Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

vyskakovaci okna

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Zdenislav
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 22 dub 2006 14:24

vyskakovaci okna

#1 Příspěvek od Zdenislav »

Zdravim,vyskakujou mi tyto okna když chci otevřit chrome,mužete mi prosím pomoct.
Díky.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdeněk at 2018-10-31 23:49:13
Microsoft Windows 10 Home
System drive C: has 57 GB (47%) free of 121 GB
Total RAM: 16307 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:49:14, on 31.10.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
D:\Instalace her\world of tanks\WargamingGameUpdater.exe
C:\Users\Zdeněk\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Zdeněk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [World of Tanks] "D:\Instalace her\world of tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Zdeněk\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{550529d2-17b8-4077-b22f-01918cbcd69f}: NameServer = 192.168.1.1
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Intel(R) Driver and Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Microsoft SharePoint Workspace Audit Service - Unknown owner - C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - D:\Instalace her\Airbone\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Protected Service (vsservp) - Unknown owner - C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 14997 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
dashost.exe {978f0d6b-bdc3-4976-9c9215b62d138040}
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
c:\windows\system32\svchost.exe -k localservice -p -s PhoneSvc
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding

c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"D:\Instalace her\Airbone\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
ClassicStartMenu.exe -startup
igfxEM.exe
igfxHK.exe
igfxTray.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"D:\Instalace her\world of tanks\WargamingGameUpdater.exe"
"C:\Users\Zdeněk\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s fhsvc
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
C:\WINDOWS\system32\HPSIsvc.exe
"C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.99 --initial-client-data=0x364,0x368,0x374,0x370,0x378,0x7ffb83163228,0x7ffb83163238,0x7ffb83163248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2380 --on-initialized-event-handle=992 --parent-handle=996 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1572,15983779808612084976,7307737418718140883,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=4928AB2E7F71B0E3BD46BF24C3889028 --mojo-platform-channel-handle=1668 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,15983779808612084976,7307737418718140883,131072 --service-pipe-token=7C1852E45C1F45B2D895B1E4C5352410 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=7C1852E45C1F45B2D895B1E4C5352410 --renderer-client-id=3 --mojo-platform-channel-handle=3260 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,15983779808612084976,7307737418718140883,131072 --service-pipe-token=4D74A3EC8D5AF6BFF6B0A465523D5E4C --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=4D74A3EC8D5AF6BFF6B0A465523D5E4C --renderer-client-id=4 --mojo-platform-channel-handle=3588 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,15983779808612084976,7307737418718140883,131072 --service-pipe-token=93E6CF33753DFB67EAA4A7DE2CE029CC --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=93E6CF33753DFB67EAA4A7DE2CE029CC --renderer-client-id=5 --mojo-platform-channel-handle=3744 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,15983779808612084976,7307737418718140883,131072 --service-pipe-token=5505C8741A814B6B9D840851FDBBB610 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5505C8741A814B6B9D840851FDBBB610 --renderer-client-id=6 --mojo-platform-channel-handle=3856 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,15983779808612084976,7307737418718140883,131072 --service-pipe-token=B7D9267CF69A8AEC32553BA35CD90A26 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=B7D9267CF69A8AEC32553BA35CD90A26 --renderer-client-id=15 --mojo-platform-channel-handle=1180 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,15983779808612084976,7307737418718140883,131072 --service-pipe-token=465A076A9C5330E463C7590BE0602305 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=465A076A9C5330E463C7590BE0602305 --renderer-client-id=26 --mojo-platform-channel-handle=2976 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1572,15983779808612084976,7307737418718140883,131072 --lang=cs --service-sandbox-type=utility --service-request-channel-token=11C00D72664742136C0E2E9B7F165498 --mojo-platform-channel-handle=5888 --ignored=" --type=renderer " /prefetch:8
C:\WINDOWS\system32\AUDIODG.EXE 0x5c0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,15983779808612084976,7307737418718140883,131072 --service-pipe-token=F173C14C2013BD36EA93CC06C201960B --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=F173C14C2013BD36EA93CC06C201960B --renderer-client-id=44 --mojo-platform-channel-handle=8456 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1572,15983779808612084976,7307737418718140883,131072 --service-pipe-token=200E5EED8D74EBD4F2017ED53E54BC56 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=200E5EED8D74EBD4F2017ED53E54BC56 --renderer-client-id=46 --mojo-platform-channel-handle=9240 /prefetch:1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv

