Nejde nainstalovat ESET

[otomar]

Dobrý den, mám (známé) potíže s instalací ESETu - celý proces instalace se na konci "vrací" a antivir se nenainstaluje. Už se zde před časem podobné problémy řešily. Momentálně se mi i zdá, že Chrome načítá některé stránky pomaleji a nemám k němu při využívání internetbankingu důvěru. Prosím o kontrolu logu


Logfile of random's system information tool 1.16 (written by random/random)
Run by Petr at 2018-06-07 20:26:20
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 84 GB (37%) free of 228 GB
Total RAM: 8077 MB (75% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:26:23, on 7.6.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19003)
Boot mode: Normal

Running processes:
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
C:\Program Files\trend micro\Petr_RSITx64.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Windows\System32\schtasks.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9568 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Software Informer\softinfo.exe" -service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Petr\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Petr\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.181 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fef3213218,0x7fef3213228,0x7fef3213238
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2364 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1056,3679632321534172399,784702878040324385,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=B825C4334BC70C5193DB233D68CED805 --mojo-platform-channel-handle=1092 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE"
"C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,3679632321534172399,784702878040324385,131072 --service-pipe-token=8FED860827404DF6082645A6D6FD0125 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=8FED860827404DF6082645A6D6FD0125 --renderer-client-id=3 --mojo-platform-channel-handle=1940 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,3679632321534172399,784702878040324385,131072 --service-pipe-token=0A03C100EAA60A5B0C1BF23483E4B19B --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=0A03C100EAA60A5B0C1BF23483E4B19B --renderer-client-id=4 --mojo-platform-channel-handle=2132 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,3679632321534172399,784702878040324385,131072 --service-pipe-token=41892EE0A012EBFDD0C5832A8401151D --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=41892EE0A012EBFDD0C5832A8401151D --renderer-client-id=5 --mojo-platform-channel-handle=2164 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,3679632321534172399,784702878040324385,131072 --service-pipe-token=59D65C42C50FBEA91C45117F16200BE7 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=59D65C42C50FBEA91C45117F16200BE7 --renderer-client-id=6 --mojo-platform-channel-handle=2184 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,3679632321534172399,784702878040324385,131072 --service-pipe-token=BED49482FCFC846850DAA06D24906213 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=BED49482FCFC846850DAA06D24906213 --renderer-client-id=8 --mojo-platform-channel-handle=2208 /prefetch:1
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6e9e455a-e0ae-4d33-9562-247ad6676346 -SystemEventPortName:HostProcess-2ecb3132-45d4-4bd8-8535-e83dbf6534cf -IoCancelEventPortName:HostProcess-ca48f192-79dc-47f7-a401-5818cd987495 -NonStateChangingEventPortName:HostProcess-7ffdce8a-1148-4d5e-b73e-90de5a4d3f70 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a0002450-250f-4c25-bebc-e8c6376ee30b -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "D:\Bad Gastein\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1056,3679632321534172399,784702878040324385,131072 --lang=cs --service-sandbox-type=utility --service-request-channel-token=F29F3E2AE77B52B7A06DA6361F3E2660 --mojo-platform-channel-handle=5712 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1056,3679632321534172399,784702878040324385,131072 --lang=cs --service-sandbox-type=utility --service-request-channel-token=4D88B1A5D5E9B19A2B5480FA1490A340 --mojo-platform-channel-handle=824 --ignored=" --type=renderer " /prefetch:8
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1056,3679632321534172399,784702878040324385,131072 --service-pipe-token=78F142707B42E573B36F2BFBFCBF2CE5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=78F142707B42E573B36F2BFBFCBF2CE5 --renderer-client-id=31 --mojo-platform-channel-handle=4660 /prefetch:1
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Petr\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe -check pepperplugin
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
C:\Windows\system32\tasks\GIGABYTE OC GURU - "C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe"
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\Windows\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\Windows\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\Windows\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\Windows\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\Windows\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1421795409 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SoftwareInformerService - "C:\Program Files\Software Informer\softinfo.exe" -service
C:\Windows\system32\tasks\{01F4AA41-4985-4874-A36B-5D9257C6778E} - C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGA3G8JN\TSCloudClientV2_EN_SetUp.exe" -d C:\Users\Petr\Desktop
C:\Windows\system32\tasks\{04496251-1A0F-4CD2-8707-A638E40CBFDA} - C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Desktop\MapSource 6.13.7\MapInstall.exe" -d "C:\Users\Petr\Desktop\MapSource 6.13.7"
C:\Windows\system32\tasks\{04788C21-A220-4C2D-9435-CEA433F12571} - C:\Windows\system32\pcalua.exe -a E:\Network\Intel\Autorun.exe -d E:\Network\Intel
C:\Windows\system32\tasks\{1A505E99-8078-46BB-A42C-459DCEE4138F} - C:\Windows\system32\pcalua.exe -a C:\Users\Petr\Desktop\winzip_12_0_cestina.exe -d C:\Users\Petr\Desktop
C:\Windows\system32\tasks\{2459CDDA-81F3-449A-B1BC-605096FF2705} - C:\Program Files\MyTourbook\mytourbook.exe
C:\Windows\system32\tasks\{29360F00-0865-4882-A421-43AC5D34EA1C} - C:\Users\Petr\Desktop\PedoMeter_W5.exe
C:\Windows\system32\tasks\{2D5576C8-9C9C-4EC7-A199-683CD8C60FBA} - D:\Office14\EXCEL.EXE
C:\Windows\system32\tasks\{31416C43-C7B0-4B13-85A8-21748A2845A1} - C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Desktop\MapSource 6.13.7\MapInstall.exe" -d "C:\Users\Petr\Desktop\MapSource 6.13.7"
C:\Windows\system32\tasks\{3CA172D6-E6A4-4011-8420-1FC011576CAE} - C:\Program Files (x86)\Garmin\VIRB Edit\VirbEdit.exe
C:\Windows\system32\tasks\{46FCE24A-A94A-4059-AC68-FD1CC2ADA7DA} - C:\Users\Petr\Desktop\PedoMeter_W5.exe
C:\Windows\system32\tasks\{561FFE33-2966-4016-8FE8-D12C9BCC213B} - C:\Program Files (x86)\LG Electronics\LG Bridge\LGBridge.exe
C:\Windows\system32\tasks\{58646C80-D156-488A-B321-25C6B3C8691E} - C:\Windows\system32\pcalua.exe -a C:\Users\Petr\Desktop\MapSource\Setup.exe -d C:\Users\Petr\Desktop\MapSource
C:\Windows\system32\tasks\{5897BCF3-6F1F-4390-9C29-A32CDF9D1910} - C:\Windows\system32\pcalua.exe -a E:\loader.exe -d E:\
C:\Windows\system32\tasks\{611F4D47-EED1-483B-ADB0-3A3504C88405} - C:\Program Files\MyTourbook\mytourbook.exe
C:\Windows\system32\tasks\{7ACE7626-B375-4C70-A1CE-59A09DBA5607} - D:\From P4\VoloVEm.exe
C:\Windows\system32\tasks\{92575847-A86A-4A00-B97A-259FA6FFC56B} - C:\Windows\system32\pcalua.exe -a "C:\Garmin\MapSource 6.13.7\MapSource.exe" -d "C:\Garmin\MapSource 6.13.7"
C:\Windows\system32\tasks\{A6DE8ED7-2E3B-4655-8EF1-5765E70E107E} - C:\Windows\system32\pcalua.exe -a C:\Users\Petr\Downloads\outlook-express-ms-windows-mail.exe -d C:\Users\Petr\Downloads
C:\Windows\system32\tasks\{A8C4ED21-A209-4B36-A41D-608B4E551370} - G:\DTLplus_Launcher.exe
C:\Windows\system32\tasks\{BBD68DE5-6924-4637-8144-959058E52A1D} - C:\Users\Petr\Desktop\PedoMeter_W5.exe
C:\Windows\system32\tasks\{C3D80990-8734-4EE1-B93D-891CB738446D} - C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Desktop\MapSource 6.13.7\MapInstall.exe" -d "C:\Users\Petr\Desktop\MapSource 6.13.7"
C:\Windows\system32\tasks\{C9A38327-C5B5-479C-AAFF-DAF011E5B11C} - C:\Program Files (x86)\GearWatchDesigner\GearWatchDesigner.exe
C:\Windows\system32\tasks\{D6EE1911-689D-4E53-8A50-F9AB2A0B3582} - C:\Program Files\MyTourbook\mytourbook.exe
C:\Windows\system32\tasks\{E06B7B61-932A-4B8F-942B-8DD20B16E9C2} - C:\Windows\system32\pcalua.exe -a C:\MapSource_6154.exe -d C:\
C:\Windows\system32\tasks\{E8E633D5-8A5A-4944-B182-9E40719BA229} - G:\DTLplus_Launcher.exe
C:\Windows\system32\tasks\{ED333A30-48A9-446F-8303-460C90EAA1FF} - C:\Windows\system32\pcalua.exe -a "D:\From P4\VoloVEm.exe" -d "D:\From P4"
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2931756652-2467188594-2397017789-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Google Chrome=========

