Ntb se občas seká

[curt-xx]

Dobrý den, prosím o kontrolu logu.

Poměrně nivý ntb se mi začal teď občas sekat při načítání wordu či se po startu a najetí do windows zobrazuje jen ukazatel mysi na cerne strance(mohu vselijak pohybovat) a pomuze pouze restart. Nevim, zda se to nemohlo rozhodit nejakou aktualizaci windowsu. Predem moc dekuji


Logfile of random's system information tool 1.16 (written by random/random)
Run by UZIVATEL at 2018-07-03 18:21:15
Microsoft Windows 10 Home
System drive C: has 22 GB (18%) free of 122 GB
Total RAM: 3992 MB (33% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:21:17, on 03.07.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Users\UZIVATEL\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\UZIVATEL_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Nike+ Connect] "C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\UZIVATEL\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [OPENVPN-GUI] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ASUS Flip Service - ASUS - C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @oem41.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem25.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: OpenVPNService - - C:\Program Files\OpenVPN\bin\openvpnserv2.exe
O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: OpenVPN Legacy Service (OpenVPNServiceLegacy) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 11669 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a94902ac-523c-4804-adb0-cf7ae0dfe635 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-68a0b797-d506-48f4-aa0c-faece897cb08 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a971ad4b-db33-41b4-8bb1-5e0ee7773433 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e90103c6-bfa3-4a26-b2b5-efb22c3bfd72 -LifetimeId:828cadc9-6f1b-4052-accd-aec3302ebefa -DeviceGroupId:
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5d2131dd-3011-41bf-b9f4-18aa153431b1 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-61a04ffc-6025-4d40-bad2-a335074e76a9 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-940804f1-ea46-4f61-9e25-177bd5804eb8 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f97d4b3e-7100-4531-9b84-e43350c1c8d8 -LifetimeId:fc63f958-3496-4d88-bb6e-41cc2d969c17 -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SensrSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x3f4
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\SysWOW64\esif_uf.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\ibtsiva.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
"c:\program files\openvpn\bin\openvpnserv.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\ASUS\ASUS FlipLock\FlipControlPTP.exe"
"C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\UZIVATEL\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\OpenVPN\bin\openvpn-gui.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9148.0.1583374416\1910135322" -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" "C:\Users\UZIVATEL\AppData\LocalLow\Mozilla\Temp-{e9af16ae-8ef0-4297-b8e3-22a6f959c9e5}" 9148 "\\.\pipe\gecko-crash-server-pipe.9148" 1496 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9148.3.498948646\1611312147" -childID 1 -isForBrowser -boolPrefs 299:0| -stringPrefs 285:38;{e9af16ae-8ef0-4297-b8e3-22a6f959c9e5}| -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 9148 "\\.\pipe\gecko-crash-server-pipe.9148" 2032 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9148.20.1351805739\1803515608" -childID 3 -isForBrowser -boolPrefs 299:0| -stringPrefs 285:38;{e9af16ae-8ef0-4297-b8e3-22a6f959c9e5}| -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 9148 "\\.\pipe\gecko-crash-server-pipe.9148" 3524 tab
"C:\Program Files\ASUS\ASUS FlipLock\WifiPowerManager.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9148.27.2109328925\728835122" -childID 4 -isForBrowser -boolPrefs 299:0| -stringPrefs 285:38;{e9af16ae-8ef0-4297-b8e3-22a6f959c9e5}| -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 9148 "\\.\pipe\gecko-crash-server-pipe.9148" 8212 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="9148.34.1578473614\1957503015" -childID 5 -isForBrowser -boolPrefs 299:0| -stringPrefs 285:38;{e9af16ae-8ef0-4297-b8e3-22a6f959c9e5}| -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 9148 "\\.\pipe\gecko-crash-server-pipe.9148" 7812 tab
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\Windows\System32\DataExchangeHost.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\WINDOWS\system32\wermgr.exe -upload
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 752 756 764 8192 760
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\UZIVATEL\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

====== Scheduled tasks folder ======

C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe -check plugin
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\ASUS Splendid ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\tasks\ASUS USB Charger Plus - "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\system32\tasks\ATK Package 36D18D69AFC3 - "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" -CancelShutdown
C:\WINDOWS\system32\tasks\ATK Package A22126881260 - "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"
C:\WINDOWS\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CheckFlipService - "C:\Program Files\ASUS\ASUS FlipLock\CheckFlipService.exe"
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-3478384942-2814482159-1948803514-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Recovery-Check - %SystemRoot%\System32\dsregcmd.exe /checkrecovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr - %windir%\System32\UNP\UpdateNotificationMgr.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\HeadsetButtonPress - %windir%\system32\speech_onecore\common\SpeechRuntime.exe StartedFromTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Setup\Notifier - %windir%\system32\Notifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\LoginCheck - %windir%\system32\sc.exe start pushtoinstall login
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\Registration - %windir%\system32\sc.exe start pushtoinstall registration
C:\WINDOWS\system32\tasks\Microsoft\Windows\Printing\EduPrintProv - %windir%\system32\eduprintprov.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\HelloFace\FODCleanupTask - %WinDir%\System32\WinBioPlugIns\FaceFodUninstaller.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\DirectX\DXGIAdapterCache - %windir%\system32\dxgiadaptercache.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Chkdsk\SyspartRepair - %windir%\system32\bcdboot.exe %windir% /sysrepair
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates 2.0 - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /frequentupdate SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeOsfInstaller - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload

=========Mozilla firefox=========

ProfilePath - C:\Users\UZIVATEL\AppData\Roaming\Mozilla\Firefox\Profiles\0j4gj9kz.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\UZIVATEL\AppData\Roaming\Mozilla\Firefox\Profiles\0j4gj9kz.default\addons.json

C:\Users\UZIVATEL\AppData\Roaming\Mozilla\Firefox\Profiles\0j4gj9kz.default\extensions.json
Activity Stream - extension - activity-stream@mozilla.org -
Application Update Service Helper - extension - aushelper@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Form Autofill - extension - formautofill@mozilla.org -
Photon onboarding - extension - onboarding@mozilla.org -
Firefox Screenshots - extension - screenshots@mozilla.org -
Web Compat - extension - webcompat@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -
TLS 1.3 gradual roll-out fallback-limit - extension - tls13-version-fallback-rollout-bug1462099@mozilla.org -

C:\Users\UZIVATEL\AppData\Roaming\Mozilla\Firefox\Profiles\0j4gj9kz.default\pluginreg.dat
Plugin - Shockwave Flash - 30.0.0.113 - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll

