BF8F-1E96B4A8CE2B}|APPNAME, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{266685FA-9E7A-4D8D-BC68-CD6B4BE15AFD}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AFF15D4-B573-421D-B59C-54E614B77BB7}|APPNAME, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4D566ED9-A4D4-4721-965B-6B32119F99D0}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C5C347E-B4F9-4803-8CD0-E1228A17542B}|APPPATH, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5CD81F28-2ACA-4BD6-8B76-1FF612B63E2B}|APPNAME, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{644A600B-445D-461B-A4E6-34E22071ABA2}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{658A74E3-4806-4E29-B832-2642308AF386}|APPPATH, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6868D085-C9FB-4C36-AFA9-036DFE863730}|APPPATH, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68D55661-9D03-47F3-B724-C3143DCC56CF}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7171097f-9c9d-4466-9d70-63e42bbd0f07}|APPNAME, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8DAB4E23-C575-4F75-B110-BF5FDB3511A5}|APPPATH, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad432262-acc0-427d-8ac5-18ef5268e55b}|APPNAME, Smazání při restartu, [193], [237486],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B09DF3B2-D95B-4963-AAC0-FAC836F0497B}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DE9547A6-FD74-4DC6-AB52-C152CA851CAE}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EADA2868-45FD-46AA-B3F7-80EB49E9A920}|APPNAME, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|SAVEPASS 1.1-BG.EXE, Smazání při restartu, [989], [260099],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F01E5EC5-38C2-484F-94BA-5E6BB61D8DBC}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad432262-acc0-427d-8ac5-18ef5268e55b}|APPNAME, Smazání při restartu, [193], [237508],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7171097f-9c9d-4466-9d70-63e42bbd0f07}|APPNAME, Smazání při restartu, [193], [237510],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad432262-acc0-427d-8ac5-18ef5268e55b}|APPNAME, Smazání při restartu, [193], [237508],1.0.3427
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 3
PUP.Optional.OpenCandy, C:\USERS\MAREK\DOWNLOADS\DTLITE4471-0337.EXE, Smazání při restartu, [471], [297667],1.0.3427
Trojan.Floxif, C:\USERS\MAREK\DOWNLOADS\CCSETUP533.EXE, Smazání při restartu, [5499], [436382],1.0.3427
PUP.Optional.OpenCandy, C:\USERS\MAREK\DOWNLOADS\PHOTOSCAPE-SETUP.EXE, Smazání při restartu, [471], [297667],1.0.3427
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
# AdwCleaner 7.0.5.0 - Logfile created on Wed Dec 06 20:05:15 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Users\Marek\AppData\LocalLow\BS_Player_ControlBar_B
Deleted: C:\Users\Marek\AppData\LocalLow\Check Point Software Technologies LTD
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Deleted: C:\Program Files (x86)\myfree codec
Deleted: C:\ProgramData\Tbccint
Deleted: C:\Users\All Users\Tbccint
Deleted: C:\Users\Marek\AppData\LocalLow\Tbccint
Deleted: C:\Users\Marek\AppData\LocalLow\PriceGong
***** [ Files ] *****
Deleted: C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\AppDataLow\Software\BS_Player_ControlBar_B
Deleted: [Key] - HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Deleted: [Key] - HKLM\SOFTWARE\Myfree Codec
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Myfree Codec
Deleted: [Key] - HKCU\Software\Myfree Codec
Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\Software\SavePass 1.1
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\SavePass 1.1
Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\Software\SavePass 1.1
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{31264A33-A653-46C4-AF49-1232C59A7DA5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escort.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\AppDataLow\Software\Tbccint
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Tbccint
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\AppDataLow\Software\TbccintSearchScopes
Deleted: [Key] - HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\AppDataLow\Software\PriceGong
Deleted: [Key] - HKCU\Software\AppDataLow\Software\PriceGong
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\AppDataLow\Toolbar
Deleted: [Key] - HKCU\Software\AppDataLow\Toolbar
Deleted: [Key] - HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
Deleted: [Key] - HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7171097f-9c9d-4466-9d70-63e42bbd0f07}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [8657 B] - [2017/12/6 20:2:57]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Mbam :
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 06.12.17
Čas skenování: 21:17
Logovací soubor: 6f9eeb0c-dac2-11e7-821b-d850e605b24b.json
Správce: Ano
-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3427
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 15063.726)
CPU: x64
Systém souborů: NTFS
Uživatel: MAREKNB\Marek
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 320477
Zjištěné hrozby: 45
Hrozby umístěné do karantény: 45
Uplynulý čas: 11 min, 33 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 21
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1003F7F1-A9B2-43BC-BF8F-1E96B4A8CE2B}, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{266685FA-9E7A-4D8D-BC68-CD6B4BE15AFD}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AFF15D4-B573-421D-B59C-54E614B77BB7}, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4D566ED9-A4D4-4721-965B-6B32119F99D0}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C5C347E-B4F9-4803-8CD0-E1228A17542B}, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5CD81F28-2ACA-4BD6-8B76-1FF612B63E2B}, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{644A600B-445D-461B-A4E6-34E22071ABA2}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{658A74E3-4806-4E29-B832-2642308AF386}, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6868D085-C9FB-4C36-AFA9-036DFE863730}, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68D55661-9D03-47F3-B724-C3143DCC56CF}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7171097f-9c9d-4466-9d70-63e42bbd0f07}, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8DAB4E23-C575-4F75-B110-BF5FDB3511A5}, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad432262-acc0-427d-8ac5-18ef5268e55b}, Smazání při restartu, [193], [237486],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B09DF3B2-D95B-4963-AAC0-FAC836F0497B}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DE9547A6-FD74-4DC6-AB52-C152CA851CAE}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EADA2868-45FD-46AA-B3F7-80EB49E9A920}, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F01E5EC5-38C2-484F-94BA-5E6BB61D8DBC}, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.SavePass, HKLM\SOFTWARE\WOW6432NODE\SavePass 1.1-nv, Smazání při restartu, [3195], [242554],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD432262-ACC0-427D-8AC5-18EF5268E55B}, Smazání při restartu, [193], [237508],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad432262-acc0-427d-8ac5-18ef5268e55b}, Smazání při restartu, [193], [237508],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7171097f-9c9d-4466-9d70-63e42bbd0f07}, Smazání při restartu, [193], [237510],1.0.3427
Hodnota v registru: 21
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1003F7F1-A9B2-43BC-BF8F-1E96B4A8CE2B}|APPNAME, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{266685FA-9E7A-4D8D-BC68-CD6B4BE15AFD}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3AFF15D4-B573-421D-B59C-54E614B77BB7}|APPNAME, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4D566ED9-A4D4-4721-965B-6B32119F99D0}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C5C347E-B4F9-4803-8CD0-E1228A17542B}|APPPATH, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5CD81F28-2ACA-4BD6-8B76-1FF612B63E2B}|APPNAME, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{644A600B-445D-461B-A4E6-34E22071ABA2}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{658A74E3-4806-4E29-B832-2642308AF386}|APPPATH, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6868D085-C9FB-4C36-AFA9-036DFE863730}|APPPATH, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68D55661-9D03-47F3-B724-C3143DCC56CF}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7171097f-9c9d-4466-9d70-63e42bbd0f07}|APPNAME, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8DAB4E23-C575-4F75-B110-BF5FDB3511A5}|APPPATH, Smazání při restartu, [8007], [443524],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad432262-acc0-427d-8ac5-18ef5268e55b}|APPNAME, Smazání při restartu, [193], [237486],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B09DF3B2-D95B-4963-AAC0-FAC836F0497B}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DE9547A6-FD74-4DC6-AB52-C152CA851CAE}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EADA2868-45FD-46AA-B3F7-80EB49E9A920}|APPNAME, Smazání při restartu, [193], [237488],1.0.3427