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapbdbdomjkkjkaonfhkkikfgjllcleb 1 Překladač Google 2.0.7
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension ahjaciijnoiaklcomgnblndopackapon 1 Identity API Scope Approval UI 1.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfogiafebfohielmmehodmfbbebbbpei 0 Keeper® Password Manager & Digital Vault 12.0.1
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.3
Extension ehebfpjkmkfjlfffcmnejglggpmpgclb
Extension ekkomjfglgnfeeachhdckcbgjhfiahco 0
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension epejdmjgfibjaffbmojllapapjejipkh 1 Samsung Internet 2.2.9
Extension gbchcmhmhahfdphkhkmpfmihenigjmpp 0 Vzdálená plocha Chrome 63.0.3239.17
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gheikhdfflhlbemfmhcfpeblehemeklp 0 Planetarium 1.1.3
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.30.1
Extension gmbmikajjgmnabiglmofipeabaddhgne 1 Uložit na Disk Google 2.1.1
Extension gnanofkheadcljeljcdajphiajpomcmd 0 TypeRacer 3.1
Extension gnlacfdajilfdkeppfmeongfefcpnaie 0 Socio 1.0.1
Extension hjaooagfdhdhmbfchnkhggjmacjlacla 0 Tabs to the front! 0.2.4
Extension hmjkmjkepdijhoojdojkdfohbdgmmhki 1 Google Keep – poznámky a seznamy 3.1.18224.1199
Extension ignfpjbikbaamkhplcbcocphokmcgjcg
Extension jpcmhcelnjdmblfmjabdeclccemkghjk 1 View image 2
Extension kaafoaobjaplofpihlhbcbcjhmgnjplf 0 Sticky Password Autofill Engine 3.0.0.669
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension lbfehkoinhhcknnbdgnnmjhiladcgbol 1 Evernote Web 1.0.8
Extension ljphpjlafmmdmegmfbkacafhbegjfkkn 1 Top Eleven 2.0.0.5
Extension lneaknkopdijkpnocmklfnjbeapigfbh 1 Mapy Google 5.4.1
Extension loopacbjaigjkjdhjfkhebdhfgdmgjdc 1 Day by Day 1.8.5
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.7
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6618.312.0.2
Homepage: http://www.google.cz/
default_search_provider.search_url:
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-20 571968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-20 235584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-14 13671792]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmdS.exe /launch /hide []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2018-05-15 1586008]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09 1183256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 10]
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe /Auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2017-07-05 1313408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2018-05-15 1586008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySELECT.exe]
C:\Program Files\Common Files\Bentley Shared\CONNECTION client\Bentley.Connect.Client.exe [2016-02-05 493016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSUAMain]
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SideSync]
C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [2017-05-29 12471968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
C:\Program Files\Software Informer\softinfo.exe [2015-06-26 1634304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2017-03-23 3019552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickyPassword]
C:\Program Files (x86)\Sticky Password\stpass.exe [2016-10-10 64000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12 587288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HandyAndy.lnk]
C:\Program Files\Andy\HandyAndy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk]
C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe [2015-10-23 72040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 9.0 SE.lnk]
C:\PROGRA~2\COMMON~1\PANASO~1\PHOTOF~1\AUTOST~1.EXE -e C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 9.0 SE\PHOTOfunSTUDIO.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
D:\Programy\WZQKPICK.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FacebookGamesNotifier.exe.lnk]
C:\Users\Petr\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Password Safe.lnk]
C:\PROGRA~2\PASSWO~1\pwsafe.exe -s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
D:\Office14\ONENOTEM.EXE [2015-10-13 228552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VICTORY Gaming Keyboard"=C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [2013-04-09 270336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Windows\System32\schtasks.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoThumbnailCache"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutorun"=158
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux5"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1