=========Google Chrome=========

C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.8
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6718.423.0.0
Homepage:
default_search_provider.search_url:
C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-06-29 202424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-29 149168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2018-01-12 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-12 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2018-04-19 178496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\UZIVATEL\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-06-22 1628840]
"OPENVPN-GUI"=C:\Program Files\OpenVPN\bin\openvpn-gui.exe [2017-09-26 643200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-05-24 18364648]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nike+ Connect"=C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [2015-10-10 71680]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2116-02-17 01:17:24 ----D---- C:\WINDOWS\SoftwareDistribution
2116-02-17 01:15:34 ----SHD---- C:\ProgramData\Šablony
2116-02-17 01:15:34 ----SHD---- C:\ProgramData\Plocha
2116-02-17 01:15:34 ----SHD---- C:\ProgramData\Nabídka Start
2116-02-17 01:15:34 ----SHD---- C:\ProgramData\Dokumenty
2116-02-17 01:15:34 ----SHD---- C:\ProgramData\Data aplikací
2116-02-17 01:15:34 ----SHD---- C:\Documents and Settings
2116-02-17 01:14:19 ----HD---- C:\Program Files\Uninstall Information
2116-02-17 01:14:00 ----SHD---- C:\System Volume Information
2018-07-03 18:19:31 ----D---- C:\rsit
2018-07-03 18:19:31 ----D---- C:\Program Files\trend micro
2018-06-13 15:00:07 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-06-13 15:00:06 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-06-13 15:00:06 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-06-13 15:00:05 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-06-13 15:00:05 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-06-13 15:00:05 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-06-13 15:00:05 ----A---- C:\WINDOWS\system32\cdp.dll
2018-06-13 15:00:04 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-06-13 15:00:04 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-13 15:00:03 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-06-13 15:00:03 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-13 15:00:03 ----A---- C:\WINDOWS\system32\tquery.dll
2018-06-13 15:00:03 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-06-13 15:00:03 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-06-13 15:00:03 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-06-13 15:00:02 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-06-13 15:00:02 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-06-13 15:00:02 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-06-13 15:00:02 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-06-13 15:00:01 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-06-13 15:00:01 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-06-13 15:00:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-06-13 15:00:00 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-06-13 15:00:00 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-06-13 15:00:00 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-06-13 14:59:59 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-06-13 14:59:59 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-06-13 14:59:59 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2018-06-13 14:59:59 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-13 14:59:59 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-13 14:59:58 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-06-13 14:59:58 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-06-13 14:59:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-06-13 14:59:56 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-06-13 14:59:56 ----A---- C:\WINDOWS\system32\msi.dll
2018-06-13 14:59:55 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-06-13 14:59:55 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-06-13 14:59:55 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-06-13 14:59:54 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-06-13 14:59:54 ----A---- C:\WINDOWS\system32\jscript.dll
2018-06-13 14:59:53 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-06-13 14:59:53 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-06-13 14:59:53 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-06-13 14:59:52 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-13 14:59:52 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-06-13 14:59:52 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-13 14:59:51 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-06-13 14:59:51 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-06-13 14:59:51 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-06-13 14:59:51 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-13 14:59:50 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-06-13 14:59:50 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-06-13 14:59:50 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-06-13 14:59:50 ----A---- C:\WINDOWS\system32\comsvcs.dll
2018-06-13 14:59:49 ----A---- C:\WINDOWS\system32\wininet.dll
2018-06-13 14:59:49 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-06-13 14:59:49 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-06-13 14:59:48 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-13 14:59:48 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-06-13 14:59:48 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-06-13 14:59:44 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-06-13 14:59:43 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-13 14:59:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 14:59:42 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-06-13 14:59:42 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-06-13 14:59:41 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-06-13 14:59:40 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-06-13 14:59:39 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-06-13 14:59:38 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-13 14:59:37 ----A---- C:\WINDOWS\system32\shell32.dll
2018-06-13 14:59:36 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-06-13 14:59:36 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-06-13 14:59:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2018-06-13 14:59:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2018-06-13 14:59:35 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-13 14:59:35 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-06-13 14:59:35 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-06-13 14:59:35 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-06-13 14:59:34 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-13 14:59:34 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-06-13 14:59:24 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-13 14:59:21 ----A---- C:\WINDOWS\system32\sppsvc.exe
2018-06-13 14:59:19 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-06-13 14:59:19 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-06-13 14:59:18 ----A---- C:\WINDOWS\system32\rpcss.dll
2018-06-13 14:59:18 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-06-13 14:59:18 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2018-06-13 14:59:17 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-06-13 14:59:17 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-06-13 14:59:17 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-13 14:59:17 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-13 14:59:17 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-13 14:59:17 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-06-13 14:59:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-06-13 14:59:16 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2adec.dll
2018-06-13 14:59:16 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-13 14:59:16 ----A---- C:\WINDOWS\system32\winload.exe
2018-06-13 14:59:16 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-13 14:59:16 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-06-13 14:59:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2018-06-13 14:59:15 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2018-06-13 14:59:14 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-06-13 14:59:14 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-06-13 14:59:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-13 14:59:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-13 14:59:14 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2018-06-13 14:59:13 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-06-13 14:59:13 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-06-13 14:59:13 ----A---- C:\WINDOWS\system32\combase.dll
2018-06-13 14:59:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-06-13 14:59:11 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2018-06-13 14:59:11 ----A---- C:\WINDOWS\system32\OpcServices.dll
2018-06-13 14:59:11 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-06-13 14:59:11 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-06-13 14:59:10 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2018-06-13 14:59:10 ----A---- C:\WINDOWS\system32\wpnapps.dll
2018-06-13 14:59:10 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2018-06-13 14:59:10 ----A---- C:\WINDOWS\system32\CoreShell.dll
2018-06-13 14:59:10 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-06-13 14:59:09 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2018-06-13 14:59:09 ----A---- C:\WINDOWS\system32\WMVCORE.DLL
2018-06-13 14:59:09 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-13 14:59:09 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-06-13 14:59:08 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-13 14:59:08 ----A---- C:\WINDOWS\system32\d3d11.dll
2018-06-13 14:59:07 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-06-13 14:59:07 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-13 14:59:07 ----A---- C:\WINDOWS\system32\uDWM.dll
2018-06-13 14:59:07 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-06-13 14:59:07 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-13 14:59:07 ----A---- C:\WINDOWS\system32\d2d1.dll
2018-06-13 14:59:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2018-06-13 14:59:05 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2018-06-13 14:59:05 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2018-06-13 14:59:05 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-06-13 14:59:05 ----A---- C:\WINDOWS\system32\d3d9.dll
2018-06-13 14:59:04 ----A---- C:\WINDOWS\SYSWOW64\MSAudDecMFT.dll
2018-06-13 14:59:04 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-06-13 14:59:04 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2018-06-13 14:59:04 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-13 14:59:04 ----A---- C:\WINDOWS\system32\audiosrv.dll
2018-06-13 14:59:03 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2018-06-13 14:59:03 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2018-06-13 14:59:02 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2018-06-13 14:59:02 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-13 14:59:01 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-06-13 14:59:01 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-06-13 14:59:01 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-06-13 14:59:01 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-13 14:59:01 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-13 14:59:00 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2018-06-13 14:59:00 ----A---- C:\WINDOWS\system32\usocore.dll
2018-06-13 14:59:00 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-06-13 14:59:00 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2018-06-13 14:59:00 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-06-13 14:59:00 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2018-06-13 14:59:00 ----A---- C:\WINDOWS\system32\AudioSes.dll
2018-06-13 14:58:59 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2018-06-13 14:58:59 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2018-06-13 14:58:59 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-13 14:58:59 ----A---- C:\WINDOWS\system32\mf.dll
2018-06-13 14:58:59 ----A---- C:\WINDOWS\system32\InstallService.dll
2018-06-13 14:58:59 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-13 14:58:59 ----A---- C:\WINDOWS\system32\D3D12.dll
2018-06-13 14:58:58 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2018-06-13 14:58:58 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-06-13 14:58:58 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-06-13 14:58:58 ----A---- C:\WINDOWS\system32\msftedit.dll
2018-06-13 14:58:57 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2018-06-13 14:58:57 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2018-06-13 14:58:57 ----A---- C:\WINDOWS\system32\ISM.dll
2018-06-13 14:58:57 ----A---- C:\WINDOWS\system32\dxgi.dll
2018-06-13 14:58:57 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-13 14:58:57 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-06-13 14:58:57 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2018-06-13 14:58:56 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2018-06-13 14:58:56 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2018-06-13 14:58:56 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-06-13 14:58:56 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-06-13 14:58:56 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-13 14:58:56 ----A---- C:\WINDOWS\system32\propsys.dll
2018-06-13 14:58:56 ----A---- C:\WINDOWS\system32\mfsvr.dll
2018-06-13 14:58:56 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-13 14:58:56 ----A---- C:\WINDOWS\system32\AudioEng.dll
2018-06-13 14:58:55 ----A---- C:\WINDOWS\SYSWOW64\WMVCORE.DLL
2018-06-13 14:58:55 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2018-06-13 14:58:55 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2018-06-13 14:58:55 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2018-06-13 14:58:55 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-13 14:58:55 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-13 14:58:55 ----A---- C:\WINDOWS\system32\audiodg.exe
2018-06-13 14:58:54 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2018-06-13 14:58:54 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2018-06-13 14:58:54 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2018-06-13 14:58:54 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-06-13 14:58:54 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-06-13 14:58:54 ----A---- C:\WINDOWS\system32\dui70.dll
2018-06-13 14:58:54 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2018-06-13 14:58:53 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-06-13 14:58:53 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-06-13 14:58:53 ----A---- C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-13 14:58:53 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-06-13 14:58:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2018-06-13 14:58:52 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2018-06-13 14:58:52 ----A---- C:\WINDOWS\system32\WinTypes.dll
2018-06-13 14:58:52 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2018-06-13 14:58:52 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-13 14:58:52 ----A---- C:\WINDOWS\system32\mfds.dll
2018-06-13 14:58:52 ----A---- C:\WINDOWS\system32\esent.dll
2018-06-13 14:58:52 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2018-06-13 14:58:51 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2018-06-13 14:58:51 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2018-06-13 14:58:51 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2018-06-13 14:58:51 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2018-06-13 14:58:51 ----A---- C:\WINDOWS\system32\winresume.exe
2018-06-13 14:58:51 ----A---- C:\WINDOWS\system32\webservices.dll
2018-06-13 14:58:51 ----A---- C:\WINDOWS\system32\SHCore.dll
2018-06-13 14:58:51 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2018-06-13 14:58:51 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-06-13 14:58:51 ----A---- C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-06-13 14:58:51 ----A---- C:\WINDOWS\system32\ci.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\SYSWOW64\webservices.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\system32\ReAgent.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\system32\CPFilters.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-06-13 14:58:50 ----A---- C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-13 14:58:49 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2018-06-13 14:58:49 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-06-13 14:58:49 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2018-06-13 14:58:49 ----A---- C:\WINDOWS\SYSWOW64\dui70.dll
2018-06-13 14:58:49 ----A---- C:\WINDOWS\system32\wevtutil.exe
2018-06-13 14:58:49 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2018-06-13 14:58:49 ----A---- C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-13 14:58:49 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2018-06-13 14:58:49 ----A---- C:\WINDOWS\system32\msdtctm.dll
2018-06-13 14:58:49 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-06-13 14:58:49 ----A---- C:\WINDOWS\system32\drivers\crashdmp.sys
2018-06-13 14:58:49 ----A---- C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-13 14:58:49 ----A---- C:\WINDOWS\system32\credprovs.dll
2018-06-13 14:58:49 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-06-13 14:58:48 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2018-06-13 14:58:48 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2018-06-13 14:58:48 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2018-06-13 14:58:48 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2018-06-13 14:58:48 ----A---- C:\WINDOWS\system32\systemreset.exe
2018-06-13 14:58:48 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-13 14:58:48 ----A---- C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-06-13 14:58:48 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2018-06-13 14:58:48 ----A---- C:\WINDOWS\system32\DXP.dll
2018-06-13 14:58:48 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2018-06-13 14:58:47 ----RSH---- C:\WINDOWS\fonts\StaticCache.dat
2018-06-13 14:58:46 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2018-06-13 14:58:46 ----A---- C:\WINDOWS\system32\rasplap.dll
2018-06-13 14:58:46 ----A---- C:\WINDOWS\system32\FrameServer.dll
2018-06-13 14:58:46 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2018-06-13 14:58:46 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-06-13 14:58:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2018-06-13 14:58:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-06-13 14:58:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2018-06-13 14:58:45 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-06-13 14:58:45 ----A---- C:\WINDOWS\SYSWOW64\LanguageOverlayUtil.dll
2018-06-13 14:58:45 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2018-06-13 14:58:45 ----A---- C:\WINDOWS\system32\skci.dll
2018-06-13 14:58:45 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-06-13 14:58:45 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2018-06-13 14:58:44 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-06-13 14:58:44 ----A---- C:\WINDOWS\system32\wimgapi.dll
2018-06-13 14:58:44 ----A---- C:\WINDOWS\system32\vertdll.dll
2018-06-13 14:58:44 ----A---- C:\WINDOWS\system32\reseteng.dll
2018-06-13 14:58:44 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-13 14:58:44 ----A---- C:\WINDOWS\system32\mfps.dll
2018-06-13 14:58:44 ----A---- C:\WINDOWS\system32\kernel.appcore.dll
2018-06-13 14:58:44 ----A---- C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-13 14:58:44 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2018-06-13 14:58:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 14:58:43 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2018-06-13 14:58:43 ----A---- C:\WINDOWS\SYSWOW64\kernel.appcore.dll
2018-06-13 14:58:43 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 14:58:43 ----A---- C:\WINDOWS\system32\wimserv.exe
2018-06-13 14:58:43 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-06-13 14:58:42 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2018-06-13 14:58:42 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2018-06-13 14:58:42 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 14:58:42 ----A---- C:\WINDOWS\system32\mfplat.dll
2018-06-13 14:58:42 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-13 14:58:42 ----A---- C:\WINDOWS\system32\GenValObj.exe
2018-06-13 14:58:42 ----A---- C:\WINDOWS\system32\drivers\uefi.sys
2018-06-13 14:58:42 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2018-06-13 14:58:42 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-06-13 14:58:41 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2018-06-13 14:58:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2018-06-13 14:58:41 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2018-06-13 14:58:41 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2018-06-13 14:58:41 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-06-13 14:58:41 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2018-06-13 14:58:41 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-13 14:58:41 ----A---- C:\WINDOWS\system32\Phoneutil.dll
2018-06-13 14:58:41 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2018-06-13 14:58:41 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2018-06-13 14:58:40 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2018-06-13 14:58:40 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2018-06-13 14:58:40 ----A---- C:\WINDOWS\SYSWOW64\bcrypt.dll
2018-06-13 14:58:40 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2018-06-13 14:58:40 ----A---- C:\WINDOWS\system32\rmclient.dll
2018-06-13 14:58:40 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-06-13 14:58:40 ----A---- C:\WINDOWS\system32\mstsc.exe
2018-06-13 14:58:40 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-06-13 14:58:40 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2018-06-13 14:58:40 ----A---- C:\WINDOWS\system32\ClipUp.exe
2018-06-13 14:58:40 ----A---- C:\WINDOWS\system32\bcrypt.dll
2018-06-13 14:58:39 ----A---- C:\WINDOWS\SYSWOW64\Phoneutil.dll
2018-06-13 14:58:39 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2018-06-13 14:58:39 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-06-13 14:58:39 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-13 14:58:39 ----A---- C:\WINDOWS\system32\FSClient.dll
2018-06-13 14:58:39 ----A---- C:\WINDOWS\system32\drivers\Ucx01000.sys
2018-06-13 14:58:39 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2018-06-13 14:58:39 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2018-06-13 14:58:39 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-06-13 14:58:39 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2018-06-13 14:58:38 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2018-06-13 14:58:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 14:58:38 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2018-06-13 14:58:38 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2018-06-13 14:58:38 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2018-06-13 14:58:38 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-13 14:58:38 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-13 14:58:38 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-13 14:58:38 ----A---- C:\WINDOWS\system32\rasdlg.dll
2018-06-13 14:58:38 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-13 14:58:38 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-06-13 14:58:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-13 14:58:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 14:58:37 ----A---- C:\WINDOWS\SYSWOW64\wevtutil.exe
2018-06-13 14:58:37 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2018-06-13 14:58:37 ----A---- C:\WINDOWS\SYSWOW64\MSMPEG2ENC.DLL
2018-06-13 14:58:37 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 14:58:37 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-06-13 14:58:37 ----A---- C:\WINDOWS\system32\easwrt.dll
2018-06-13 14:58:37 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2018-06-13 14:58:37 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-06-13 14:58:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2018-06-13 14:58:36 ----A---- C:\WINDOWS\SYSWOW64\rasplap.dll
2018-06-13 14:58:36 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2018-06-13 14:58:36 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-06-13 14:58:36 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2018-06-13 14:58:36 ----A---- C:\WINDOWS\SYSWOW64\MSAC3ENC.DLL
2018-06-13 14:58:36 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-06-13 14:58:36 ----A---- C:\WINDOWS\system32\sppcext.dll
2018-06-13 14:58:36 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2018-06-13 14:58:36 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2018-06-13 14:58:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 14:58:35 ----A---- C:\WINDOWS\SYSWOW64\srms-apr.dat
2018-06-13 14:58:35 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2018-06-13 14:58:35 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-06-13 14:58:35 ----A---- C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-13 14:58:35 ----A---- C:\WINDOWS\system32\TDLMigration.dll
2018-06-13 14:58:35 ----A---- C:\WINDOWS\system32\srms-apr.dat
2018-06-13 14:58:35 ----A---- C:\WINDOWS\system32\MDEServer.exe
2018-06-13 14:58:35 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-06-13 14:58:34 ----A---- C:\WINDOWS\SYSWOW64\msdt.exe
2018-06-13 14:58:34 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 14:58:34 ----A---- C:\WINDOWS\system32\usoapi.dll
2018-06-13 14:58:34 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2018-06-13 14:58:34 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-06-13 14:58:34 ----A---- C:\WINDOWS\system32\msdt.exe
2018-06-13 14:58:34 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2018-06-13 14:58:34 ----A---- C:\WINDOWS\system32\dssvc.dll
2018-06-13 14:58:34 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-13 14:58:34 ----A---- C:\WINDOWS\system32\BFE.DLL
2018-06-13 14:58:33 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2018-06-13 14:58:33 ----A---- C:\WINDOWS\SYSWOW64\MSHEIF.dll
2018-06-13 14:58:33 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\tbauth.dll
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\SIHClient.exe
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\MSHEIF.dll
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\GamePanel.exe
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\edpnotify.exe
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-06-13 14:58:33 ----A---- C:\WINDOWS\system32\aadtb.dll
2018-06-13 14:58:32 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2018-06-13 14:58:32 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2018-06-13 14:58:32 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2018-06-13 14:58:32 ----A---- C:\WINDOWS\SYSWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-13 14:58:32 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2018-06-13 14:58:32 ----A---- C:\WINDOWS\system32\drivers\mpsdrv.sys
2018-06-13 14:58:32 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-13 14:58:32 ----A---- C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-13 14:58:31 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-06-13 14:58:31 ----A---- C:\WINDOWS\SYSWOW64\HoloShellRuntime.dll
2018-06-13 14:58:31 ----A---- C:\WINDOWS\system32\tzres.dll
2018-06-06 22:38:39 ----D---- C:\ProgramData\ESET