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|SAVEPASS 1.1-BG.EXE, Smazání při restartu, [989], [260099],1.0.3427
PUP.Optional.CrossRider, HKU\S-1-5-21-3328339923-2747926138-1126850117-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F01E5EC5-38C2-484F-94BA-5E6BB61D8DBC}|APPNAME, Smazání při restartu, [193], [237487],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad432262-acc0-427d-8ac5-18ef5268e55b}|APPNAME, Smazání při restartu, [193], [237508],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7171097f-9c9d-4466-9d70-63e42bbd0f07}|APPNAME, Smazání při restartu, [193], [237510],1.0.3427
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ad432262-acc0-427d-8ac5-18ef5268e55b}|APPNAME, Smazání při restartu, [193], [237508],1.0.3427
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 3
PUP.Optional.OpenCandy, C:\USERS\MAREK\DOWNLOADS\DTLITE4471-0337.EXE, Smazání při restartu, [471], [297667],1.0.3427
Trojan.Floxif, C:\USERS\MAREK\DOWNLOADS\CCSETUP533.EXE, Smazání při restartu, [5499], [436382],1.0.3427
PUP.Optional.OpenCandy, C:\USERS\MAREK\DOWNLOADS\PHOTOSCAPE-SETUP.EXE, Smazání při restartu, [471], [297667],1.0.3427
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: Prosím o ko logu
Zdravím, přijde mi subjektivně lepší. Hlavní ukazatel byl, že při hraní hudby při otevření např. nové záložky docházelo k hlasovému zpomalování hudby. 
Teď už to nedělá. Start systému není tedy nejrychlejší, nicméně to je u takto "zanesených" oken asi normální. Přikládám log :
Logfile of random's system information tool 1.16 (written by random/random)
Run by Marek at 2017-12-08 07:20:44
Microsoft Windows 10 Home
System drive C: has 168 GB (59%) free of 286 GB
Total RAM: 6062 MB (37% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:20:48, on 08.12.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\iCapture\iCaptureMonitor.exe
C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe
C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\iCapture\iCaptureNotificationArea.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Apteryx\Apteryx Imaging\DrSuni.exe
C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Dialog MIS\doktor.EXE
C:\Program Files (x86)\Dialog MIS\MSMWS002.DLL
C:\Program Files (x86)\Dialog MIS\Dialog.Goblin.exe
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflsr32.exe
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflbu32.exe
C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
C:\Program Files\trend micro\Marek_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ROGNB] "C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [STUISpeedLauncher] "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "D:\PROGRAM FILES (X86)\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify] C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Keenai Desktop.lnk = C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe
O4 - Global Startup: iCapture Monitor.lnk = C:\Program Files (x86)\iCapture\iCaptureMonitor.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: Name Grabber.lnk = C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: cgm.brevir-1 - Unknown owner - D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
O23 - Service: cgm.ecommunication-1 - CompuGroup Medical Česká republika s.r.o. - D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
O23 - Service: cgm.etrzby-1 - CompuGroup Medical Česká republika s.r.o. - D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe
O23 - Service: cgm.postgres - PostgreSQL Global Development Group - D:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe
O23 - Service: cgm.servercore - CGM - D:\CGMSERVER\bin\core\cgm.servercore.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\WINDOWS\system32\hasplms.exe (file missing)
O23 - Service: HCS.MedConnect.Service - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe
O23 - Service: HCS.MEDCONNECT.SERVICEMANAGER - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: KaVo DIAGNOcam Joystick Service 4.00 - Unknown owner - C:\WINDOWS\system32\DIAGNOjoy.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\program files\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
--
End of file - 16148 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
c:\windows\system32\svchost.exe -k netsvcs -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
c:\windows\system32\svchost.exe -k netsvcs -s Browser
C:\WINDOWS\system32\hasplms.exe -run
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\WINDOWS\system32\DIAGNOjoy.exe
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe"
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
D:\CGMSERVER\bin\pgsql\bin\pg_ctl.exe
D:\CGMSERVER\bin\core\cgm.servercore.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\WINDOWS\system32\AUDIODG.EXE 0x428
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k netsvcs -s BITS
"D:\CGMSERVER\jre\bin\java.exe" -Xms50m -Xmx512m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath="D:\CGMSERVER\logs\java.dump" -jar ..\jetty\start.jar STOP.KEY=cgm.jetty.stop STOP.PORT=12384 -Djava.io.tmpdir=..\temp\jetty
\??\C:\WINDOWS\system32\conhost.exe 0x4
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
c:\windows\system32\svchost.exe -k netsvcs -s wlidsvc
D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe
D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\sihost.exe
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
c:\windows\system32\taskhostw.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
C:\WINDOWS\Explorer.EXE
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
"C:\Windows\SysWOW64\UMonit64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\iCapture\iCaptureMonitor.exe" /hide
"C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe"
"C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe" -shortcut
"C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
C:\Program Files (x86)\iCapture\iCaptureNotificationArea.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
"C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe"
C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Marek\AppData\Local\Spotify\User Data\Crashpad" "--metrics-dir=C:\Users\Marek\AppData\Local\Spotify\User Data" --url=https://crashdump.spotify.com:443 --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.0.69.336 --initial-client-data=0x598,0x59c,0x5a0,0x594,0x5a4,0x57eb71a4,0x57eb71b4,0x57eb71c4
"C:\Program Files (x86)\Apteryx\Apteryx Imaging\DrSuni.exe"
"C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --disable-d3d11 --lang=en-US --log-file="C:\Users\Marek\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.69.336 --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,20,23,24,27,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x11e2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.6909 --gpu-driver-date=8-1-2016 --lang=en-US --log-file="C:\Users\Marek\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.69.336 --service-request-channel-token=A2CA30D162054A4582F56AB41B2578C2 --mojo-platform-channel-handle=2052 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --disable-pinch --service-pipe-token=9FFAC047763B63CD0DA999444866EB2D --lang=en-US --lang=en-US --log-file="C:\Users\Marek\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.69.336 --disable-spell-checking --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=9FFAC047763B63CD0DA999444866EB2D --renderer-client-id=3 --mojo-platform-channel-handle=3024 /prefetch:1
"C:\Program Files (x86)\Dialog MIS\doktor.EXE"
C:\Program Files (x86)\Dialog MIS\MSMWS002.DLL
"C:\Program Files (x86)\Dialog MIS\Dialog.Goblin.exe" PCDENT 14260
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflsr32.exe
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflbu32.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
C:\WINDOWS\system32\compattelrunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:H+w34exgg0+uqi+r.1
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
"C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Marek\Desktop\přednáška Gustissimo 23.1.17.xlsx"
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3328339923-2747926138-1126850117-10023_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3328339923-2747926138-1126850117-10023 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 696 700 708 8192 704
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe"
"C:\Users\Marek\Desktop\RSITx64.exe"
====== Scheduled tasks folder ======
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\ASUS InstantOn Config - C:\Program Files\ASUS\P4G\InsOnCfg.exe
C:\WINDOWS\system32\tasks\ASUS Live Update1 - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -critical
C:\WINDOWS\system32\tasks\ASUS Live Update2 - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -check