====== List of files/folders created in the last 1 month ======

2018-06-07 20:26:21 ----D---- C:\Program Files\trend micro
2018-06-07 20:26:20 ----D---- C:\rsit
2018-06-03 22:09:01 ----SHD---- C:\$RECYCLE.BIN
2018-06-03 22:00:50 ----SD---- C:\Uninstal
2018-06-03 13:26:44 ----A---- C:\Windows\system32\mshtml.dll
2018-06-03 13:26:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-06-03 13:26:43 ----A---- C:\Windows\system32\ieframe.dll
2018-06-03 13:26:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-06-03 13:26:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-06-03 13:26:42 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-06-03 13:26:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-06-03 13:26:42 ----A---- C:\Windows\system32\wininet.dll
2018-06-03 13:26:42 ----A---- C:\Windows\system32\win32k.sys
2018-06-03 13:26:42 ----A---- C:\Windows\system32\jscript9.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\wudriver.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\wucltux.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\wuaueng.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\winload.exe
2018-06-03 13:26:41 ----A---- C:\Windows\system32\vbscript.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\urlmon.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\TSpkg.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\srvsvc.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\rpcss.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\oleaut32.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-06-03 13:26:41 ----A---- C:\Windows\system32\msfeeds.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\jscript.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\iertutil.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-06-03 13:26:41 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-06-03 13:26:41 ----A---- C:\Windows\system32\drivers\srv.sys
2018-06-03 13:26:41 ----A---- C:\Windows\system32\comsvcs.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\clfs.sys
2018-06-03 13:26:41 ----A---- C:\Windows\system32\catsrvut.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\itss.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\itircl.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\hhsetup.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\hh.exe
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\wups2.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\wups.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\webcheck.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\ole32.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\ntdll.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-03 13:26:40 ----A---- C:\Windows\system32\msrating.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\mshtmled.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\jscript9diag.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\itss.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\itircl.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\ieui.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\iesetup.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\iedkcs32.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\ie4uinit.exe
2018-06-03 13:26:40 ----A---- C:\Windows\system32\hhsetup.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\hal.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\dxtrans.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\dxtmsft.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-06-03 13:26:40 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-06-03 13:26:40 ----A---- C:\Windows\system32\certcli.dll
2018-06-03 13:26:40 ----A---- C:\Windows\hh.exe
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\wups.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\sscore.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wuwebv.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wuauclt.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wuapp.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wuapi.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wow64win.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wow64cpu.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wow64.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\winsrv.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\WinSetupUI.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wdigest.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\sspisrv.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\sspicli.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\sscore.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\srcore.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\srclient.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\smss.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\schannel.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\secur32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\rstrui.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\rpchttp.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\rpcrt4.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\oleres.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\occache.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ntvdm64.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ncrypt.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\msv1_0.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\lsass.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\lsasrv.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\KernelBase.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\kernel32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\kerberos.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\jsproxy.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\inseng.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ieUnatt.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\iernonce.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ieapfltr.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-06-03 13:26:39 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-06-03 13:26:39 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-06-03 13:26:39 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-06-03 13:26:39 ----A---- C:\Windows\system32\drivers\appid.sys
2018-06-03 13:26:39 ----A---- C:\Windows\system32\csrsrv.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\cryptbase.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\credssp.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\conhost.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\comcat.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\bcrypt.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\auditpol.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\appidsvc.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\appidapi.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\advapi32.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\user.exe
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-06-03 13:26:38 ----A---- C:\Windows\system32\tzres.dll
2018-06-03 13:26:38 ----A---- C:\Windows\system32\msobjs.dll
2018-06-03 13:26:38 ----A---- C:\Windows\system32\msaudite.dll
2018-06-03 13:26:38 ----A---- C:\Windows\system32\apisetschema.dll
2018-06-03 13:26:38 ----A---- C:\Windows\system32\adtschema.dll
2018-06-02 11:55:30 ----D---- C:\Windows\temp
2018-06-02 11:55:29 ----A---- C:\CF.txt
2018-06-02 11:42:48 ----A---- C:\Windows\zip.exe
2018-06-02 11:42:48 ----A---- C:\Windows\SWSC.exe
2018-06-02 11:42:48 ----A---- C:\Windows\SWREG.exe
2018-06-02 11:42:48 ----A---- C:\Windows\sed.exe
2018-06-02 11:42:48 ----A---- C:\Windows\PEV.exe
2018-06-02 11:42:48 ----A---- C:\Windows\NIRCMD.exe
2018-06-02 11:42:48 ----A---- C:\Windows\MBR.exe
2018-06-02 11:42:48 ----A---- C:\Windows\grep.exe
2018-06-02 11:42:38 ----D---- C:\Windows\erdnt
2018-06-02 11:32:53 ----D---- C:\AdwCleaner
2018-06-02 09:01:51 ----A---- C:\Windows\system32\drivers\mbae64.sys
2018-06-02 09:01:47 ----D---- C:\Program Files\Malwarebytes
2018-06-02 09:01:42 ----D---- C:\ProgramData\MB2Migration
2018-06-02 08:46:37 ----D---- C:\ProgramData\ESET