====== List of files/folders modified in the last 1 month ======

2018-07-03 18:21:16 ----D---- C:\WINDOWS\Temp
2018-07-03 18:21:00 ----D---- C:\WINDOWS\system32\sru
2018-07-03 18:19:54 ----D---- C:\WINDOWS\Prefetch
2018-07-03 18:19:31 ----RD---- C:\Program Files
2018-07-03 18:19:12 ----D---- C:\Windows
2018-07-03 18:16:27 ----D---- C:\Users\UZIVATEL\AppData\Roaming\vlc
2018-07-03 18:06:50 ----D---- C:\WINDOWS\AppReadiness
2018-07-03 18:06:44 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-07-03 17:27:17 ----D---- C:\WINDOWS\System32
2018-07-03 17:27:17 ----D---- C:\WINDOWS\INF
2018-07-03 17:27:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-03 17:21:28 ----HD---- C:\Program Files\WindowsApps
2018-07-03 13:13:48 ----D---- C:\WINDOWS\system32\SleepStudy
2018-07-03 12:00:01 ----D---- C:\WINDOWS\system32\LogFiles
2018-07-03 10:24:54 ----D---- C:\WINDOWS\Logs
2018-07-03 10:24:32 ----RD---- C:\WINDOWS\Microsoft.NET
2018-06-29 22:15:19 ----SHDC---- C:\WINDOWS\Installer
2018-06-29 22:15:19 ----SHD---- C:\Config.Msi
2018-06-29 22:15:00 ----D---- C:\Program Files (x86)\Common Files
2018-06-29 22:13:08 ----AD---- C:\Program Files (x86)\Microsoft Office
2018-06-27 19:18:45 ----D---- C:\WINDOWS\LiveKernelReports
2018-06-27 10:29:43 ----D---- C:\WINDOWS\system32\config
2018-06-26 10:18:08 ----D---- C:\WINDOWS\system32\drivers\wd
2018-06-24 13:39:02 ----D---- C:\WINDOWS\system32\drivers
2018-06-22 20:46:49 ----D---- C:\WINDOWS\system32\Tasks
2018-06-21 10:53:11 ----D---- C:\WINDOWS\system32\WDI
2018-06-19 15:50:02 ----D---- C:\WINDOWS\system32\DriverStore
2018-06-19 15:50:01 ----D---- C:\WINDOWS\WinSxS
2018-06-18 17:21:08 ----D---- C:\WINDOWS\debug
2018-06-18 15:02:56 ----D---- C:\WINDOWS\system32\Macromed
2018-06-18 15:02:54 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-06-15 10:03:24 ----RD---- C:\WINDOWS\assembly
2018-06-14 16:32:18 ----D---- C:\WINDOWS\system32\catroot2
2018-06-13 18:56:58 ----D---- C:\WINDOWS\TextInput
2018-06-13 18:56:58 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-06-13 18:56:58 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-06-13 18:56:58 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-06-13 18:56:58 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\setup
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\oobe
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-06-13 18:56:57 ----D---- C:\WINDOWS\SysWOW64
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\zu-ZA
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\yo-NG
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\xh-ZA
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\wo-SN
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\tn-ZA
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\ti-ET
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\setup
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\rw-RW
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\oobe
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\nso-ZA
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\ig-NG
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\en-US
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\Dism
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\cs-CZ
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\Boot
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-06-13 18:56:56 ----D---- C:\WINDOWS\system32\appraiser
2018-06-13 18:56:55 ----D---- C:\WINDOWS\ShellExperiences
2018-06-13 18:56:54 ----RSD---- C:\WINDOWS\Fonts
2018-06-13 18:56:54 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-06-13 18:56:54 ----D---- C:\WINDOWS\bcastdvr
2018-06-13 18:56:54 ----D---- C:\WINDOWS\apppatch
2018-06-13 18:56:54 ----D---- C:\Program Files\Windows Photo Viewer
2018-06-13 18:56:54 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2018-06-13 15:05:12 ----D---- C:\WINDOWS\system32\MRT
2018-06-13 15:03:42 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 15:03:34 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-06-13 15:03:29 ----D---- C:\WINDOWS\CbsTemp
2018-06-09 16:52:54 ----D---- C:\Program Files\Mozilla Firefox
2018-06-09 16:52:54 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-08 12:13:10 ----AD---- C:\Program Files\KMSpico
2018-06-06 22:48:37 ----RD---- C:\Program Files\Windows Defender
2018-06-06 22:38:51 ----HD---- C:\WINDOWS\ELAMBKUP
2018-06-06 22:38:39 ----HD---- C:\ProgramData
2018-06-06 22:38:39 ----D---- C:\Program Files\ESET
2018-06-06 22:38:36 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2018-06-06 01:29:25 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2018-04-12 110432]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-10-02 1463808]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2018-04-12 137928]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2018-04-12 196112]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2018-04-12 82816]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2018-04-12 108320]
R1 MpKslaf96b160;MpKslaf96b160; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4B76C204-41B3-4FB4-ADF3-6C7784DC5BC8}\MpKslaf96b160.sys [2018-07-03 58120]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-04-12 414208]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2018-04-12 50136]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2015-05-25 21816]
R3 AsusPTPDrv;@oem36.inf,%AsusPTP.SvcDesc%;ASUS Touch Service; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [2016-03-31 94712]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-04-12 106496]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 CnxtHdAudService;@oem42.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2016-05-09 1559688]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2015-09-17 57304]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2015-09-17 52200]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2015-09-17 260072]
R3 HID_PCI;@oem18.inf,%HID_PCI%;HID PCI Minidriver for ISS; C:\WINDOWS\System32\drivers\HID_PCI.sys [2015-11-04 47928]
R3 HIDSwitch;@oem24.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-08-20 27872]
R3 ibtusb;@oem25.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-10-15 732416]
R3 ISH;@oem31.inf,%TEE_SvcDesc%;Intel(R) Integrated Sensor Solution ; C:\WINDOWS\System32\drivers\ISH.sys [2015-11-04 135992]
R3 ISH_BusDriver;@oem29.inf,%ISH_BusDriver.SVCDESC%; ISS Bus Enumerator; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [2015-11-09 71992]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2018-04-12 7689728]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
R3 SensorsHIDClassDriver;@SensorsHidClassDriver.inf,%WudfSensorsHIDClassDriverDisplayName%;UMDF Reflector service for Sensors HID Class Driver; C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-04-12 264192]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2018-04-12 15872]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-04-12 128416]
S1 EpfwLWF;@oem37.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2014-09-22 44632]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 AmUStor;@oem34.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2015-09-15 92312]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2018-04-12 1069056]
S3 dg_ssudbus;@oem8.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-04-12 73632]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [2018-04-12 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2018-04-12 197632]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2018-06-08 1921952]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-12-14 126616]
R2 ASUS Flip Service;ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [2015-11-18 14776]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
R2 CDPUserSvc_2cd5e;CDPUserSvc_2cd5e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-06-20 8765104]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2018-04-19 2240264]
R2 esifsvc;@oem41.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWOW64\esif_uf.exe [2015-09-17 1392792]
R2 ibtsiva;@oem25.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 OneSyncSvc_2cd5e;OneSyncSvc_2cd5e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 OpenVPNServiceInteractive;OpenVPN Interactive Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2017-09-26 73856]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-04-12 761440]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\BTAGService.dll
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\BthAvctpSvc.dll
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-26 43648]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\InstallService.dll
R3 PimIndexMaintenanceSvc_2cd5e;PimIndexMaintenanceSvc_2cd5e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; %SystemRoot%\system32\svchost.exe -k BcastDVRUserService;"ServiceDll" = %SystemRoot%\System32\BcastDVRUserService.dll
S3 BcastDVRUserService_2cd5e;BcastDVRUserService_2cd5e; C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService;"ServiceDll" =
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; %SystemRoot%\system32\svchost.exe -k BthAppGroup;"ServiceDll" = %SystemRoot%\System32\Microsoft.Bluetooth.UserService.dll
S3 BluetoothUserService_2cd5e;BluetoothUserService_2cd5e; C:\WINDOWS\system32\svchost.exe -k BthAppGroup;"ServiceDll" =
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; %SystemRoot%\system32\svchost.exe -k appmodel -p;"ServiceDll" = %SystemRoot%\system32\CapabilityAccessManager.dll
S3 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe [2016-11-30 480224]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\Windows.Devices.Picker.dll
S3 DevicePickerUserSvc_2cd5e;DevicePickerUserSvc_2cd5e; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_2cd5e;DevicesFlowUserSvc_2cd5e; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k diagnostics;"ServiceDll" = %systemroot%\system32\DiagSvc.dll
S3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Security\ekrn.exe [2018-04-19 2240264]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k GraphicsPerfSvcGroup;"ServiceDll" = %SystemRoot%\System32\GraphicsPerfSvc.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\LanguageOverlayServer.dll
S3 MessagingService_2cd5e;MessagingService_2cd5e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-06-07 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 OpenVPNService;OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [2016-11-25 15872]
S3 OpenVPNServiceLegacy;OpenVPN Legacy Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2017-09-26 73856]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-20 212152]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; %SystemRoot%\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = %SystemRoot%\System32\PrintWorkflowService.dll
S3 PrintWorkflowUserSvc_2cd5e;PrintWorkflowUserSvc_2cd5e; C:\WINDOWS\system32\svchost.exe -k PrintWorkflow;"ServiceDll" =
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\PushToInstall.dll
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\SharedRealitySvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[curt-xx]