C:\WINDOWS\system32\tasks\ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\WINDOWS\system32\tasks\ASUS Splendid ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\tasks\ASUS Splendid ColorU - C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\WINDOWS\system32\tasks\ASUS USB Charger Plus - "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\system32\tasks\AsusVibeSchedule - "C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe" /start
C:\WINDOWS\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\EPM Preload - C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe /preload
C:\WINDOWS\system32\tasks\GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Update Checker - C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - %systemroot%\system32\MusNotification.exe LogonUpdateResults
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunCampaignManager - %windir%\System32\UNP\UNPCampaignManager.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
=========Google Chrome=========
C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.6
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.5
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6217.911.0.5
Homepage:
default_search_provider.search_url:
C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-18 211120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-06-13 66176]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-06 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-06 187968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-06-22 3348712]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"UMonit64"=C:\Windows\SysWOW64\UMonit64.exe [2013-03-14 40960]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14 557768]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2017-03-18 20488312]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-11-08 10024624]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-03-28 1421736]
"STUISpeedLauncher"=C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [2015-02-09 411136]
"Zoner Photo Studio Autoupdate"=D:\PROGRAM FILES (X86)\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-08-25 27832272]
"Spotify"=C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe [2017-12-07 21074320]
"Spotify Web Helper"=C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-12-07 780688]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]
"ROGNB"=C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [2011-09-19 466944]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-10-15 2694320]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2017-02-14 144696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
iCapture Monitor.lnk - C:\Program Files (x86)\iCapture\iCaptureMonitor.exe
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
Name Grabber.lnk - C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Keenai Desktop.lnk - C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-12-06 21:17:08 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2017-12-06 21:16:45 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-12-06 21:16:45 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-12-06 21:16:45 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2017-12-06 21:16:23 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2017-12-06 21:16:07 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2017-12-06 21:15:50 ----D---- C:\ProgramData\Malwarebytes
2017-12-06 21:15:50 ----D---- C:\Program Files\Malwarebytes
2017-12-06 20:49:35 ----D---- C:\AdwCleaner
2017-12-06 16:07:16 ----D---- C:\Users\Marek\AppData\Roaming\TeamViewer
2017-12-04 17:14:34 ----D---- C:\rsit
2017-11-24 07:27:40 ----A---- C:\WINDOWS\system32\drivers\klupd_KLIF_klark.sys
2017-11-24 07:26:39 ----A---- C:\WINDOWS\system32\drivers\klupd_KLIF_mark.sys
2017-11-24 07:26:39 ----A---- C:\WINDOWS\system32\drivers\klupd_KLIF_klbg.sys
2017-11-24 07:26:39 ----A---- C:\WINDOWS\system32\drivers\klupd_KLIF_arkmon.sys
2017-11-20 16:12:57 ----D---- C:\Users\Marek\AppData\Roaming\Spotify
2017-11-16 12:13:44 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2017-11-16 12:13:44 ----A---- C:\WINDOWS\SYSWOW64\CertPKICmdlet.dll
2017-11-16 12:13:43 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-11-16 12:13:39 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-11-16 12:13:38 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-11-16 12:13:38 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-11-16 12:13:36 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-11-16 12:13:36 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-11-16 12:13:34 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-11-16 12:13:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2017-11-16 12:13:32 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-11-16 12:13:32 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-11-16 12:13:30 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-11-16 12:13:30 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-11-16 12:13:30 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-11-16 12:13:26 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-11-16 12:13:26 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-11-16 12:13:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-11-16 12:13:22 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-11-16 12:13:17 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2017-11-16 12:13:17 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2017-11-16 12:13:14 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-11-16 12:13:13 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-11-16 12:13:13 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-11-16 12:13:12 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-11-16 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2017-11-16 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2017-11-16 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-11-16 12:13:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-11-16 12:13:09 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-11-16 12:13:09 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-11-16 12:13:08 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-11-16 12:13:06 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2017-11-16 12:13:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2017-11-16 12:13:05 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-11-16 12:13:04 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-11-16 12:13:04 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-11-16 12:13:04 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2017-11-16 12:09:33 ----A---- C:\WINDOWS\system32\tquery.dll
2017-11-16 12:09:33 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-11-16 12:09:32 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-16 12:09:31 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-16 12:09:29 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-11-16 12:09:29 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2017-11-16 12:09:25 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-11-16 12:09:11 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-11-16 12:09:11 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-16 12:09:09 ----A---- C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-16 12:09:08 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-11-16 12:09:06 ----A---- C:\WINDOWS\system32\wpdshext.dll
2017-11-16 12:09:06 ----A---- C:\WINDOWS\system32\wow64win.dll
2017-11-16 12:09:06 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-11-16 12:09:05 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-11-16 12:09:05 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-11-16 12:09:05 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wups.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-11-16 12:08:58 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-11-16 12:08:56 ----A---- C:\WINDOWS\system32\dsreg.dll
2017-11-16 12:08:55 ----A---- C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-16 12:08:55 ----A---- C:\WINDOWS\system32\user32.dll
2017-11-16 12:08:55 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-16 12:08:50 ----A---- C:\WINDOWS\system32\usocore.dll
2017-11-16 12:08:50 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 12:08:49 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 12:08:49 ----A---- C:\WINDOWS\system32\ubpm.dll
2017-11-16 12:08:49 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-11-16 12:08:44 ----A---- C:\WINDOWS\system32\utcutil.dll
2017-11-16 12:08:44 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-11-16 12:08:42 ----A---- C:\WINDOWS\system32\schedsvc.dll
2017-11-16 12:08:40 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-11-16 12:08:37 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 12:08:37 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-11-16 12:08:36 ----A---- C:\WINDOWS\system32\shell32.dll