====== List of files/folders modified in the last 1 month ======

2018-06-07 20:26:21 ----RD---- C:\Program Files
2018-06-07 20:26:15 ----D---- C:\Windows\system32\config
2018-06-07 20:22:32 ----D---- C:\ProgramData\NVIDIA
2018-06-07 20:20:17 ----D---- C:\Windows\system32\drivers
2018-06-07 20:18:43 ----D---- C:\Windows\System32
2018-06-07 20:18:43 ----D---- C:\Windows\inf
2018-06-07 20:18:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-06-06 19:47:29 ----D---- C:\Windows\rescache
2018-06-04 21:58:39 ----D---- C:\ProgramData\CanonIJPLM
2018-06-04 00:00:23 ----SHD---- C:\System Volume Information
2018-06-03 22:10:55 ----SHD---- C:\Windows\Installer
2018-06-03 22:10:55 ----D---- C:\Windows\system32\DriverStore
2018-06-03 22:06:21 ----D---- C:\Windows\winsxs
2018-06-03 22:05:29 ----D---- C:\Windows\SYSWOW64\en-US
2018-06-03 22:05:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-06-03 22:05:29 ----D---- C:\Windows\SysWOW64
2018-06-03 22:05:29 ----D---- C:\Program Files\Internet Explorer
2018-06-03 22:05:29 ----D---- C:\Program Files (x86)\Internet Explorer
2018-06-03 22:05:28 ----D---- C:\Windows\system32\en-US
2018-06-03 22:05:28 ----D---- C:\Windows\system32\drivers\en-US
2018-06-03 22:05:28 ----D---- C:\Windows\system32\cs-CZ
2018-06-03 22:05:28 ----D---- C:\Windows\system32\Boot
2018-06-03 22:05:28 ----D---- C:\Windows\AppPatch
2018-06-03 22:05:28 ----D---- C:\Windows
2018-06-03 13:25:36 ----D---- C:\Windows\system32\catroot2
2018-06-03 01:11:56 ----D---- C:\Users\Petr\AppData\Roaming\MyPhoneExplorer
2018-06-02 11:54:49 ----D---- C:\Windows\system32\Tasks
2018-06-02 11:54:44 ----D---- C:\Windows\Tasks
2018-06-02 11:54:16 ----A---- C:\Windows\system.ini
2018-06-02 11:54:12 ----D---- C:\Windows\system32\drivers\etc
2018-06-02 11:53:54 ----D---- C:\ProgramData
2018-06-02 11:52:32 ----AD---- C:\ProgramData\TEMP
2018-06-02 11:52:23 ----D---- C:\Windows\SYSWOW64\drivers
2018-06-02 11:52:22 ----D---- C:\Program Files (x86)\Common Files
2018-06-02 11:33:32 ----D---- C:\Users\Petr\AppData\Roaming\IObit
2018-06-02 11:33:32 ----D---- C:\ProgramData\IObit
2018-06-02 09:01:47 ----D---- C:\ProgramData\Malwarebytes
2018-06-02 09:01:47 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-06-02 08:57:09 ----D---- C:\Program Files\CCleaner
2018-05-25 22:52:10 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2018-05-25 19:57:15 ----D---- C:\Program Files (x86)\Opera
2018-05-18 23:40:49 ----RD---- C:\Program Files (x86)
2018-05-13 18:45:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-05-13 18:45:18 ----D---- C:\Windows\system32\Macromed
2018-05-13 18:45:17 ----D---- C:\Windows\SYSWOW64\Macromed
2018-05-10 21:16:59 ----D---- C:\Windows\Microsoft.NET
2018-05-10 21:16:46 ----RSD---- C:\Windows\assembly
2018-05-10 21:02:39 ----D---- C:\ProgramData\Microsoft Help
2018-05-10 21:02:02 ----D---- C:\Windows\system32\MRT
2018-05-10 20:59:58 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-05-10 20:59:52 ----AC---- C:\Windows\system32\MRT.exe
2018-05-10 20:57:37 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-05-04 107344]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-04-11 645480]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-04-11 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 BfLwf;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bflwfx64.sys [2013-02-13 67888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-10-20 132848]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-05-04 78192]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-05-04 60544]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-10-20 102160]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2015-10-23 27552]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-05-04 50752]
R3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2010-02-04 14376]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-08-09 4928256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-14 3896920]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-31 450520]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w7x64.sys [2013-03-20 154320]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-03-20 118272]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-11-09 233904]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-12-15 59240]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-01-10 59752]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\Windows\system32\DRIVERS\lgandnetbus64.sys [2016-08-31 30208]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2016-08-24 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2016-08-24 37376]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\abc\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 esihdrv;esihdrv; \??\C:\Users\Petr\AppData\Local\Temp\esihdrv.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GPU-Z;GPU-Z; \??\C:\Users\Petr\AppData\Local\Temp\GPU-Z.sys []
S3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-10-25 14136]
S3 CH341SER_A64;CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [2011-11-04 58368]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-01-10 32104]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2017-08-13 20992]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys []
S3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys []
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-08-09 355232]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10 521064]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-07-23 937616]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-01-10 462696]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2013-08-08 343040]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-08-25 389896]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-07-23 410952]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe []
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-04-22 116224]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10 521064]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe []
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-04-11 160448]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-03-23 1590560]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-26 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-13 272384]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------

[Rudy]

Zdravím!
Jak je na tom váš oper. systém s legalitou?

[otomar]

Zdravím!
Jak je na tom váš oper. systém s legalitou?

Mám zakoupenou licenci, protože ho využívám i jako služební. Zdá se něco v nepořádku?

[Rudy]

Verzi Ultimate jen tak nenajdete na domácím PC. Je totiž proti běžné verzi Home cca 3x dražší, neboli pokud na domácím stroji vidím tuto verzi, je na 99% nelegální. Pokud je to legál, spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[otomar]

Verzi Ultimate jen tak nenajdete na domácím PC. Je totiž proti běžné verzi Home cca 3x dražší, neboli pokud na domácím stroji vidím tuto verzi, je na 99% nelegální. Pokud je to legál, spusťte tuto utilitu:

to je v pořádku, měl jsem možnost si vybrat OS dle libosti, tak jsem finance neřešil


Zde log z AdwCleaneru:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-07.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-10-2018
# Duration: 00:00:00
# OS: Windows 7 Ultimate
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2870 octets] - [02/06/2018 11:33:09]
AdwCleaner[C00].txt - [2599 octets] - [02/06/2018 11:33:34]
AdwCleaner[S01].txt - [1367 octets] - [10/06/2018 16:28:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Rudy]

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
C:\Windows\AutoKMS.exe

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Proč jste 2.6. spuštěl Combofix? CF je profi utilita, která v rukou laika může spůsobit nenapravitelné škody v systému. Navíc maže stopy po malware, takže v logu RSIT nezůstane ani stopa. Moc jste mi tímto nepomohl. Dále doporučuji odinstalovat AdvancedSystemCare. Tento optimizér vidí problémy i tam kde najsou as laik si jím pak snadno poškodí systém.