Dekuji za radu, nize prikladam log. Jen doplnim, ze dnes se mi notebook zase nacetl do windows s cernou obrazovkou, kdy na ni normalne je kursor a vse jinak funguje a zaroven se mi 5x sekl pri obycejnem nacitani wordu. - po tomto zaseku uz vetsinou word nepustim vubec a musim restartovat, vse osttani ale funguje. Zadny jiny problem s ntb neeviduji.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build: 07-04-2018
# Database: 2018-07-04.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-04-2018
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1242 octets] - [04/07/2018 19:33:25]
AdwCleaner[S01].txt - [1303 octets] - [04/07/2018 19:36:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Rudy]

Toto je OK. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .

[curt-xx]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by UZIVATEL (administrator) on DESKTOP-PD6FU82 (04-07-2018 20:30:39)
Running from C:\Users\UZIVATEL\Desktop
Loaded Profiles: UZIVATEL (Available Profiles: defaultuser0 & UZIVATEL)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ASUS) C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipControlPTP.exe
() C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\ASUS\ASUS FlipLock\WifiPowerManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1805.1201.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-04-19] (ESET)
HKLM-x32\...\Run: [Nike+ Connect] => C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [71680 2015-10-10] (Nike)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3478384942-2814482159-1948803514-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [643200 2017-09-26] ()
HKU\S-1-5-21-3478384942-2814482159-1948803514-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd)
HKU\S-1-5-21-3478384942-2814482159-1948803514-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{0447a0fc-86a4-4480-a3de-7f5d19f17b39}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-06-29] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2018-01-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-12] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 0j4gj9kz.default
FF ProfilePath: C:\Users\UZIVATEL\AppData\Roaming\Mozilla\Firefox\Profiles\0j4gj9kz.default [2018-07-04]
FF Homepage: Mozilla\Firefox\Profiles\0j4gj9kz.default -> hxxps://www.seznam.cz/
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-04] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-18] ()
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default [2018-07-04]
CHR Extension: (Prezentace) - C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-19]
CHR Extension: (YouTube) - C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-19]
CHR Extension: (Tabulky) - C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Gmail) - C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-19]
CHR Extension: (Chrome Media Router) - C:\Users\UZIVATEL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-21]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ASUS Flip Service; C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe [14776 2015-11-18] (ASUS)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8765104 2018-06-20] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET)
S3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-09-17] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-10-15] (Intel Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (The OpenVPN Project)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [94712 2016-03-31] (ASUS Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [57304 2015-09-17] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-09-17] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [137928 2018-04-12] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [110432 2018-04-12] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-04-12] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [196112 2018-04-12] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50136 2018-04-12] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82816 2018-04-12] (ESET)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2014-09-22] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [108320 2018-04-12] (ESET)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-09-17] (Intel Corporation)
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [47928 2015-11-04] (Intel)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [732416 2016-10-15] (Intel Corporation)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [135992 2015-11-04] (Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [71992 2015-11-09] (Intel)
R1 MpKsl3e8715d9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4133B3C8-4185-4A60-96AF-B150E45B7509}\MpKsl3e8715d9.sys [58120 2018-07-04] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Šablony
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Poslední
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Okolní síť
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Dokumenty
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\Data aplikací
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\ProgramData\Šablony
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\ProgramData\Plocha
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\ProgramData\Dokumenty
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\ProgramData\Data aplikací
2099-02-17 01:15 - 2116-02-17 01:15 - 000000000 _SHDL C:\Documents and Settings
2018-07-04 20:30 - 2018-07-04 20:30 - 000015290 _____ C:\Users\UZIVATEL\Desktop\FRST.txt
2018-07-04 20:28 - 2018-07-04 20:30 - 000000000 ____D C:\FRST
2018-07-04 20:27 - 2018-07-04 20:27 - 002412544 _____ (Farbar) C:\Users\UZIVATEL\Downloads\FRST64 (1).exe
2018-07-04 20:13 - 2018-07-04 20:17 - 002412544 _____ (Farbar) C:\Users\UZIVATEL\Desktop\FRST64.exe
2018-07-04 19:32 - 2018-07-04 19:33 - 000000000 ____D C:\AdwCleaner
2018-07-04 19:31 - 2018-07-04 19:31 - 007402192 _____ (Malwarebytes) C:\Users\UZIVATEL\Desktop\adwcleaner_7.2.1.exe
2018-07-04 14:46 - 2018-07-04 14:46 - 000611815 _____ C:\Users\UZIVATEL\Desktop\doc01479120180704124456.pdf
2018-07-04 14:02 - 2018-07-04 14:03 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Smlouvy o výkonu funkce
2018-07-03 18:19 - 2018-07-03 18:21 - 000000000 ____D C:\Program Files\trend micro
2018-07-03 18:19 - 2018-07-03 18:19 - 000000000 ____D C:\rsit
2018-07-03 18:18 - 2018-07-03 18:18 - 001329152 _____ C:\Users\UZIVATEL\Downloads\RSITx64.exe
2018-07-03 11:14 - 2018-07-03 11:27 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Faktury FACR
2018-07-02 14:02 - 2018-07-03 13:09 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Řády do kabiny 2018
2018-07-02 13:03 - 2018-07-02 14:24 - 000012346 _____ C:\Users\UZIVATEL\Desktop\Posta.xlsx
2018-07-02 11:05 - 2018-07-02 11:05 - 000153454 _____ C:\Users\UZIVATEL\Desktop\Dancák přestup.pdf
2018-07-02 10:52 - 2018-07-04 13:27 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Breda
2018-06-29 22:14 - 2018-06-29 22:14 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-06-29 22:14 - 2018-06-29 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-06-29 14:39 - 2018-06-29 14:39 - 000315904 ____H C:\Users\UZIVATEL\Desktop\~WRL0003.tmp
2018-06-28 11:29 - 2018-07-04 10:10 - 000000000 ____D C:\Users\UZIVATEL\Downloads\serie 2
2018-06-28 10:40 - 2018-06-28 10:52 - 000011795 _____ C:\Users\UZIVATEL\Desktop\Posta -.xlsx
2018-06-27 11:21 - 2018-07-04 14:33 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Příprava léto 2018
2018-06-26 14:01 - 2018-06-26 14:01 - 000207096 _____ C:\Users\UZIVATEL\Desktop\ID.pdf
2018-06-25 15:27 - 2018-06-25 15:53 - 000011999 _____ C:\Users\UZIVATEL\Desktop\Popisy pracovních pozic.xlsx
2018-06-25 14:06 - 2018-06-25 14:07 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Vlada Marketing
2018-06-22 15:20 - 2018-07-03 20:32 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Bobál
2018-06-19 20:49 - 2018-06-19 20:49 - 002283276 _____ C:\Users\UZIVATEL\Desktop\Pozvánka na řádnou VH společnosti FK Dukla Praha a.s..pdf
2018-06-18 20:44 - 2018-06-18 21:28 - 814930968 _____ C:\Users\UZIVATEL\Downloads\01x01.rar
2018-06-18 15:03 - 2018-06-18 15:03 - 000004650 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-18 15:03 - 2018-06-18 15:03 - 000004496 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-06-18 10:09 - 2018-07-04 10:35 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Chlumecký
2018-06-15 15:10 - 2018-07-04 14:49 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Kooperativa
2018-06-14 13:22 - 2018-06-25 12:50 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Žižkov
2018-06-14 12:05 - 2018-07-03 09:27 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Trenéři
2018-06-14 09:03 - 2018-07-03 20:05 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Nová složka
2018-06-13 15:00 - 2018-06-08 20:41 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-13 15:00 - 2018-06-08 19:04 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-13 15:00 - 2018-06-08 18:51 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-13 15:00 - 2018-06-08 18:47 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-13 15:00 - 2018-06-08 11:31 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-13 15:00 - 2018-06-08 11:30 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-06-13 15:00 - 2018-06-08 11:29 - 002753048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-13 15:00 - 2018-06-08 11:29 - 000885880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-06-13 15:00 - 2018-06-08 11:09 - 002242216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-13 15:00 - 2018-06-08 11:09 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-06-13 15:00 - 2018-06-08 11:04 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-13 15:00 - 2018-06-08 11:01 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-13 15:00 - 2018-06-08 10:59 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-13 15:00 - 2018-06-08 10:58 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-13 15:00 - 2018-06-08 10:58 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-13 15:00 - 2018-06-08 10:56 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-13 15:00 - 2018-06-08 10:56 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-13 15:00 - 2018-06-08 10:54 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-13 15:00 - 2018-06-08 10:53 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-13 15:00 - 2018-05-20 13:26 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-13 15:00 - 2018-05-20 13:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-13 15:00 - 2018-05-20 13:23 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-13 15:00 - 2018-05-20 13:17 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-13 15:00 - 2018-05-20 13:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-06-13 15:00 - 2018-05-20 13:13 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-13 14:59 - 2018-06-08 21:02 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-06-13 14:59 - 2018-06-08 21:02 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-13 14:59 - 2018-06-08 21:01 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-06-13 14:59 - 2018-06-08 20:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-13 14:59 - 2018-06-08 20:45 - 012712448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-13 14:59 - 2018-06-08 20:45 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-13 14:59 - 2018-06-08 20:43 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-13 14:59 - 2018-06-08 20:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-06-13 14:59 - 2018-06-08 20:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-13 14:59 - 2018-06-08 20:42 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-06-13 14:59 - 2018-06-08 20:42 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-13 14:59 - 2018-06-08 18:48 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-13 14:59 - 2018-06-08 18:48 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-13 14:59 - 2018-06-08 18:06 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-13 14:59 - 2018-06-08 18:05 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-13 14:59 - 2018-06-08 16:00 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 14:59 - 2018-06-08 12:38 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-06-13 14:59 - 2018-06-08 12:37 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-13 14:59 - 2018-06-08 12:31 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-06-13 14:59 - 2018-06-08 12:31 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-13 14:59 - 2018-06-08 12:30 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-13 14:59 - 2018-06-08 11:33 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-13 14:59 - 2018-06-08 11:33 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-06-13 14:59 - 2018-06-08 11:33 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-06-13 14:59 - 2018-06-08 11:31 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-13 14:59 - 2018-06-08 11:30 - 009148320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-13 14:59 - 2018-06-08 11:30 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-13 14:59 - 2018-06-08 11:30 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-13 14:59 - 2018-06-08 11:30 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-13 14:59 - 2018-06-08 11:30 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-13 14:59 - 2018-06-08 11:30 - 000134584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 007520000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 006817384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 004403280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 002836384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-13 14:59 - 2018-06-08 11:29 - 002570712 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 002422688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-13 14:59 - 2018-06-08 11:29 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 001611592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-13 14:59 - 2018-06-08 11:29 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-13 14:59 - 2018-06-08 11:29 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-13 14:59 - 2018-06-08 11:29 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-13 14:59 - 2018-06-08 11:13 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-13 14:59 - 2018-06-08 11:12 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-06-13 14:59 - 2018-06-08 11:12 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-13 14:59 - 2018-06-08 11:11 - 001461744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-06-13 14:59 - 2018-06-08 11:10 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-13 14:59 - 2018-06-08 11:10 - 002331584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-06-13 14:59 - 2018-06-08 11:10 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-13 14:59 - 2018-06-08 11:10 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-06-13 14:59 - 2018-06-08 11:09 - 006569960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 14:59 - 2018-06-08 11:09 - 