2017-11-16 12:08:35 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-16 12:08:35 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2017-11-16 12:08:35 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\jscript.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-11-16 12:08:30 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-11-16 12:08:27 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-11-16 12:08:20 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-11-16 12:08:20 ----A---- C:\WINDOWS\system32\RMapi.dll
2017-11-16 12:08:19 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-11-16 12:08:19 ----A---- C:\WINDOWS\system32\profsvc.dll
2017-11-16 12:08:18 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-16 12:08:07 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-11-16 12:08:05 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-16 12:08:03 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-11-16 12:08:01 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-11-16 12:08:01 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2017-11-16 12:08:01 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-11-16 12:08:00 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-16 12:07:59 ----A---- C:\WINDOWS\system32\SEMgrPS.dll
2017-11-16 12:07:58 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-11-16 12:07:57 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-11-16 12:07:56 ----A---- C:\WINDOWS\system32\wmp.dll
2017-11-16 12:07:56 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\luafv.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-16 12:07:50 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-11-16 12:07:47 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-11-16 12:07:46 ----A---- C:\WINDOWS\system32\msIso.dll
2017-11-16 12:07:46 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-11-16 12:07:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 12:07:44 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-11-16 12:07:44 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 12:07:44 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-11-16 12:07:42 ----A---- C:\WINDOWS\system32\wininet.dll
2017-11-16 12:07:41 ----A---- C:\WINDOWS\system32\tzres.dll
2017-11-16 12:07:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-11-16 12:07:32 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-11-16 12:07:32 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-16 12:07:32 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\werui.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\wer.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 12:07:28 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 12:07:26 ----A---- C:\WINDOWS\system32\drivers\Dumpstorport.sys
2017-11-16 12:07:26 ----A---- C:\WINDOWS\system32\drivers\Diskdump.sys
2017-11-16 12:07:26 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-16 12:07:25 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-16 12:07:25 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 12:07:25 ----A---- C:\WINDOWS\system32\dcntel.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-11-16 12:07:19 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-11-16 12:07:19 ----A---- C:\WINDOWS\system32\ci.dll
2017-11-16 12:07:11 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-11-16 12:07:10 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\invagent.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\devinv.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\aitstatic.exe
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-11-16 12:06:57 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-11-16 12:06:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-11-16 12:06:56 ----A---- C:\WINDOWS\system32\pcasvc.dll
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-11-16 12:06:51 ----A---- C:\WINDOWS\system32\ClipSVC.dll
====== List of files/folders modified in the last 1 month ======
2017-12-08 07:20:47 ----D---- C:\WINDOWS\Temp
2017-12-08 07:20:46 ----D---- C:\Program Files\trend micro
2017-12-08 07:18:24 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2017-12-08 07:18:12 ----D---- C:\WINDOWS\Prefetch
2017-12-08 07:17:25 ----AD---- C:\Program Files (x86)\Dialog MIS
2017-12-08 07:15:57 ----D---- C:\WINDOWS\system32\drivers
2017-12-08 07:15:16 ----D---- C:\WINDOWS\AppReadiness
2017-12-08 07:13:10 ----D---- C:\WINDOWS\System32
2017-12-08 07:13:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-08 07:08:07 ----D---- C:\WINDOWS\SoftwareDistribution
2017-12-08 07:06:25 ----D---- C:\Windows
2017-12-08 07:06:16 ----SHD---- C:\System Volume Information
2017-12-08 07:06:05 ----D---- C:\ProgramData\NVIDIA
2017-12-07 16:15:35 ----D---- C:\WINDOWS\INF
2017-12-07 16:12:02 ----D---- C:\WINDOWS\system32\sru
2017-12-07 15:50:50 ----D---- C:\WINDOWS\system32\SleepStudy
2017-12-07 12:00:19 ----D---- C:\WINDOWS\system32\Tasks
2017-12-07 11:25:38 ----D---- C:\Users\Marek\AppData\Roaming\AIMP
2017-12-07 11:05:57 ----RD---- C:\WINDOWS\Microsoft.NET
2017-12-07 11:02:57 ----DC---- C:\WINDOWS\Panther
2017-12-07 10:30:01 ----HD---- C:\Program Files\WindowsApps
2017-12-07 10:00:18 ----D---- C:\WINDOWS\Registration
2017-12-07 09:59:24 ----HD---- C:\$WINDOWS.~BT
2017-12-06 21:15:50 ----RD---- C:\Program Files
2017-12-06 21:15:50 ----HD---- C:\ProgramData
2017-12-06 21:04:47 ----RD---- C:\Program Files (x86)
2017-12-06 20:35:57 ----D---- C:\Users\Marek\AppData\Roaming\Seznam.cz
2017-12-06 20:35:36 ----D---- C:\Program Files (x86)\Seznam.cz
2017-12-06 20:33:46 ----D---- C:\WINDOWS\Tasks
2017-12-06 20:23:48 ----D---- C:\WINDOWS\Logs
2017-12-06 20:08:11 ----D---- C:\WINDOWS\system32\config
2017-12-06 20:02:22 ----D---- C:\WINDOWS\system32\catroot2
2017-12-04 07:18:45 ----SHDC---- C:\WINDOWS\Installer
2017-12-04 07:18:45 ----HD---- C:\Config.Msi
2017-12-01 07:31:42 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-12-01 07:31:07 ----D---- C:\Program Files (x86)\Common Files
2017-12-01 07:29:39 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-12-01 07:23:04 ----D---- C:\WINDOWS\SysWOW64
2017-11-27 13:52:57 ----D---- C:\WINDOWS\system32\NDF
2017-11-22 17:27:43 ----D---- C:\Program Files (x86)\Keenai Desktop
2017-11-21 17:41:52 ----D---- C:\WINDOWS\debug
2017-11-20 14:48:07 ----D---- C:\WINDOWS\WinSxS
2017-11-20 14:48:07 ----D---- C:\WINDOWS\system32\DriverStore
2017-11-20 14:28:56 ----D---- C:\WINDOWS\rescache
2017-11-20 14:25:34 ----D---- C:\WINDOWS\system32\MRT
2017-11-20 14:16:13 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-20 14:15:49 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-11-18 16:13:26 ----D---- C:\WINDOWS\system32\CatRoot
2017-11-18 16:06:31 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-11-18 16:06:26 ----D---- C:\WINDOWS\system32\wbem
2017-11-18 16:06:26 ----D---- C:\WINDOWS\system32\cs-CZ
2017-11-18 16:06:26 ----D---- C:\WINDOWS\system32\appraiser
2017-11-18 16:06:22 ----D---- C:\WINDOWS\ShellExperiences
2017-11-18 16:06:22 ----D---- C:\WINDOWS\Provisioning
2017-11-18 16:06:22 ----D---- C:\WINDOWS\AppPatch
2017-11-18 16:06:22 ----D---- C:\Program Files\Windows Photo Viewer
2017-11-18 16:06:22 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-11-16 12:22:18 ----D---- C:\WINDOWS\CbsTemp
2017-11-14 07:10:55 ----AD---- C:\Program Files (x86)\iCapture
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-05-03 677360]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2016-08-02 554416]
R0 klupd_KLIF_arkmon;klupd_KLIF_arkmon; C:\WINDOWS\System32\Drivers\klupd_KLIF_arkmon.sys [2017-11-24 230312]
R0 klupd_KLIF_klbg;klupd_KLIF_klbg; C:\WINDOWS\System32\Drivers\klupd_KLIF_klbg.sys [2017-11-24 107680]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2017-12-06 253880]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-11-29 77432]
R1 klhk;Kaspersky Lab service driver; C:\WINDOWS\system32\DRIVERS\klhk.sys [2016-08-02 422344]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2016-08-02 1005512]
R2 aksdf;aksdf; \??\C:\WINDOWS\system32\drivers\aksdf.sys [2015-09-24 109200]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys [2015-09-24 205528]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2015-09-24 350552]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2017-12-06 193968]
R2 plctrl;plctrl; \??\C:\Program Files\ASUS\P4G\plctrl.sys [2013-06-19 18232]
R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [2015-01-30 11576]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2017-03-18 4233728]
R3 BTATH_BUS;@oem33.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-06-13 34384]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-06-29 609992]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 ETD;@oem110.inf,%PS2DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-06-22 447576]
R3 HIDSwitch;@oem98.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 kbfiltr;@oem9.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2016-08-02 191944]
R3 klupd_KLIF_kimul;klupd_KLIF_kimul; C:\WINDOWS\System32\Drivers\klupd_KLIF_kimul.sys [2017-03-18 87584]
R3 klupd_KLIF_klark;klupd_KLIF_klark; C:\WINDOWS\System32\Drivers\klupd_KLIF_klark.sys [2017-11-24 253192]
R3 klupd_KLIF_mark;klupd_KLIF_mark; C:\WINDOWS\System32\Drivers\klupd_KLIF_mark.sys [2017-12-06 173664]