[otomar]

Za ten CF se omlouvám, byl to neuvážený krok AdvancedSystemCare už nemám, zřejmě něco zůstalo v registrech...

Zde nový log z RSIT:

Logfile of random's system information tool 1.16 (written by random/random)
Run by Petr at 2018-06-10 17:47:32
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 85 GB (37%) free of 228 GB
Total RAM: 8077 MB (75% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:47:33, on 10.6.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19003)
Boot mode: Normal

Running processes:
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
C:\Program Files\trend micro\Petr_RSITx64.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Windows\System32\schtasks.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9442 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
"C:\Program Files\Software Informer\softinfo.exe" -service
"C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0e15c163-4379-48e4-869c-0102db668b6e -SystemEventPortName:HostProcess-c60767ff-a055-4a96-8f80-b98b69e365e3 -IoCancelEventPortName:HostProcess-efa02545-018a-40d3-945b-c996a6ce9215 -NonStateChangingEventPortName:HostProcess-37933f47-53d5-489c-9b61-0905e95b605c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2296e8c2-035f-48fa-9132-f623ee0ec70d -DeviceGroupId:
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Petr\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Petr\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.79 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fefa0a3228,0x7fefa0a3238,0x7fefa0a3248
"C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE"
"C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3504 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1064,15911824498234111030,8574115777844894810,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=2D60C3BF612EDFAB43F3759B520B546C --mojo-platform-channel-handle=1076 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,15911824498234111030,8574115777844894810,131072 --service-pipe-token=DCD0342DDE650D79D6AA02A1A0F52A8F --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=DCD0342DDE650D79D6AA02A1A0F52A8F --renderer-client-id=3 --mojo-platform-channel-handle=2052 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,15911824498234111030,8574115777844894810,131072 --service-pipe-token=A7024D4D505AC3437453B2D996FF8E25 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=A7024D4D505AC3437453B2D996FF8E25 --renderer-client-id=4 --mojo-platform-channel-handle=2112 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,15911824498234111030,8574115777844894810,131072 --service-pipe-token=4353F60DB255014DA8E801850640A922 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4353F60DB255014DA8E801850640A922 --renderer-client-id=5 --mojo-platform-channel-handle=2124 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,15911824498234111030,8574115777844894810,131072 --service-pipe-token=836ABD0B5AF0A3007A36C7AFD4AB9E1A --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=836ABD0B5AF0A3007A36C7AFD4AB9E1A --renderer-client-id=6 --mojo-platform-channel-handle=2140 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,15911824498234111030,8574115777844894810,131072 --service-pipe-token=FDBB3EC499EA1CC15414AE79F08AA3FA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=FDBB3EC499EA1CC15414AE79F08AA3FA --renderer-client-id=8 --mojo-platform-channel-handle=2712 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "D:\Bad Gastein\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,15911824498234111030,8574115777844894810,131072 --service-pipe-token=BE79AB6A5532842D133A1F842499979D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=BE79AB6A5532842D133A1F842499979D --renderer-client-id=19 --mojo-platform-channel-handle=5344 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1064,15911824498234111030,8574115777844894810,131072 --service-pipe-token=6C3D45C86EA46E732DEDDFE137FF168B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6C3D45C86EA46E732DEDDFE137FF168B --renderer-client-id=20 --mojo-platform-channel-handle=4968 /prefetch:1
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Petr\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe -check pepperplugin
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
C:\Windows\system32\tasks\GIGABYTE OC GURU - "C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe"
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\Windows\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\Windows\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\Windows\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\Windows\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\Windows\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1421795409 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SoftwareInformerService - "C:\Program Files\Software Informer\softinfo.exe" -service
C:\Windows\system32\tasks\{01F4AA41-4985-4874-A36B-5D9257C6778E} - C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MGA3G8JN\TSCloudClientV2_EN_SetUp.exe" -d C:\Users\Petr\Desktop
C:\Windows\system32\tasks\{04496251-1A0F-4CD2-8707-A638E40CBFDA} - C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Desktop\MapSource 6.13.7\MapInstall.exe" -d "C:\Users\Petr\Desktop\MapSource 6.13.7"
C:\Windows\system32\tasks\{04788C21-A220-4C2D-9435-CEA433F12571} - C:\Windows\system32\pcalua.exe -a E:\Network\Intel\Autorun.exe -d E:\Network\Intel
C:\Windows\system32\tasks\{1A505E99-8078-46BB-A42C-459DCEE4138F} - C:\Windows\system32\pcalua.exe -a C:\Users\Petr\Desktop\winzip_12_0_cestina.exe -d C:\Users\Petr\Desktop
C:\Windows\system32\tasks\{2459CDDA-81F3-449A-B1BC-605096FF2705} - C:\Program Files\MyTourbook\mytourbook.exe
C:\Windows\system32\tasks\{29360F00-0865-4882-A421-43AC5D34EA1C} - C:\Users\Petr\Desktop\PedoMeter_W5.exe
C:\Windows\system32\tasks\{2D5576C8-9C9C-4EC7-A199-683CD8C60FBA} - D:\Office14\EXCEL.EXE
C:\Windows\system32\tasks\{31416C43-C7B0-4B13-85A8-21748A2845A1} - C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Desktop\MapSource 6.13.7\MapInstall.exe" -d "C:\Users\Petr\Desktop\MapSource 6.13.7"
C:\Windows\system32\tasks\{3CA172D6-E6A4-4011-8420-1FC011576CAE} - C:\Program Files (x86)\Garmin\VIRB Edit\VirbEdit.exe
C:\Windows\system32\tasks\{46FCE24A-A94A-4059-AC68-FD1CC2ADA7DA} - C:\Users\Petr\Desktop\PedoMeter_W5.exe
C:\Windows\system32\tasks\{561FFE33-2966-4016-8FE8-D12C9BCC213B} - C:\Program Files (x86)\LG Electronics\LG Bridge\LGBridge.exe
C:\Windows\system32\tasks\{58646C80-D156-488A-B321-25C6B3C8691E} - C:\Windows\system32\pcalua.exe -a C:\Users\Petr\Desktop\MapSource\Setup.exe -d C:\Users\Petr\Desktop\MapSource
C:\Windows\system32\tasks\{5897BCF3-6F1F-4390-9C29-A32CDF9D1910} - C:\Windows\system32\pcalua.exe -a E:\loader.exe -d E:\
C:\Windows\system32\tasks\{611F4D47-EED1-483B-ADB0-3A3504C88405} - C:\Program Files\MyTourbook\mytourbook.exe
C:\Windows\system32\tasks\{7ACE7626-B375-4C70-A1CE-59A09DBA5607} - D:\From P4\VoloVEm.exe
C:\Windows\system32\tasks\{92575847-A86A-4A00-B97A-259FA6FFC56B} - C:\Windows\system32\pcalua.exe -a "C:\Garmin\MapSource 6.13.7\MapSource.exe" -d "C:\Garmin\MapSource 6.13.7"
C:\Windows\system32\tasks\{A6DE8ED7-2E3B-4655-8EF1-5765E70E107E} - C:\Windows\system32\pcalua.exe -a C:\Users\Petr\Downloads\outlook-express-ms-windows-mail.exe -d C:\Users\Petr\Downloads
C:\Windows\system32\tasks\{A8C4ED21-A209-4B36-A41D-608B4E551370} - G:\DTLplus_Launcher.exe
C:\Windows\system32\tasks\{BBD68DE5-6924-4637-8144-959058E52A1D} - C:\Users\Petr\Desktop\PedoMeter_W5.exe
C:\Windows\system32\tasks\{C3D80990-8734-4EE1-B93D-891CB738446D} - C:\Windows\system32\pcalua.exe -a "C:\Users\Petr\Desktop\MapSource 6.13.7\MapInstall.exe" -d "C:\Users\Petr\Desktop\MapSource 6.13.7"
C:\Windows\system32\tasks\{C9A38327-C5B5-479C-AAFF-DAF011E5B11C} - C:\Program Files (x86)\GearWatchDesigner\GearWatchDesigner.exe
C:\Windows\system32\tasks\{D6EE1911-689D-4E53-8A50-F9AB2A0B3582} - C:\Program Files\MyTourbook\mytourbook.exe
C:\Windows\system32\tasks\{E06B7B61-932A-4B8F-942B-8DD20B16E9C2} - C:\Windows\system32\pcalua.exe -a C:\MapSource_6154.exe -d C:\
C:\Windows\system32\tasks\{E8E633D5-8A5A-4944-B182-9E40719BA229} - G:\DTLplus_Launcher.exe
C:\Windows\system32\tasks\{ED333A30-48A9-446F-8303-460C90EAA1FF} - C:\Windows\system32\pcalua.exe -a "D:\From P4\VoloVEm.exe" -d "D:\From P4"
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2931756652-2467188594-2397017789-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Google Chrome=========