006527064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-13 14:59 - 2018-06-08 11:09 - 004788512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-13 14:59 - 2018-06-08 11:09 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-13 14:59 - 2018-06-08 11:09 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-13 14:59 - 2018-06-08 11:09 - 001980872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-13 14:59 - 2018-06-08 11:09 - 001709720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-06-13 14:59 - 2018-06-08 11:09 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-13 14:59 - 2018-06-08 11:09 - 001380200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-06-13 14:59 - 2018-06-08 11:09 - 001020168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-06-13 14:59 - 2018-06-08 11:03 - 022005760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-13 14:59 - 2018-06-08 11:02 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-13 14:59 - 2018-06-08 11:01 - 004563456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-13 14:59 - 2018-06-08 11:00 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-13 14:59 - 2018-06-08 11:00 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-06-13 14:59 - 2018-06-08 11:00 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-13 14:59 - 2018-06-08 10:59 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-06-13 14:59 - 2018-06-08 10:59 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-13 14:59 - 2018-06-08 10:59 - 001767936 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-06-13 14:59 - 2018-06-08 10:58 - 007581696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-13 14:59 - 2018-06-08 10:58 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-06-13 14:59 - 2018-06-08 10:58 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-13 14:59 - 2018-06-08 10:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-13 14:59 - 2018-06-08 10:57 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-13 14:59 - 2018-06-08 10:56 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-06-13 14:59 - 2018-06-08 10:56 - 002902016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-13 14:59 - 2018-06-08 10:56 - 002900480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-13 14:59 - 2018-06-08 10:56 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-13 14:59 - 2018-06-08 10:56 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-13 14:59 - 2018-06-08 10:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-06-13 14:59 - 2018-06-08 10:56 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-13 14:59 - 2018-06-08 10:55 - 003441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-13 14:59 - 2018-06-08 10:55 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-06-13 14:59 - 2018-06-08 10:55 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-13 14:59 - 2018-06-08 10:55 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-13 14:59 - 2018-06-08 10:55 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-06-13 14:59 - 2018-06-08 10:55 - 001371648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-06-13 14:59 - 2018-06-08 10:55 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-13 14:59 - 2018-06-08 10:55 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-13 14:59 - 2018-06-08 10:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-13 14:59 - 2018-06-08 10:54 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-13 14:59 - 2018-06-08 10:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-13 14:59 - 2018-06-08 10:54 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-13 14:59 - 2018-06-08 10:53 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-13 14:59 - 2018-06-06 20:57 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-13 14:59 - 2018-06-06 06:20 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-13 14:59 - 2018-05-20 21:43 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-13 14:59 - 2018-05-20 21:42 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-06-13 14:59 - 2018-05-20 21:23 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-13 14:59 - 2018-05-20 21:23 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-06-13 14:59 - 2018-05-20 21:23 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-06-13 14:59 - 2018-05-20 21:22 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-13 14:59 - 2018-05-20 21:22 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-06-13 14:59 - 2018-05-20 20:14 - 020383712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-13 14:59 - 2018-05-20 20:00 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-06-13 14:59 - 2018-05-20 18:59 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-13 14:59 - 2018-05-20 18:45 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-13 14:59 - 2018-05-20 13:53 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-13 14:59 - 2018-05-20 13:53 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-13 14:59 - 2018-05-20 13:52 - 007436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-13 14:59 - 2018-05-20 13:52 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-13 14:59 - 2018-05-20 13:34 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-13 14:59 - 2018-05-20 13:33 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-13 14:59 - 2018-05-20 13:32 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-13 14:59 - 2018-05-20 13:32 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-13 14:59 - 2018-05-20 13:31 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-13 14:59 - 2018-05-20 13:30 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-13 14:59 - 2018-05-20 13:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-13 14:59 - 2018-05-20 13:24 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-06-13 14:59 - 2018-05-20 13:23 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 14:59 - 2018-05-20 13:23 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-13 14:59 - 2018-05-20 13:23 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-06-13 14:59 - 2018-05-20 13:23 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-06-13 14:59 - 2018-05-20 13:21 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-13 14:59 - 2018-05-20 13:21 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-13 14:59 - 2018-05-20 13:21 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-06-13 14:59 - 2018-05-20 13:12 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-06-13 14:59 - 2018-05-20 13:11 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-13 14:58 - 2018-06-08 21:07 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-06-13 14:58 - 2018-06-08 21:05 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-13 14:58 - 2018-06-08 21:02 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-06-13 14:58 - 2018-06-08 21:01 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-06-13 14:58 - 2018-06-08 20:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-06-13 14:58 - 2018-06-08 20:47 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-13 14:58 - 2018-06-08 20:45 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-06-13 14:58 - 2018-06-08 20:45 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-13 14:58 - 2018-06-08 20:44 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-06-13 14:58 - 2018-06-08 20:44 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-06-13 14:58 - 2018-06-08 20:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-13 14:58 - 2018-06-08 20:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-06-13 14:58 - 2018-06-08 20:43 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-13 14:58 - 2018-06-08 20:43 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-06-13 14:58 - 2018-06-08 20:43 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-06-13 14:58 - 2018-06-08 20:43 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-06-13 14:58 - 2018-06-08 20:42 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-13 14:58 - 2018-06-08 20:42 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-13 14:58 - 2018-06-08 20:42 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-06-13 14:58 - 2018-06-08 20:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-06-13 14:58 - 2018-06-08 20:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-06-13 14:58 - 2018-06-08 20:41 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-06-13 14:58 - 2018-06-08 20:41 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-13 14:58 - 2018-06-08 20:41 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-06-13 14:58 - 2018-06-08 20:40 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-06-13 14:58 - 2018-06-08 18:58 - 002206544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-06-13 14:58 - 2018-06-08 18:58 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-06-13 14:58 - 2018-06-08 18:50 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-06-13 14:58 - 2018-06-08 18:47 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-06-13 14:58 - 2018-06-08 18:47 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-06-13 14:58 - 2018-06-08 18:47 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-06-13 14:58 - 2018-06-08 18:47 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-06-13 14:58 - 2018-06-08 18:47 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-06-13 14:58 - 2018-06-08 18:46 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-13 14:58 - 2018-06-08 18:46 - 002016256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-13 14:58 - 2018-06-08 18:46 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-06-13 14:58 - 2018-06-08 18:45 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-13 14:58 - 2018-06-08 18:05 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-06-13 14:58 - 2018-06-08 16:00 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-06-13 14:58 - 2018-06-08 12:35 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-06-13 14:58 - 2018-06-08 12:35 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-13 14:58 - 2018-06-08 12:34 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-06-13 14:58 - 2018-06-08 12:34 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-06-13 14:58 - 2018-06-08 12:31 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-13 14:58 - 2018-06-08 11:34 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-13 14:58 - 2018-06-08 11:34 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-13 14:58 - 2018-06-08 11:33 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-06-13 14:58 - 2018-06-08 11:31 - 000226720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-06-13 14:58 - 2018-06-08 11:30 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-13 14:58 - 2018-06-08 11:30 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-13 14:58 - 2018-06-08 11:30 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-13 14:58 - 2018-06-08 11:30 - 000722808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-13 14:58 - 2018-06-08 11:30 - 000567184 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-06-13 14:58 - 2018-06-08 11:30 - 000565152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-06-13 14:58 - 2018-06-08 11:30 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-13 14:58 - 2018-06-08 11:30 - 000491328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-13 14:58 - 2018-06-08 11:30 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-13 14:58 - 2018-06-08 11:30 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-06-13 14:58 - 2018-06-08 11:29 - 002564984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 001946328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 001921952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-13 14:58 - 2018-06-08 11:29 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 001288816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 001150416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 001148808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 001112608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 001026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-13 14:58 - 2018-06-08 11:29 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-13 14:58 - 2018-06-08 11:29 - 000792992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-06-13 14:58 - 2018-06-08 11:29 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-06-13 14:58 - 2018-06-08 11:29 - 000413824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 000413088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-06-13 14:58 - 2018-06-08 11:29 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-13 14:58 - 2018-06-08 11:29 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 000266656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-06-13 14:58 - 2018-06-08 11:29 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-06-13 14:58 - 2018-06-08 11:29 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-13 14:58 - 2018-06-08 11:11 - 000550616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-13 14:58 - 2018-06-08 11:10 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-06-13 14:58 - 2018-06-08 11:10 - 001397200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-06-13 14:58 - 2018-06-08 11:10 - 001011992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-06-13 14:58 - 2018-06-08 11:10 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-06-13 14:58 - 2018-06-08 11:10 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 002535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 001805776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 001129648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 000988136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 000770160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-06-13 14:58 - 2018-06-08 11:09 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-13 14:58 - 2018-06-08 11:03 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-13 14:58 - 2018-06-08 11:03 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-06-13 14:58 - 2018-06-08 11:03 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-06-13 14:58 - 2018-06-08 11:03 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-06-13 14:58 - 2018-06-08 11:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-06-13 14:58 - 2018-06-08 11:02 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-06-13 14:58 - 2018-06-08 11:02 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-06-13 14:58 - 2018-06-08 11:01 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-13 14:58 - 2018-06-08 11:01 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-13 14:58 - 2018-06-08 11:01 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-13 14:58 - 2018-06-08 11:01 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-06-13 14:58 - 2018-06-08 11:01 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-13 14:58 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-06-13 14:58 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-13 14:58 - 2018-06-08 11:00 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-06-13 14:58 - 2018-06-08 11:00 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-06-13 14:58 - 2018-06-08 11:00 