R3 L1C;@oem2.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-09-18 130248]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2017-12-08 110016]
R3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [2017-12-08 46008]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2017-12-08 94144]
R3 NVHDA;@oem87.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-09-12 240712]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [2016-09-12 13754936]
R3 nvvad_WaveExtensible;@oem68.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys [2016-08-02 28792]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-07-28 105472]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-07-28 97280]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-05 130560]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-07-28 982016]
S3 CeflaHDCamLF;CeflaHDCamLF; \??\C:\Program Files (x86)\iCapture\DriverCeflaHDCam\CeflaHDCamLF.sys [2015-10-22 16864]
S3 CYUSB;@oem34.inf,%CYUSB_Description%;Cypress Generic USB Driver; C:\WINDOWS\System32\Drivers\DGC.sys [2015-05-18 55504]
S3 dg_ssudbus;@oem103.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-01-16 131712]
S3 GeneStor;@oem71.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\WINDOWS\System32\drivers\GeneStor.sys [2013-03-22 91368]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-04-19 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-08-01 180736]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;@oem58.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-01-16 165504]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-06-19 277120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 CDPUserSvc_79748;Uživatelská služba platformy připojených zařízení_79748; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 cgm.brevir-1;cgm.brevir-1; D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe [2017-05-15 265728]
R2 cgm.ebooking-1;cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [2017-06-15 33888]
R2 cgm.ecommunication-1;cgm.ecommunication-1; D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [2017-07-28 85088]
R2 cgm.etrzby-1;cgm.etrzby-1; D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe [2017-05-19 22112]
R2 cgm.postgres;cgm.postgres; D:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N cgm.postgres -D D:/CGMSERVER/data/pgsql []
R2 cgm.servercore;cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [2016-12-15 51200]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-11-22 8063664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 hasplms;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2015-09-24 4665168]
R2 HCS.MEDCONNECT.SERVICEMANAGER;HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [2016-11-03 91648]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-05-15 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-15 169432]
R2 KaVo DIAGNOcam Joystick Service 4.00;KaVo DIAGNOcam Joystick Service 4.00; C:\WINDOWS\system32\DIAGNOjoy.exe [2016-06-13 110592]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 6234056]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\System32\HPZinw12.dll
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 OneSyncSvc_79748;Hostitel synchronizace_79748; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\System32\HPZipm12.dll
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [2016-08-04 143664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R3 PimIndexMaintenanceSvc_79748;Data kontaktů_79748; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-15 366552]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_79748;Tok zařízení_79748; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-03-28 1099280]
S3 HCS.MedConnect.Service;HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [2016-11-03 46080]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_79748;Služba zasílání zpráv_79748; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 Origin Client Service;Origin Client Service; D:\program files\Origin\OriginClientService.exe [2015-08-19 2007048]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-11-22 209072]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------
Teď už to nedělá. Start systému není tedy nejrychlejší, nicméně to je u takto "zanesených" oken asi normální. Přikládám log :Logfile of random's system information tool 1.16 (written by random/random)
Run by Marek at 2017-12-08 07:20:44
Microsoft Windows 10 Home
System drive C: has 168 GB (59%) free of 286 GB
Total RAM: 6062 MB (37% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:20:48, on 08.12.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\iCapture\iCaptureMonitor.exe
C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe
C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\iCapture\iCaptureNotificationArea.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Apteryx\Apteryx Imaging\DrSuni.exe
C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Dialog MIS\doktor.EXE
C:\Program Files (x86)\Dialog MIS\MSMWS002.DLL
C:\Program Files (x86)\Dialog MIS\Dialog.Goblin.exe
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflsr32.exe
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflbu32.exe
C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
C:\Program Files\trend micro\Marek_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ROGNB] "C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [STUISpeedLauncher] "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "D:\PROGRAM FILES (X86)\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify] C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Keenai Desktop.lnk = C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe
O4 - Global Startup: iCapture Monitor.lnk = C:\Program Files (x86)\iCapture\iCaptureMonitor.exe
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: Name Grabber.lnk = C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: cgm.brevir-1 - Unknown owner - D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
O23 - Service: cgm.ecommunication-1 - CompuGroup Medical Česká republika s.r.o. - D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
O23 - Service: cgm.etrzby-1 - CompuGroup Medical Česká republika s.r.o. - D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe
O23 - Service: cgm.postgres - PostgreSQL Global Development Group - D:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe
O23 - Service: cgm.servercore - CGM - D:\CGMSERVER\bin\core\cgm.servercore.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\WINDOWS\system32\hasplms.exe (file missing)
O23 - Service: HCS.MedConnect.Service - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe
O23 - Service: HCS.MEDCONNECT.SERVICEMANAGER - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: KaVo DIAGNOcam Joystick Service 4.00 - Unknown owner - C:\WINDOWS\system32\DIAGNOjoy.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\program files\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
--
End of file - 16148 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
c:\windows\system32\svchost.exe -k netsvcs -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
c:\windows\system32\svchost.exe -k netsvcs -s Browser
C:\WINDOWS\system32\hasplms.exe -run
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\WINDOWS\system32\DIAGNOjoy.exe
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe"
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
D:\CGMSERVER\bin\pgsql\bin\pg_ctl.exe
D:\CGMSERVER\bin\core\cgm.servercore.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\WINDOWS\system32\AUDIODG.EXE 0x428
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k netsvcs -s BITS
"D:\CGMSERVER\jre\bin\java.exe" -Xms50m -Xmx512m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath="D:\CGMSERVER\logs\java.dump" -jar ..\jetty\start.jar STOP.KEY=cgm.jetty.stop STOP.PORT=12384 -Djava.io.tmpdir=..\temp\jetty
\??\C:\WINDOWS\system32\conhost.exe 0x4
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
c:\windows\system32\svchost.exe -k netsvcs -s wlidsvc
D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe
D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\sihost.exe
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
c:\windows\system32\taskhostw.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
C:\WINDOWS\Explorer.EXE
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
"C:\Windows\SysWOW64\UMonit64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\iCapture\iCaptureMonitor.exe" /hide
"C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe"
"C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe" -shortcut
"C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
C:\Program Files (x86)\iCapture\iCaptureNotificationArea.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
"C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe"