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapbdbdomjkkjkaonfhkkikfgjllcleb 1 Překladač Google 2.0.7
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension ahjaciijnoiaklcomgnblndopackapon 1 Identity API Scope Approval UI 1.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfogiafebfohielmmehodmfbbebbbpei 0 Keeper® Password Manager & Digital Vault 12.0.1
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.3
Extension ehebfpjkmkfjlfffcmnejglggpmpgclb
Extension ekkomjfglgnfeeachhdckcbgjhfiahco 0
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension epejdmjgfibjaffbmojllapapjejipkh 1 Samsung Internet 2.2.9
Extension gbchcmhmhahfdphkhkmpfmihenigjmpp 0 Vzdálená plocha Chrome 63.0.3239.17
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gheikhdfflhlbemfmhcfpeblehemeklp 0 Planetarium 1.1.3
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.30.1
Extension gmbmikajjgmnabiglmofipeabaddhgne 1 Uložit na Disk Google 2.1.1
Extension gnanofkheadcljeljcdajphiajpomcmd 0 TypeRacer 3.1
Extension gnlacfdajilfdkeppfmeongfefcpnaie 0 Socio 1.0.1
Extension hjaooagfdhdhmbfchnkhggjmacjlacla 0 Tabs to the front! 0.2.4
Extension hmjkmjkepdijhoojdojkdfohbdgmmhki 1 Google Keep – poznámky a seznamy 3.1.18224.1199
Extension ignfpjbikbaamkhplcbcocphokmcgjcg
Extension jpcmhcelnjdmblfmjabdeclccemkghjk 1 View image 2
Extension kaafoaobjaplofpihlhbcbcjhmgnjplf 0 Sticky Password Autofill Engine 3.0.0.669
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension lbfehkoinhhcknnbdgnnmjhiladcgbol 1 Evernote Web 1.0.8
Extension ljphpjlafmmdmegmfbkacafhbegjfkkn 1 Top Eleven 2.0.0.5
Extension lneaknkopdijkpnocmklfnjbeapigfbh 1 Mapy Google 5.4.1
Extension loopacbjaigjkjdhjfkhebdhfgdmgjdc 1 Day by Day 1.8.5
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.8
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6718.423.0.0
Homepage: http://www.google.cz/
default_search_provider.search_url:
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-20 571968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-20 235584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25 187968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-14 13671792]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmdS.exe /launch /hide []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2018-06-06 1588568]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09 1183256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 10]
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe /Auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu]
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2017-07-05 1313408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2018-06-06 1588568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySELECT.exe]
C:\Program Files\Common Files\Bentley Shared\CONNECTION client\Bentley.Connect.Client.exe [2016-02-05 493016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSUAMain]
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SideSync]
C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [2017-05-29 12471968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
C:\Program Files\Software Informer\softinfo.exe [2015-06-26 1634304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2017-03-23 3019552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickyPassword]
C:\Program Files (x86)\Sticky Password\stpass.exe [2016-10-10 64000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12 587288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HandyAndy.lnk]
C:\Program Files\Andy\HandyAndy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk]
C:\Windows\Installer\{401FADAA-1C16-4721-9F02-19067E1A1CA8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe [2015-10-23 72040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 9.0 SE.lnk]
C:\PROGRA~2\COMMON~1\PANASO~1\PHOTOF~1\AUTOST~1.EXE -e C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 9.0 SE\PHOTOfunSTUDIO.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
D:\Programy\WZQKPICK.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FacebookGamesNotifier.exe.lnk]
C:\Users\Petr\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Password Safe.lnk]
C:\PROGRA~2\PASSWO~1\pwsafe.exe -s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
D:\Office14\ONENOTEM.EXE [2015-10-13 228552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VICTORY Gaming Keyboard"=C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [2013-04-09 270336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Windows\System32\schtasks.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoThumbnailCache"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutorun"=158
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux5"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1