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-06-13 14:58 - 2018-06-08 11:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-13 14:58 - 2018-06-08 11:00 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-06-13 14:58 - 2018-06-08 11:00 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-13 14:58 - 2018-06-08 10:59 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-13 14:58 - 2018-06-08 10:59 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-06-13 14:58 - 2018-06-08 10:59 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-06-13 14:58 - 2018-06-08 10:59 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-13 14:58 - 2018-06-08 10:59 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-06-13 14:58 - 2018-06-08 10:59 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 14:58 - 2018-06-08 10:59 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-13 14:58 - 2018-06-08 10:58 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-06-13 14:58 - 2018-06-08 10:58 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-06-13 14:58 - 2018-06-08 10:58 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-13 14:58 - 2018-06-08 10:58 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-06-13 14:58 - 2018-06-08 10:57 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-13 14:58 - 2018-06-08 10:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-06-13 14:58 - 2018-06-08 10:57 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-06-13 14:58 - 2018-06-08 10:57 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-06-13 14:58 - 2018-06-08 10:57 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-06-13 14:58 - 2018-06-08 10:57 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-13 14:58 - 2018-06-08 10:57 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 14:58 - 2018-06-08 10:57 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 004336128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-06-13 14:58 - 2018-06-08 10:56 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-13 14:58 - 2018-06-08 10:56 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 001033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-06-13 14:58 - 2018-06-08 10:55 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 14:58 - 2018-06-08 10:55 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-06-13 14:58 - 2018-06-08 10:54 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-13 14:58 - 2018-06-08 10:54 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-06-13 14:58 - 2018-06-08 10:53 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-06-13 14:58 - 2018-06-08 10:53 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-06-13 14:58 - 2018-06-08 10:53 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-06-13 14:58 - 2018-06-08 10:53 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-13 14:58 - 2018-06-08 10:53 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 14:58 - 2018-06-08 10:53 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-13 14:58 - 2018-06-08 09:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-06-13 14:58 - 2018-06-02 01:24 - 000713376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-13 14:58 - 2018-06-02 00:54 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-13 14:58 - 2018-05-25 05:24 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-06-13 14:58 - 2018-05-20 21:45 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-13 14:58 - 2018-05-20 21:42 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-13 14:58 - 2018-05-20 21:26 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-06-13 14:58 - 2018-05-20 21:22 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-13 14:58 - 2018-05-20 21:22 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-06-13 14:58 - 2018-05-20 20:15 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-06-13 14:58 - 2018-05-20 20:14 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-06-13 14:58 - 2018-05-20 20:02 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-06-13 14:58 - 2018-05-20 19:59 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-06-13 14:58 - 2018-05-20 19:59 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-06-13 14:58 - 2018-05-20 18:39 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-13 14:58 - 2018-05-20 18:35 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-13 14:58 - 2018-05-20 18:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-13 14:58 - 2018-05-20 16:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-06-13 14:58 - 2018-05-20 14:33 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-13 14:58 - 2018-05-20 13:53 - 001947808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-13 14:58 - 2018-05-20 13:53 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-13 14:58 - 2018-05-20 13:53 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-06-13 14:58 - 2018-05-20 13:53 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-06-13 14:58 - 2018-05-20 13:52 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-06-13 14:58 - 2018-05-20 13:52 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-06-13 14:58 - 2018-05-20 13:52 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-06-13 14:58 - 2018-05-20 13:34 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-13 14:58 - 2018-05-20 13:33 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-06-13 14:58 - 2018-05-20 13:32 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-13 14:58 - 2018-05-20 13:32 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-13 14:58 - 2018-05-20 13:32 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-13 14:58 - 2018-05-20 13:32 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-06-13 14:58 - 2018-05-20 13:28 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-13 14:58 - 2018-05-20 13:28 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-13 14:58 - 2018-05-20 13:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-13 14:58 - 2018-05-20 13:27 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-06-13 14:58 - 2018-05-20 13:27 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-13 14:58 - 2018-05-20 13:26 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-06-13 14:58 - 2018-05-20 13:26 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-13 14:58 - 2018-05-20 13:26 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-13 14:58 - 2018-05-20 13:26 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-06-13 14:58 - 2018-05-20 13:26 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-13 14:58 - 2018-05-20 13:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-06-13 14:58 - 2018-05-20 13:25 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-06-13 14:58 - 2018-05-20 13:25 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-06-13 14:58 - 2018-05-20 13:24 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-13 14:58 - 2018-05-20 13:21 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-13 14:58 - 2018-05-20 13:21 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-13 14:58 - 2018-05-20 13:16 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-13 14:58 - 2018-05-20 13:16 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-13 14:58 - 2018-05-20 13:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-13 14:58 - 2018-05-20 13:15 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-06-13 14:58 - 2018-05-20 13:15 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-06-13 14:58 - 2018-05-20 13:14 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-06-13 14:58 - 2018-05-20 13:14 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-13 14:58 - 2018-05-20 13:13 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-06-13 14:58 - 2018-05-20 13:12 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-13 14:58 - 2018-05-20 13:11 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-13 14:58 - 2018-05-20 10:26 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-06-13 14:58 - 2018-05-18 19:08 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-06-09 16:44 - 2018-06-09 17:18 - 501032960 _____ C:\Users\UZIVATEL\Downloads\The Fall-01x03.díl.avi
2018-06-09 16:44 - 2018-06-09 17:18 - 501000192 _____ C:\Users\UZIVATEL\Downloads\The Fall-01x01.díl.avi
2018-06-09 16:44 - 2018-06-09 17:17 - 500994048 _____ C:\Users\UZIVATEL\Downloads\The Fall-01x02.díl.avi
2018-06-09 16:31 - 2018-06-09 17:57 - 1440678968 _____ C:\Users\UZIVATEL\Downloads\! Krajinou domova, 2-8, České středohoří.ts
2018-06-08 11:07 - 2018-06-08 11:07 - 000022860 _____ C:\Users\UZIVATEL\Desktop\Seznam_pro_miminko.xlsx
2018-06-06 22:38 - 2018-06-06 22:38 - 000002016 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2018-06-06 22:38 - 2018-06-06 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-06-06 22:38 - 2018-06-06 22:38 - 000000000 ____D C:\ProgramData\ESET
2018-06-06 13:19 - 2018-07-04 14:30 - 000015848 _____ C:\Users\UZIVATEL\Desktop\A-mužstvo příprava léto 2018.xlsx
2018-06-04 11:21 - 2018-06-04 11:30 - 153695346 _____ C:\Users\UZIVATEL\Downloads\Nejšťastnější-miminko-v-okolí---Harvey-Karp.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-04 20:28 - 2018-01-01 21:38 - 000000000 ____D C:\Users\UZIVATEL\AppData\LocalLow\Mozilla
2018-07-04 20:03 - 2018-05-26 14:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-04 20:03 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-04 20:03 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-04 19:42 - 2018-05-26 14:41 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-04 19:42 - 2018-04-12 17:50 - 000717712 _____ C:\WINDOWS\system32\perfh005.dat
2018-07-04 19:42 - 2018-04-12 17:50 - 000144954 _____ C:\WINDOWS\system32\perfc005.dat
2018-07-04 19:42 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-04 19:37 - 2017-01-19 01:14 - 000000184 _____ C:\Users\UZIVATEL\AppData\Roaming\sp_data.sys
2018-07-04 19:36 - 2018-05-26 14:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-04 19:36 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-07-04 19:36 - 2017-01-19 00:26 - 000000000 __SHD C:\Users\UZIVATEL\IntelGraphicsProfiles
2018-07-04 18:44 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-04 15:18 - 2018-01-13 19:22 - 000000000 ____D C:\Users\UZIVATEL\AppData\Local\Packages
2018-07-04 14:36 - 2017-12-30 19:11 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Dopisy pan Jícha
2018-07-04 12:30 - 2018-01-01 21:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-04 12:30 - 2018-01-01 21:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-04 10:06 - 2018-01-01 21:38 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-07-03 18:16 - 2017-01-19 01:42 - 000000000 ____D C:\Users\UZIVATEL\AppData\Roaming\vlc
2018-07-03 10:12 - 2017-12-30 19:12 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Hráči
2018-07-03 10:06 - 2018-01-05 23:50 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Ostatní
2018-07-03 09:34 - 2018-01-13 16:31 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Movies
2018-07-03 09:33 - 2017-12-30 19:11 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Dopisy
2018-07-03 09:32 - 2018-05-20 21:13 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Byt Brechtova
2018-07-03 09:31 - 2017-02-07 11:25 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Licence
2018-07-03 09:30 - 2017-12-30 19:14 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Zasedání
2018-07-02 08:02 - 2018-05-15 14:05 - 000016817 _____ C:\Users\UZIVATEL\Desktop\Termínová listina podzim 2018.xlsx
2018-07-01 21:24 - 2018-04-08 20:53 - 000000000 ____D C:\Users\UZIVATEL\Downloads\Nová složka
2018-06-29 22:14 - 2017-01-19 01:46 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-06-29 22:14 - 2017-01-19 01:46 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-06-29 22:14 - 2017-01-19 01:46 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-06-29 22:14 - 2017-01-19 01:46 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-06-29 22:14 - 2017-01-19 01:46 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-06-29 22:14 - 2017-01-19 01:46 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-06-29 22:14 - 2017-01-19 01:46 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-06-29 22:13 - 2017-01-19 01:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-06-27 19:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-26 10:57 - 2018-01-08 15:48 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Ost
2018-06-26 10:18 - 2018-05-26 14:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-26 09:32 - 2017-01-19 01:21 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-22 20:46 - 2018-05-26 14:41 - 000003384 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3478384942-2814482159-1948803514-1001
2018-06-22 20:46 - 2018-05-26 14:34 - 000002400 _____ C:\Users\UZIVATEL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-22 20:46 - 2017-01-19 00:24 - 000000000 ___RD C:\Users\UZIVATEL\OneDrive
2018-06-18 15:04 - 2017-01-19 01:28 - 000000000 ____D C:\Users\UZIVATEL\AppData\Local\Adobe
2018-06-18 15:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-18 15:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-18 13:38 - 2014-01-02 14:47 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Tabulky
2018-06-13 18:58 - 2018-01-13 19:28 - 000000000 ___RD C:\Users\UZIVATEL\3D Objects
2018-06-13 18:58 - 2017-01-19 00:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-13 18:57 - 2018-05-26 14:32 - 000398680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-06-13 18:56 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-13 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-13 18:56 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-13 15:05 - 2017-01-19 00:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-13 15:03 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-13 15:03 - 2017-12-30 19:09 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 15:03 - 2017-01-19 00:51 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-09 16:50 - 2018-05-28 16:31 - 000000000 ____D C:\Users\UZIVATEL\AppData\Local\D3DSCache
2018-06-09 09:09 - 2018-05-26 14:41 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-06-08 12:13 - 2017-01-19 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2018-06-08 12:13 - 2017-01-19 01:50 - 000000000 ____D C:\Program Files\KMSpico
2018-06-07 09:26 - 2017-01-19 01:57 - 000000000 ____D C:\Users\UZIVATEL\AppData\Local\ESET
2018-06-06 22:48 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-06-06 22:38 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-06-06 22:38 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-06-06 22:38 - 2017-01-19 01:56 - 000000000 ____D C:\Program Files\ESET
2018-06-06 22:38 - 2017-01-19 00:52 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-06-06 20:16 - 2018-01-05 23:44 - 000000000 ____D C:\Users\UZIVATEL\Desktop\Disk
2018-06-06 01:29 - 2018-04-12 01:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-06 01:29 - 2018-04-12 01:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-01-19 01:14 - 2018-07-04 19:37 - 000000184 _____ () C:\Users\UZIVATEL\AppData\Roaming\sp_data.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-26 14:32