C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Marek\AppData\Local\Spotify\User Data\Crashpad" "--metrics-dir=C:\Users\Marek\AppData\Local\Spotify\User Data" --url=https://crashdump.spotify.com:443 --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.0.69.336 --initial-client-data=0x598,0x59c,0x5a0,0x594,0x5a4,0x57eb71a4,0x57eb71b4,0x57eb71c4
"C:\Program Files (x86)\Apteryx\Apteryx Imaging\DrSuni.exe"
"C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --disable-d3d11 --lang=en-US --log-file="C:\Users\Marek\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.69.336 --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,20,23,24,27,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x11e2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.6909 --gpu-driver-date=8-1-2016 --lang=en-US --log-file="C:\Users\Marek\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.69.336 --service-request-channel-token=A2CA30D162054A4582F56AB41B2578C2 --mojo-platform-channel-handle=2052 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --disable-pinch --service-pipe-token=9FFAC047763B63CD0DA999444866EB2D --lang=en-US --lang=en-US --log-file="C:\Users\Marek\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.69.336 --disable-spell-checking --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=9FFAC047763B63CD0DA999444866EB2D --renderer-client-id=3 --mojo-platform-channel-handle=3024 /prefetch:1
"C:\Program Files (x86)\Dialog MIS\doktor.EXE"
C:\Program Files (x86)\Dialog MIS\MSMWS002.DLL
"C:\Program Files (x86)\Dialog MIS\Dialog.Goblin.exe" PCDENT 14260
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflsr32.exe
C:\Program Files (x86)\Dialog MIS\cgmassist\wkflbu32.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
D:\CGMSERVER\bin\pgsql\bin\postgres.exe
C:\WINDOWS\system32\compattelrunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:H+w34exgg0+uqi+r.1
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
"C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Marek\Desktop\přednáška Gustissimo 23.1.17.xlsx"
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3328339923-2747926138-1126850117-10023_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3328339923-2747926138-1126850117-10023 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 696 700 708 8192 704
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe"
"C:\Users\Marek\Desktop\RSITx64.exe"
====== Scheduled tasks folder ======
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\ASUS InstantOn Config - C:\Program Files\ASUS\P4G\InsOnCfg.exe
C:\WINDOWS\system32\tasks\ASUS Live Update1 - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -critical
C:\WINDOWS\system32\tasks\ASUS Live Update2 - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe -check
C:\WINDOWS\system32\tasks\ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\WINDOWS\system32\tasks\ASUS Splendid ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\tasks\ASUS Splendid ColorU - C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\WINDOWS\system32\tasks\ASUS USB Charger Plus - "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\system32\tasks\AsusVibeSchedule - "C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe" /start
C:\WINDOWS\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\EPM Preload - C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe /preload
C:\WINDOWS\system32\tasks\GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Update Checker - C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - %systemroot%\system32\MusNotification.exe LogonUpdateResults
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunCampaignManager - %windir%\System32\UNP\UNPCampaignManager.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
=========Google Chrome=========
C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.6
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.5
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6217.911.0.5
Homepage:
default_search_provider.search_url:
C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-18 211120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-06-13 66176]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-06 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-06 187968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-06-22 3348712]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24 1402624]
"UMonit64"=C:\Windows\SysWOW64\UMonit64.exe [2013-03-14 40960]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14 557768]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2017-03-18 20488312]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-11-08 10024624]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-03-28 1421736]
"STUISpeedLauncher"=C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [2015-02-09 411136]
"Zoner Photo Studio Autoupdate"=D:\PROGRAM FILES (X86)\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-08-25 27832272]
"Spotify"=C:\Users\Marek\AppData\Roaming\Spotify\Spotify.exe [2017-12-07 21074320]
"Spotify Web Helper"=C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-12-07 780688]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]
"ROGNB"=C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [2011-09-19 466944]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-10-15 2694320]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2017-02-14 144696]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
iCapture Monitor.lnk - C:\Program Files (x86)\iCapture\iCaptureMonitor.exe
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
Name Grabber.lnk - C:\Program Files (x86)\Apteryx\Apteryx Imaging\Name Grabber.exe
C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Keenai Desktop.lnk - C:\Program Files (x86)\Keenai Desktop\Keenai.Desktop.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-12-06 21:17:08 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2017-12-06 21:16:45 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2017-12-06 21:16:45 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2017-12-06 21:16:45 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2017-12-06 21:16:23 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2017-12-06 21:16:07 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2017-12-06 21:15:50 ----D---- C:\ProgramData\Malwarebytes
2017-12-06 21:15:50 ----D---- C:\Program Files\Malwarebytes
2017-12-06 20:49:35 ----D---- C:\AdwCleaner
2017-12-06 16:07:16 ----D---- C:\Users\Marek\AppData\Roaming\TeamViewer
2017-12-04 17:14:34 ----D---- C:\rsit
2017-11-24 07:27:40 ----A---- C:\WINDOWS\system32\drivers\klupd_KLIF_klark.sys
2017-11-24 07:26:39 ----A---- C:\WINDOWS\system32\drivers\klupd_KLIF_mark.sys
2017-11-24 07:26:39 ----A---- C:\WINDOWS\system32\drivers\klupd_KLIF_klbg.sys
2017-11-24 07:26:39 ----A---- C:\WINDOWS\system32\drivers\klupd_KLIF_arkmon.sys
2017-11-20 16:12:57 ----D---- C:\Users\Marek\AppData\Roaming\Spotify
2017-11-16 12:13:44 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2017-11-16 12:13:44 ----A---- C:\WINDOWS\SYSWOW64\CertPKICmdlet.dll
2017-11-16 12:13:43 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-11-16 12:13:39 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-11-16 12:13:38 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-11-16 12:13:38 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-11-16 12:13:37 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-11-16 12:13:36 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-11-16 12:13:36 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-11-16 12:13:34 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-11-16 12:13:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2017-11-16 12:13:32 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-11-16 12:13:32 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-11-16 12:13:31 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-11-16 12:13:30 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-11-16 12:13:30 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-11-16 12:13:30 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-11-16 12:13:26 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-11-16 12:13:26 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-11-16 12:13:25 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-11-16 12:13:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-11-16 12:13:22 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-11-16 12:13:17 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2017-11-16 12:13:17 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-11-16 12:13:16 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2017-11-16 12:13:14 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-11-16 12:13:13 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-11-16 12:13:13 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-11-16 12:13:12 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-11-16 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2017-11-16 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2017-11-16 12:13:11 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-11-16 12:13:10 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-11-16 12:13:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-11-16 12:13:09 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-11-16 12:13:09 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-11-16 12:13:08 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-11-16 12:13:06 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2017-11-16 12:13:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2017-11-16 12:13:05 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-11-16 12:13:04 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-11-16 12:13:04 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-11-16 12:13:04 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2017-11-16 12:09:33 ----A---- C:\WINDOWS\system32\tquery.dll