====== List of files/folders created in the last 1 month ======

2018-06-10 17:42:11 ----D---- C:\_OTM
2018-06-07 20:26:21 ----D---- C:\Program Files\trend micro
2018-06-07 20:26:20 ----D---- C:\rsit
2018-06-03 22:09:01 ----SHD---- C:\$RECYCLE.BIN
2018-06-03 22:00:50 ----SD---- C:\Uninstal
2018-06-03 13:26:44 ----A---- C:\Windows\system32\mshtml.dll
2018-06-03 13:26:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-06-03 13:26:43 ----A---- C:\Windows\system32\ieframe.dll
2018-06-03 13:26:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-06-03 13:26:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-06-03 13:26:42 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-06-03 13:26:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-06-03 13:26:42 ----A---- C:\Windows\system32\wininet.dll
2018-06-03 13:26:42 ----A---- C:\Windows\system32\win32k.sys
2018-06-03 13:26:42 ----A---- C:\Windows\system32\jscript9.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-06-03 13:26:41 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\wudriver.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\wucltux.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\wuaueng.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\winload.exe
2018-06-03 13:26:41 ----A---- C:\Windows\system32\vbscript.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\urlmon.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\TSpkg.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\srvsvc.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\rpcss.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\oleaut32.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-06-03 13:26:41 ----A---- C:\Windows\system32\msfeeds.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\jscript.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\iertutil.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-06-03 13:26:41 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-06-03 13:26:41 ----A---- C:\Windows\system32\drivers\srv.sys
2018-06-03 13:26:41 ----A---- C:\Windows\system32\comsvcs.dll
2018-06-03 13:26:41 ----A---- C:\Windows\system32\clfs.sys
2018-06-03 13:26:41 ----A---- C:\Windows\system32\catsrvut.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\itss.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\itircl.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\hhsetup.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\hh.exe
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-06-03 13:26:40 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\wups2.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\wups.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\webcheck.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\ole32.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\ntdll.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-03 13:26:40 ----A---- C:\Windows\system32\msrating.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\mshtmled.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\jscript9diag.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\itss.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\itircl.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\ieui.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\iesetup.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\iedkcs32.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\ie4uinit.exe
2018-06-03 13:26:40 ----A---- C:\Windows\system32\hhsetup.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\hal.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\dxtrans.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\dxtmsft.dll
2018-06-03 13:26:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-06-03 13:26:40 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-06-03 13:26:40 ----A---- C:\Windows\system32\certcli.dll
2018-06-03 13:26:40 ----A---- C:\Windows\hh.exe
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-03 13:26:39 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\wups.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\sscore.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-06-03 13:26:39 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wuwebv.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wuauclt.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wuapp.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wuapi.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wow64win.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wow64cpu.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wow64.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\winsrv.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\WinSetupUI.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\wdigest.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\sspisrv.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\sspicli.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\sscore.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\srcore.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\srclient.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\smss.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\schannel.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\secur32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\rstrui.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\rpchttp.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\rpcrt4.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\oleres.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\occache.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ntvdm64.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ncrypt.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\msv1_0.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\lsass.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\lsasrv.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\KernelBase.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\kernel32.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\kerberos.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\jsproxy.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\inseng.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ieUnatt.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\iernonce.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\ieapfltr.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-06-03 13:26:39 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-06-03 13:26:39 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-06-03 13:26:39 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-06-03 13:26:39 ----A---- C:\Windows\system32\drivers\appid.sys
2018-06-03 13:26:39 ----A---- C:\Windows\system32\csrsrv.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\cryptbase.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\credssp.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\conhost.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\comcat.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\bcrypt.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\auditpol.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\appidsvc.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-06-03 13:26:39 ----A---- C:\Windows\system32\appidapi.dll
2018-06-03 13:26:39 ----A---- C:\Windows\system32\advapi32.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-03 13:26:38 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\user.exe
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-06-03 13:26:38 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-06-03 13:26:38 ----A---- C:\Windows\system32\tzres.dll
2018-06-03 13:26:38 ----A---- C:\Windows\system32\msobjs.dll
2018-06-03 13:26:38 ----A---- C:\Windows\system32\msaudite.dll
2018-06-03 13:26:38 ----A---- C:\Windows\system32\apisetschema.dll
2018-06-03 13:26:38 ----A---- C:\Windows\system32\adtschema.dll
2018-06-02 11:55:30 ----D---- C:\Windows\temp
2018-06-02 11:55:29 ----A---- C:\CF.txt
2018-06-02 11:42:48 ----A---- C:\Windows\zip.exe
2018-06-02 11:42:48 ----A---- C:\Windows\SWSC.exe
2018-06-02 11:42:48 ----A---- C:\Windows\SWREG.exe
2018-06-02 11:42:48 ----A---- C:\Windows\sed.exe
2018-06-02 11:42:48 ----A---- C:\Windows\PEV.exe
2018-06-02 11:42:48 ----A---- C:\Windows\NIRCMD.exe
2018-06-02 11:42:48 ----A---- C:\Windows\MBR.exe
2018-06-02 11:42:48 ----A---- C:\Windows\grep.exe
2018-06-02 11:42:38 ----D---- C:\Windows\erdnt
2018-06-02 11:32:53 ----D---- C:\AdwCleaner
2018-06-02 09:01:42 ----D---- C:\ProgramData\MB2Migration
2018-06-02 08:46:37 ----D---- C:\ProgramData\ESET