==================== End of FRST.txt ============================

[curt-xx]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by UZIVATEL (04-07-2018 20:35:56)
Running from C:\Users\UZIVATEL\Desktop
Windows 10 Home Version 1803 17134.112 (X64) (2018-05-26 12:41:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3478384942-2814482159-1948803514-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3478384942-2814482159-1948803514-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3478384942-2814482159-1948803514-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3478384942-2814482159-1948803514-501 - Limited - Disabled)
UZIVATEL (S-1-5-21-3478384942-2814482159-1948803514-1001 - Administrator - Enabled) => C:\Users\UZIVATEL
WDAGUtilityAccount (S-1-5-21-3478384942-2814482159-1948803514-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{5013D154-A876-4AE4-B4A6-43C3B39BF174}) (Version: 20.8.20117.44411 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5013D154-A876-4AE4-B4A6-43C3B39BF174}) (Version: 20.8.20117.44411 - Alcor Micro Corp.)
ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.14 - ASUS)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0042 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.142 - ICEpower a/s)
Balíček ovladače systému Windows - ASUS (AsusPTPDrv) HIDClass (02/25/2016 11.0.0.8) (HKLM\...\C876BE7978CF162DC7BA3966A7B8C3A1A33FFB83) (Version: 02/25/2016 11.0.0.8 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.34.52 - Conexant)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10604.207 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d4874f67-8c81-475b-91e0-8de9b2892499}) (Version: 10.1.1.12 - Intel(R) Corporation) Hidden
Intel® Integrated Sensor Solution (HKLM-x32\...\{755abcd0-2942-482b-a27d-22921a5849f0}) (Version: 3.0.14.3056 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{7E28859E-AD3D-4FC2-8D70-E345F8C87722}) (Version: 3.0.14.3056 - Intel Corporation) Hidden
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3478384942-2814482159-1948803514-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Mozilla Firefox 61.0 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0 (x64 en-US)) (Version: 61.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.6.34 - Nike)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
OpenVPN 2.4.4-I601 (HKLM\...\OpenVPN) (Version: 2.4.4-I601 - OpenVPN Technologies, Inc.)
PrimoPDF -- by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5.0.0.19 - Nitro PDF Software)
Software602 Form Filler (HKLM-x32\...\{04703FE3-1A8B-4467-88E6-3D6A1A0FA65A}) (Version: 4.70 - Software602 a.s.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.52a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1F3E59DD-7DCE-4103-9528-57DA43134312}) (Version: 2.9.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xml Viewer (HKLM-x32\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-19] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AF4F696-437B-4602-B190-5E7751D6243E} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {18F7D908-5B76-4024-8312-DAB332088D76} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-29] (Microsoft Corporation)
Task: {197B9C85-4FA2-44F5-88B2-BBB147BC907A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {199ED160-D876-4C58-8F66-CD185C261641} - System32\Tasks\CheckFlipService => C:\Program Files\ASUS\ASUS FlipLock\CheckFlipService.exe [2015-11-18] ()
Task: {3DB73CA5-2719-4DC8-9111-1BEFFA9401A0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-29] (Microsoft Corporation)
Task: {424E2C1A-17EE-4EA2-B8D1-6FCC2C87DDBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-19] (Google Inc.)
Task: {44B4F900-9F7F-46FE-B37A-D5AA9FE62DF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {4A8F3A13-422D-45CC-A94A-D7DCB9DD9B79} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-29] (Microsoft Corporation)
Task: {4B2032C7-6C59-42A0-A859-A3A3EA95AAC8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {5489D555-C3E0-4E26-AD12-0C81BD44776B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {688450FB-3E53-46C5-B67A-A8AE7C6C1E8E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {7093AF27-8EF3-4CFE-BED8-8DEED5E965BF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-29] (Microsoft Corporation)
Task: {758CC3FF-E5ED-45A5-8B15-C205450ECCC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-19] (Google Inc.)
Task: {98883004-641F-4BB5-8353-95B253869CCB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A7ECF434-6756-4742-B633-7E80FC48FBFC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {B812ACBD-181A-4966-861C-178D407652FE} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-06-29] (Microsoft Corporation)
Task: {B98E1C89-965B-4D76-BB96-A02704893232} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-20] (Microsoft Corporation)
Task: {BFB0AF45-4447-4FC7-BA3A-8748D77D64F4} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {C0881283-6D0E-4C9F-8C29-C171EFB911C3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-20] (Microsoft Corporation)
Task: {C7D58BBB-A97D-47F4-8C75-6DB704E5346F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-18] (Adobe Systems Incorporated)
Task: {D11BF240-F3A2-4A67-A6CB-4C6AF3C6B326} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {D89437F7-4F2B-4D07-98FA-26428A04A11F} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-12-02] (ASUS)
Task: {E9824745-E690-4FAB-AD0A-2AA6F7E8EC9F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {EF444C7E-7278-48D2-B80A-2E608B0FEB5A} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {F0BDAB5A-4917-4810-96E8-A96A8A897FAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-18] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-01-19 01:39 - 2009-07-31 03:58 - 000090624 _____ () C:\WINDOWS\System32\Primomonnt.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-13 14:59 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-11-18 13:46 - 2015-11-18 13:46 - 000016312 _____ () C:\Program Files\ASUS\ASUS FlipLock\FlipControlPTP.exe
2015-11-18 13:46 - 2015-11-18 13:46 - 000028088 _____ () C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
2018-05-23 09:18 - 2018-05-23 09:19 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 09:18 - 2018-05-23 09:19 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 09:18 - 2018-05-23 09:19 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 09:18 - 2018-05-23 09:19 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-23 09:18 - 2018-05-23 09:18 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-09-26 12:07 - 2017-09-26 12:07 - 000643200 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2015-11-18 13:46 - 2015-11-18 13:46 - 000018872 _____ () C:\Program Files\ASUS\ASUS FlipLock\WifiPowerManager.exe
2018-06-22 10:24 - 2018-06-22 10:40 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-06-22 10:24 - 2018-06-22 10:24 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-22 10:24 - 2018-06-22 10:40 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-06-08 09:28 - 2018-06-08 09:29 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-08 09:28 - 2018-06-08 09:29 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-01-13 20:01 - 2018-01-13 20:01 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-30 09:05 - 2018-05-30 09:07 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-04-26 14:11 - 2018-04-26 14:11 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-30 09:05 - 2018-05-30 09:06 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-30 09:05 - 2018-05-30 09:07 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-05 14:06 - 2018-04-05 14:07 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-08 09:28 - 2018-06-08 09:30 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-30 09:05 - 2018-05-30 09:06 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-08 09:28 - 2018-06-08 09:28 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 09:05 - 2018-05-30 09:07 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-05-30 09:05 - 2018-05-30 09:07 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-30 09:05 - 2018-05-30 09:06 - 000103424 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-05-30 09:05 - 2018-05-30 09:07 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-05 14:06 - 2018-04-05 14:07 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-06-08 09:28 - 2018-06-08 09:30 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-27 13:04 - 2018-05-27 13:04 - 004193792 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1805.1201.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-05-03 09:35 - 2018-05-03 09:35 - 000634880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1805.1201.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-05-31 13:39 - 2018-05-31 13:41 - 001280176 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2015-12-02 19:01 - 2015-12-02 19:01 - 000027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-12-02 19:01 - 2015-12-02 19:01 - 000124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-02 19:01 - 2015-12-02 19:01 - 000029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2015-11-18 13:46 - 2015-11-18 13:46 - 000009216 _____ () C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3478384942-2814482159-1948803514-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "egui"
HKLM\...\StartupApproved\Run32: => "Nike+ Connect"
HKU\S-1-5-21-3478384942-2814482159-1948803514-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3478384942-2814482159-1948803514-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BF7D136F-E9A9-457E-8756-101DB3D04C01}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{997E52DA-D06F-49E8-9F07-426EE392BF9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{43064395-D692-45DF-A369-1CD9954341AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{82C180E2-B968-488E-988A-BE412CA604B9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{CC126CA7-8104-4C54-BB7C-B3FEFFB23C4A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{D13368AB-0DF1-4A9A-8E5C-DA00E4E09D60}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{8BC074A6-8379-4BF4-8ED3-7409D0897BDA}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{FD3C5A8F-E6C8-4DEA-A3DD-8184B9A62D9B}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{57A2BA08-B2BD-408A-B8CC-96A063A387A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{12C910CA-E283-4AD6-95D3-443024C412D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B867E928-DD4F-4741-BBF9-7AEEFA6A600A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{19C7E4D2-1C1D-4966-AEF6-4958CACE67CE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FF468B60-7114-4658-BD20-F92C5BFE6A42}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2018 07:28:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17134.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 18a8