2017-11-16 12:09:33 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-11-16 12:09:32 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-16 12:09:31 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-16 12:09:29 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-11-16 12:09:29 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2017-11-16 12:09:25 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-11-16 12:09:11 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-11-16 12:09:11 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-16 12:09:09 ----A---- C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-16 12:09:08 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-11-16 12:09:06 ----A---- C:\WINDOWS\system32\wpdshext.dll
2017-11-16 12:09:06 ----A---- C:\WINDOWS\system32\wow64win.dll
2017-11-16 12:09:06 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-11-16 12:09:05 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-11-16 12:09:05 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-11-16 12:09:05 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-11-16 12:09:04 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wups.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-16 12:09:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-11-16 12:08:58 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-11-16 12:08:56 ----A---- C:\WINDOWS\system32\dsreg.dll
2017-11-16 12:08:55 ----A---- C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-16 12:08:55 ----A---- C:\WINDOWS\system32\user32.dll
2017-11-16 12:08:55 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-16 12:08:50 ----A---- C:\WINDOWS\system32\usocore.dll
2017-11-16 12:08:50 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 12:08:49 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 12:08:49 ----A---- C:\WINDOWS\system32\ubpm.dll
2017-11-16 12:08:49 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-11-16 12:08:44 ----A---- C:\WINDOWS\system32\utcutil.dll
2017-11-16 12:08:44 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-11-16 12:08:42 ----A---- C:\WINDOWS\system32\schedsvc.dll
2017-11-16 12:08:40 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-11-16 12:08:37 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 12:08:37 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-11-16 12:08:36 ----A---- C:\WINDOWS\system32\shell32.dll
2017-11-16 12:08:35 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-16 12:08:35 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2017-11-16 12:08:35 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\jscript.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-11-16 12:08:34 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-16 12:08:33 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-11-16 12:08:30 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-11-16 12:08:27 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-11-16 12:08:20 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-11-16 12:08:20 ----A---- C:\WINDOWS\system32\RMapi.dll
2017-11-16 12:08:19 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-11-16 12:08:19 ----A---- C:\WINDOWS\system32\profsvc.dll
2017-11-16 12:08:18 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-16 12:08:07 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-11-16 12:08:05 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-16 12:08:03 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-11-16 12:08:01 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-11-16 12:08:01 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2017-11-16 12:08:01 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-11-16 12:08:00 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-16 12:07:59 ----A---- C:\WINDOWS\system32\SEMgrPS.dll
2017-11-16 12:07:58 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-11-16 12:07:57 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-11-16 12:07:56 ----A---- C:\WINDOWS\system32\wmp.dll
2017-11-16 12:07:56 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\luafv.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-11-16 12:07:51 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-16 12:07:50 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-11-16 12:07:47 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-11-16 12:07:46 ----A---- C:\WINDOWS\system32\msIso.dll
2017-11-16 12:07:46 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-11-16 12:07:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 12:07:44 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-11-16 12:07:44 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 12:07:44 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-11-16 12:07:42 ----A---- C:\WINDOWS\system32\wininet.dll
2017-11-16 12:07:41 ----A---- C:\WINDOWS\system32\tzres.dll
2017-11-16 12:07:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-11-16 12:07:32 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-11-16 12:07:32 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-16 12:07:32 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\werui.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\wer.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-11-16 12:07:29 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 12:07:28 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 12:07:26 ----A---- C:\WINDOWS\system32\drivers\Dumpstorport.sys
2017-11-16 12:07:26 ----A---- C:\WINDOWS\system32\drivers\Diskdump.sys
2017-11-16 12:07:26 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-16 12:07:25 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-16 12:07:25 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 12:07:25 ----A---- C:\WINDOWS\system32\dcntel.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-11-16 12:07:20 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-11-16 12:07:19 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-11-16 12:07:19 ----A---- C:\WINDOWS\system32\ci.dll
2017-11-16 12:07:11 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-11-16 12:07:10 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-16 12:07:03 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\invagent.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\devinv.dll
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\aitstatic.exe
2017-11-16 12:07:02 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-11-16 12:06:57 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-11-16 12:06:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-11-16 12:06:56 ----A---- C:\WINDOWS\system32\pcasvc.dll
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-11-16 12:06:52 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-11-16 12:06:51 ----A---- C:\WINDOWS\system32\ClipSVC.dll
====== List of files/folders modified in the last 1 month ======
2017-12-08 07:20:47 ----D---- C:\WINDOWS\Temp
2017-12-08 07:20:46 ----D---- C:\Program Files\trend micro
2017-12-08 07:18:24 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2017-12-08 07:18:12 ----D---- C:\WINDOWS\Prefetch
2017-12-08 07:17:25 ----AD---- C:\Program Files (x86)\Dialog MIS
2017-12-08 07:15:57 ----D---- C:\WINDOWS\system32\drivers
2017-12-08 07:15:16 ----D---- C:\WINDOWS\AppReadiness
2017-12-08 07:13:10 ----D---- C:\WINDOWS\System32
2017-12-08 07:13:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-08 07:08:07 ----D---- C:\WINDOWS\SoftwareDistribution
2017-12-08 07:06:25 ----D---- C:\Windows
2017-12-08 07:06:16 ----SHD---- C:\System Volume Information
2017-12-08 07:06:05 ----D---- C:\ProgramData\NVIDIA
2017-12-07 16:15:35 ----D---- C:\WINDOWS\INF
2017-12-07 16:12:02 ----D---- C:\WINDOWS\system32\sru
2017-12-07 15:50:50 ----D---- C:\WINDOWS\system32\SleepStudy
2017-12-07 12:00:19 ----D---- C:\WINDOWS\system32\Tasks
2017-12-07 11:25:38 ----D---- C:\Users\Marek\AppData\Roaming\AIMP
2017-12-07 11:05:57 ----RD---- C:\WINDOWS\Microsoft.NET
2017-12-07 11:02:57 ----DC---- C:\WINDOWS\Panther
2017-12-07 10:30:01 ----HD---- C:\Program Files\WindowsApps
2017-12-07 10:00:18 ----D---- C:\WINDOWS\Registration
2017-12-07 09:59:24 ----HD---- C:\$WINDOWS.~BT
2017-12-06 21:15:50 ----RD---- C:\Program Files