====== List of files/folders modified in the last 1 month ======

2018-06-10 17:44:22 ----D---- C:\ProgramData\NVIDIA
2018-06-10 17:44:02 ----D---- C:\Windows\system32\config
2018-06-10 17:40:33 ----RD---- C:\Program Files (x86)
2018-06-10 16:36:48 ----D---- C:\Windows\System32
2018-06-10 16:36:48 ----D---- C:\Windows\inf
2018-06-10 16:36:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-06-10 16:30:09 ----D---- C:\Windows\system32\Tasks
2018-06-10 16:26:55 ----RD---- C:\Program Files
2018-06-10 16:26:54 ----D---- C:\Windows\system32\drivers
2018-06-10 16:26:54 ----D---- C:\ProgramData\Malwarebytes
2018-06-08 18:19:41 ----SHD---- C:\System Volume Information
2018-06-06 19:47:29 ----D---- C:\Windows\rescache
2018-06-04 21:58:39 ----D---- C:\ProgramData\CanonIJPLM
2018-06-03 22:10:55 ----SHD---- C:\Windows\Installer
2018-06-03 22:10:55 ----D---- C:\Windows\system32\DriverStore
2018-06-03 22:06:21 ----D---- C:\Windows\winsxs
2018-06-03 22:05:29 ----D---- C:\Windows\SYSWOW64\en-US
2018-06-03 22:05:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-06-03 22:05:29 ----D---- C:\Windows\SysWOW64
2018-06-03 22:05:29 ----D---- C:\Program Files\Internet Explorer
2018-06-03 22:05:29 ----D---- C:\Program Files (x86)\Internet Explorer
2018-06-03 22:05:28 ----D---- C:\Windows\system32\en-US
2018-06-03 22:05:28 ----D---- C:\Windows\system32\drivers\en-US
2018-06-03 22:05:28 ----D---- C:\Windows\system32\cs-CZ
2018-06-03 22:05:28 ----D---- C:\Windows\system32\Boot
2018-06-03 22:05:28 ----D---- C:\Windows\AppPatch
2018-06-03 22:05:28 ----D---- C:\Windows
2018-06-03 13:25:36 ----D---- C:\Windows\system32\catroot2
2018-06-03 01:11:56 ----D---- C:\Users\Petr\AppData\Roaming\MyPhoneExplorer
2018-06-02 11:54:44 ----D---- C:\Windows\Tasks
2018-06-02 11:54:16 ----A---- C:\Windows\system.ini
2018-06-02 11:54:12 ----D---- C:\Windows\system32\drivers\etc
2018-06-02 11:53:54 ----D---- C:\ProgramData
2018-06-02 11:52:32 ----AD---- C:\ProgramData\TEMP
2018-06-02 11:52:23 ----D---- C:\Windows\SYSWOW64\drivers
2018-06-02 11:52:22 ----D---- C:\Program Files (x86)\Common Files
2018-06-02 11:33:32 ----D---- C:\Users\Petr\AppData\Roaming\IObit
2018-06-02 11:33:32 ----D---- C:\ProgramData\IObit
2018-06-02 09:01:47 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-06-02 08:57:09 ----D---- C:\Program Files\CCleaner
2018-05-25 22:52:10 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2018-05-25 19:57:15 ----D---- C:\Program Files (x86)\Opera
2018-05-13 18:45:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-05-13 18:45:18 ----D---- C:\Windows\system32\Macromed
2018-05-13 18:45:17 ----D---- C:\Windows\SYSWOW64\Macromed

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-05-04 107344]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-04-11 645480]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-04-11 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 BfLwf;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bflwfx64.sys [2013-02-13 67888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-10-20 132848]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-05-04 78192]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-05-04 60544]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-10-20 102160]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2015-10-23 27552]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-05-04 50752]
R3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2010-02-04 14376]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-08-09 4928256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-03-14 3896920]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-31 450520]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w7x64.sys [2013-03-20 154320]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-03-20 118272]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-11-09 233904]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-12-15 59240]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-01-10 59752]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\Windows\system32\DRIVERS\lgandnetbus64.sys [2016-08-31 30208]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2016-08-24 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2016-08-24 37376]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\abc\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 esihdrv;esihdrv; \??\C:\Users\Petr\AppData\Local\Temp\esihdrv.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GPU-Z;GPU-Z; \??\C:\Users\Petr\AppData\Local\Temp\GPU-Z.sys []
S3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-10-25 14136]
S3 CH341SER_A64;CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [2011-11-04 58368]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-01-10 32104]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2017-08-13 20992]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys []
S3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys []
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-08-09 355232]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10 521064]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-07-23 937616]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-01-10 462696]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2013-08-08 343040]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-08-25 389896]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-07-23 410952]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe []
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-04-22 116224]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10 521064]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe []
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-04-11 160448]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-03-23 1590560]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-26 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-13 272384]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------

[Rudy]

OK. Nastala nějaká změna?

[otomar]

Bohužel, problém instalace ESETu přetrvává opět se na konci přerušila

[Rudy]

Zkuste projet odinstalátorem Esetu PC: https://download.eset.com/com/eset/tool ... taller.exe .

[otomar]

Projeto, ale žádná změna - při instalaci opět hláška, že ESET byl kvůli chybě předčasně ukončen

[Rudy]

Zkuste projít tento návod: https://forum.viry.cz/viewtopic.php?f=60&t=125610 . Je to rada přímo od technika Esetu, sice na starší verzi, obecně by však měla platit.

[otomar]

Super - vyřešeno
Po několika pokusech s uninstallerem a vyčištění registrů od zbytků ESETu a po stáhnutí nejnovější verze ESETu je vše v pořádku. Jen mne zaráží, že z "ničehonic" byl ESET v květnu odinstalován....
Teď je vše v pořádku a ESET beží jak má.
Jak mohu odinstalovat Adwcleaner a OTM?

[Rudy]

To jsem rád. Adw spusťte a v levém roletovém menu klikněte na odinstalovat. OTM rovněž spusťte a klikněte na CleanUp!

[otomar]

Ještě jednou děkuji za ochotu, rád přispěji na provoz