Čas spuštění: 01d413bc531ecdcc

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 7b2b09fb-96e0-4862-9a77-0d33f9800e67

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (07/04/2018 06:55:27 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10604.207) TYPE: ERROR

DPTF Build Version: 8.1.10604.207
DPTF Build Date: Sep 14 2015 13:13:11
Source File: ..\..\..\Sources\Manager\WIPolicyPassiveTableChanged.cpp @ line 52
Executing Function: WIPolicyPassiveTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyPassiveTableChanged [37]
Policy: Passive Policy 2 [0]
Exception Function: Policy::executePolicyPassiveTableChanged
Exception Text:

DPTF Build Version: 8.1.10604.207
DPTF Build Date: Sep 14 2015 13:13:11
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_PASSIVE_RELATIONSHIP_TABLE [234]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]

Error: (07/03/2018 08:04:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WINWORD.EXE verze 16.0.10228.20080 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 8e4

Čas spuštění: 01d412f5cabfb725

Čas ukončení: 14

Cesta k aplikaci: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE

ID hlášení: 24314b1e-574c-4049-b840-d19f2d22c583

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (07/03/2018 05:58:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17134.112 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1c4

Čas spuštění: 01d412e6a45ac779

Čas ukončení: 14

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

ID hlášení: f182bd9d-34eb-4fe8-849d-ebe8956fd42f

Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: ContentProcess

Error: (07/03/2018 05:58:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17134.112 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 3ebc

Čas spuštění: 01d412e694a3fa6c

Čas ukončení: 1481

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

ID hlášení: b13aa546-66ec-4f64-89e6-0c5d13c9acfd

Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: ContentProcess

Error: (07/03/2018 05:58:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17134.112 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2fbc

Čas spuštění: 01d412e6908f204e

Čas ukončení: 4563

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

ID hlášení: 66172dc5-9a8e-4913-9bae-80b5fb34c4db

Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: ContentProcess

Error: (07/03/2018 05:57:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17134.112 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 3a80

Čas spuštění: 01d412e6810217a8

Čas ukončení: 4501

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

ID hlášení: 90176a3f-b894-4036-9656-f2a407779be8

Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: ContentProcess

Error: (07/03/2018 05:57:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17134.112 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 24c8

Čas spuštění: 01d412e67d963a7d

Čas ukončení: 2625

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

ID hlášení: ccba34e5-9250-450f-b452-fedd3adb7eda

Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: ContentProcess


System errors:
=============
Error: (07/04/2018 08:27:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-PD6FU82)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-PD6FU82\UZIVATEL (SID: S-1-5-21-3478384942-2814482159-1948803514-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/04/2018 08:26:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-PD6FU82)
Description: Server Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe!Microsoft.ZuneVideo.AppXjgy0dfr6tssa93yj5px65cbv2gsc8r39.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/04/2018 07:38:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/04/2018 07:38:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/04/2018 07:36:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/04/2018 07:36:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/04/2018 07:36:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/04/2018 07:36:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2018-07-04 20:27:08.411
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E50582B1-CC85-4F35-8B3F-2523CBB94756}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-04 20:21:35.705
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {150F97CC-24C4-4ACB-A980-E112D16CADF8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-04 20:10:20.342
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\UZIVATEL\AppData\Local\Temp\8Peu2zjQ.exe.part
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-PD6FU82\UZIVATEL
Název procesu: C:\Program Files\Mozilla Firefox\firefox.exe
Verze podpisu: AV: 1.271.488.0, AS: 1.271.488.0, NIS: 1.271.488.0
Verze modulu: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-04 20:04:56.433
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2D03DB13-7A9B-4117-BF99-EE08598F2E4D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-03 13:57:19.671
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8A7B7210-7DDA-4CE3-8F3E-3906F78A206B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-22 18:17:46.495
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2018-06-18 09:15:46.370
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) m3-6Y30 CPU @ 0.90GHz
Percentage of memory in use: 43%
Total physical RAM: 3992.29 MB
Available physical RAM: 2236.52 MB
Total Virtual: 7064.29 MB
Available Virtual: 4738.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.69 GB) (Free:26.84 GB) NTFS

\\?\Volume{42e8125a-a59c-41b3-b6f2-54c15e63b7a5}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{cd05e90d-066e-4e59-a179-97219999981a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 75DADD4E)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {424E2C1A-17EE-4EA2-B8D1-6FCC2C87DDBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-19] (Google Inc.)
Task: {758CC3FF-E5ED-45A5-8B15-C205450ECCC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-19] (Google Inc.)
Task: {98883004-641F-4BB5-8353-95B253869CCB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[curt-xx]

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by UZIVATEL (04-07-2018 21:35:49) Run:1
Running from C:\Users\UZIVATEL\Desktop
Loaded Profiles: UZIVATEL (Available Profiles: defaultuser0 & UZIVATEL)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {424E2C1A-17EE-4EA2-B8D1-6FCC2C87DDBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-19] (Google Inc.)
Task: {758CC3FF-E5ED-45A5-8B15-C205450ECCC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-19] (Google Inc.)
Task: {98883004-641F-4BB5-8353-95B253869CCB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{424E2C1A-17EE-4EA2-B8D1-6FCC2C87DDBB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{424E2C1A-17EE-4EA2-B8D1-6FCC2C87DDBB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{758CC3FF-E5ED-45A5-8B15-C205450ECCC3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{758CC3FF-E5ED-45A5-8B15-C205450ECCC3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98883004-641F-4BB5-8353-95B253869CCB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98883004-641F-4BB5-8353-95B253869CCB}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 153025490 B
Java, Flash, Steam htmlcache => 1139 B
Windows/system/drivers => 5863203 B
Edge => 229253259 B
Chrome => 57672572 B
Firefox => 382544801 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 11908 B
NetworkService => 0 B
defaultuser0 => 0 B
UZIVATEL => 201095055 B

RecycleBin => 1776245 B
EmptyTemp: => 991 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:37:41 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[curt-xx]

Od té doby nic, ale na druhou stranu jsem ntb moc nezatěžoval kazdopadne moc dekuji, uvidime v dalsich dnech, zda uz bude vse ok

[Rudy]

OK. Nechám to tu zatím otevřené. Zatím není zač!

[curt-xx]

Tak dnes ntb bohužel zase naběhl pouze do černé obrazovky, dke ale bez problému běhá kursor. Po stisku ctr alt del se dostanu do nabídky i na vypn utí či restart ntb, což jediné pomáhalo. tentokrát se ntb při restartu sekl úplně a musel jsem jej pak vypnout natvrdo.

[Rudy]

Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. Vidím to ale spíš na nějakou systémovou chybu.

[curt-xx]

Níže zasílám scan. Pokud by slo o systemovou vec, co pro to pripadne mohu udelat v domacich podminkach? /Predem moc dekuji

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 08.07.18
Čas skenování: 11:47
Logovací soubor: fbe02184-8293-11e8-8c94-a434d9ea2bde.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.374
Aktualizovat verzi balíku komponent: 1.0.5819
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 17134.112)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-PD6FU82\UZIVATEL

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 309229
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 2 min, 50 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Rudy]

Jak je vidět, virový problém to není, log je čistý. Zkuste obnovu systému k datu, kdy korektně fungoval.