2017-12-06 21:15:50 ----HD---- C:\ProgramData
2017-12-06 21:04:47 ----RD---- C:\Program Files (x86)
2017-12-06 20:35:57 ----D---- C:\Users\Marek\AppData\Roaming\Seznam.cz
2017-12-06 20:35:36 ----D---- C:\Program Files (x86)\Seznam.cz
2017-12-06 20:33:46 ----D---- C:\WINDOWS\Tasks
2017-12-06 20:23:48 ----D---- C:\WINDOWS\Logs
2017-12-06 20:08:11 ----D---- C:\WINDOWS\system32\config
2017-12-06 20:02:22 ----D---- C:\WINDOWS\system32\catroot2
2017-12-04 07:18:45 ----SHDC---- C:\WINDOWS\Installer
2017-12-04 07:18:45 ----HD---- C:\Config.Msi
2017-12-01 07:31:42 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-12-01 07:31:07 ----D---- C:\Program Files (x86)\Common Files
2017-12-01 07:29:39 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-12-01 07:23:04 ----D---- C:\WINDOWS\SysWOW64
2017-11-27 13:52:57 ----D---- C:\WINDOWS\system32\NDF
2017-11-22 17:27:43 ----D---- C:\Program Files (x86)\Keenai Desktop
2017-11-21 17:41:52 ----D---- C:\WINDOWS\debug
2017-11-20 14:48:07 ----D---- C:\WINDOWS\WinSxS
2017-11-20 14:48:07 ----D---- C:\WINDOWS\system32\DriverStore
2017-11-20 14:28:56 ----D---- C:\WINDOWS\rescache
2017-11-20 14:25:34 ----D---- C:\WINDOWS\system32\MRT
2017-11-20 14:16:13 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-20 14:15:49 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-11-18 16:13:26 ----D---- C:\WINDOWS\system32\CatRoot
2017-11-18 16:06:31 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-11-18 16:06:26 ----D---- C:\WINDOWS\system32\wbem
2017-11-18 16:06:26 ----D---- C:\WINDOWS\system32\cs-CZ
2017-11-18 16:06:26 ----D---- C:\WINDOWS\system32\appraiser
2017-11-18 16:06:22 ----D---- C:\WINDOWS\ShellExperiences
2017-11-18 16:06:22 ----D---- C:\WINDOWS\Provisioning
2017-11-18 16:06:22 ----D---- C:\WINDOWS\AppPatch
2017-11-18 16:06:22 ----D---- C:\Program Files\Windows Photo Viewer
2017-11-18 16:06:22 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-11-16 12:22:18 ----D---- C:\WINDOWS\CbsTemp
2017-11-14 07:10:55 ----AD---- C:\Program Files (x86)\iCapture
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-05-03 677360]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2016-08-02 554416]
R0 klupd_KLIF_arkmon;klupd_KLIF_arkmon; C:\WINDOWS\System32\Drivers\klupd_KLIF_arkmon.sys [2017-11-24 230312]
R0 klupd_KLIF_klbg;klupd_KLIF_klbg; C:\WINDOWS\System32\Drivers\klupd_KLIF_klbg.sys [2017-11-24 107680]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2017-12-06 253880]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-11-29 77432]
R1 klhk;Kaspersky Lab service driver; C:\WINDOWS\system32\DRIVERS\klhk.sys [2016-08-02 422344]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2016-08-02 1005512]
R2 aksdf;aksdf; \??\C:\WINDOWS\system32\drivers\aksdf.sys [2015-09-24 109200]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys [2015-09-24 205528]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2015-09-24 350552]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2017-12-06 193968]
R2 plctrl;plctrl; \??\C:\Program Files\ASUS\P4G\plctrl.sys [2013-06-19 18232]
R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [2015-01-30 11576]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2017-03-18 4233728]
R3 BTATH_BUS;@oem33.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-06-13 34384]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-06-29 609992]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 ETD;@oem110.inf,%PS2DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-06-22 447576]
R3 HIDSwitch;@oem98.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 kbfiltr;@oem9.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2016-08-02 191944]
R3 klupd_KLIF_kimul;klupd_KLIF_kimul; C:\WINDOWS\System32\Drivers\klupd_KLIF_kimul.sys [2017-03-18 87584]
R3 klupd_KLIF_klark;klupd_KLIF_klark; C:\WINDOWS\System32\Drivers\klupd_KLIF_klark.sys [2017-11-24 253192]
R3 klupd_KLIF_mark;klupd_KLIF_mark; C:\WINDOWS\System32\Drivers\klupd_KLIF_mark.sys [2017-12-06 173664]
R3 L1C;@oem2.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-09-18 130248]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2017-12-08 110016]
R3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [2017-12-08 46008]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2017-12-08 94144]
R3 NVHDA;@oem87.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-09-12 240712]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [2016-09-12 13754936]
R3 nvvad_WaveExtensible;@oem68.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys [2016-08-02 28792]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-07-28 105472]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-07-28 97280]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-05 130560]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-07-28 982016]
S3 CeflaHDCamLF;CeflaHDCamLF; \??\C:\Program Files (x86)\iCapture\DriverCeflaHDCam\CeflaHDCamLF.sys [2015-10-22 16864]
S3 CYUSB;@oem34.inf,%CYUSB_Description%;Cypress Generic USB Driver; C:\WINDOWS\System32\Drivers\DGC.sys [2015-05-18 55504]
S3 dg_ssudbus;@oem103.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-01-16 131712]
S3 GeneStor;@oem71.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\WINDOWS\System32\drivers\GeneStor.sys [2013-03-22 91368]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-04-19 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-08-01 180736]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;@oem58.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-01-16 165504]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-06-19 277120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 CDPUserSvc_79748;Uživatelská služba platformy připojených zařízení_79748; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 cgm.brevir-1;cgm.brevir-1; D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe [2017-05-15 265728]
R2 cgm.ebooking-1;cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [2017-06-15 33888]
R2 cgm.ecommunication-1;cgm.ecommunication-1; D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [2017-07-28 85088]
R2 cgm.etrzby-1;cgm.etrzby-1; D:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe [2017-05-19 22112]
R2 cgm.postgres;cgm.postgres; D:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N cgm.postgres -D D:/CGMSERVER/data/pgsql []
R2 cgm.servercore;cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [2016-12-15 51200]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-11-22 8063664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 hasplms;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2015-09-24 4665168]
R2 HCS.MEDCONNECT.SERVICEMANAGER;HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [2016-11-03 91648]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-05-15 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-05-15 169432]
R2 KaVo DIAGNOcam Joystick Service 4.00;KaVo DIAGNOcam Joystick Service 4.00; C:\WINDOWS\system32\DIAGNOjoy.exe [2016-06-13 110592]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 6234056]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\System32\HPZinw12.dll
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 OneSyncSvc_79748;Hostitel synchronizace_79748; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\System32\HPZipm12.dll
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [2016-08-04 143664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R3 PimIndexMaintenanceSvc_79748;Data kontaktů_79748; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-15 366552]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_79748;Tok zařízení_79748; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-03-28 1099280]
S3 HCS.MedConnect.Service;HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [2016-11-03 46080]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_79748;Služba zasílání zpráv_79748; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 Origin Client Service;Origin Client Service; D:\program files\Origin\OriginClientService.exe [2015-08-19 2007048]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-11-22 209072]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------
Re: Prosím o ko logu
No můžeme trochu poladit co se bude spouštět při startu PC.
Stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :
Asus Web Storage
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
V Knihovně Plánovače úloh zakaž :
ASUS Live Update1
ASUS Live Update2
Asus Vibe Schedule
Garmin Updater
Google Update
Update Checker
Office Automatic Updates
Stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :
Asus Web Storage
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
V Knihovně Plánovače úloh zakaž :
ASUS Live Update1
ASUS Live Update2
Asus Vibe Schedule
Garmin Updater
Google Update
Update Checker
Office Automatic Updates
Re: Prosím o ko logu
Done.
děkuji!
děkuji!
Re: Prosím o ko logu
Myslím, že lehce ano. Minimálně se mi nezastavuje hudba při spuštění jiné aplikace, či záložky v prohlížeči.
Přispějete na provoz fóra?