C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2861560486-2024932042-3958806256-10017_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2861560486-2024932042-3958806256-10017 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Zdeněk\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.122 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.191.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.122 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-07-12 527928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30 883160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30 550360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-07-12 453688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30 759768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18 480120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18 194424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30 505816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30 883160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30 759768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26 13672152]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2016-07-30 163800]
"CL-22-B4ADED13-2FD4-4CC3-9FAB-96B990F5AAA0"=C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-22-B4ADED13-2FD4-4CC3-9FAB-96B990F5AAA0\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-22-B4ADED13-2FD4-4CC3-9FAB-96B990F5AAA0\Installer.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2017-08-05 4014136]
"World of Tanks"=D:\Instalace her\world of tanks\WargamingGameUpdater.exe [2018-06-25 3139936]
"OneDrive"=C:\Users\Zdeněk\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-10-15 1538656]
"PeerBlock"=C:\Program Files\PeerBlock\peerblock.exe [2014-01-14 2513992]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [2017-01-09 680520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-10-06 601424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1
"EnableSecureUIAPath"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-10-31 23:48:02 ----D---- C:\rsit
2018-10-31 23:48:02 ----D---- C:\Program Files\trend micro
2018-10-31 23:46:57 ----D---- C:\FRST
2018-10-31 23:28:08 ----HD---- C:\OneDriveTemp
2018-10-31 23:27:49 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2018-10-31 23:14:21 ----D---- C:\WINDOWS\SYSWOW64\qfuywrai
2018-10-31 23:13:44 ----D---- C:\Users\Zdeněk\AppData\Roaming\juvy05izx2c
2018-10-31 23:13:36 ----D---- C:\Program Files (x86)\Backs
2018-10-31 23:09:35 ----A---- C:\ProgramData\Bautr.exe
2018-10-31 22:26:59 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2018-10-21 17:41:27 ----D---- C:\Program Files (x86)\HiSuite
2018-10-10 18:31:31 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 18:31:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 18:31:29 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-10-10 18:31:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-10-10 18:31:04 ----A---- C:\WINDOWS\system32\shell32.dll
2018-10-10 18:31:03 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-10-10 18:31:02 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-10-10 18:31:02 ----A---- C:\WINDOWS\system32\wininet.dll
2018-10-10 18:31:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 18:31:01 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-10-10 18:31:01 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 18:31:01 ----A---- C:\WINDOWS\system32\InputService.dll
2018-10-10 18:31:01 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-10-10 18:31:00 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-10-10 18:31:00 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-10-10 18:30:59 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-10-10 18:30:59 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-10-10 18:30:59 ----A---- C:\WINDOWS\system32\msftedit.dll
2018-10-10 18:30:59 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-10 18:30:59 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 18:30:58 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-10-10 18:30:58 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-10-10 18:30:58 ----A---- C:\WINDOWS\system32\twinui.dll
2018-10-10 18:30:58 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-10 18:30:58 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-10-10 18:30:58 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 18:30:58 ----A---- C:\WINDOWS\system32\dosvc.dll
2018-10-10 18:30:58 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-10-10 18:30:57 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-10-10 18:30:57 ----A---- C:\WINDOWS\system32\wmp.dll
2018-10-10 18:30:57 ----A---- C:\WINDOWS\system32\winmsipc.dll
2018-10-10 18:30:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-10-10 18:30:57 ----A---- C:\WINDOWS\system32\msctf.dll
2018-10-10 18:30:57 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-10-10 18:30:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-10-10 18:30:56 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-10-10 18:30:56 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2018-10-10 18:30:56 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-10-10 18:30:56 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2018-10-10 18:30:56 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-10-10 18:30:56 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-10-10 18:30:56 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-10-10 18:30:56 ----A---- C:\WINDOWS\system32\aepic.dll
2018-10-10 18:30:56 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-10-10 18:30:55 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2018-10-10 18:30:55 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2018-10-10 18:30:55 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-10-10 18:30:55 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2018-10-10 18:30:55 ----A---- C:\WINDOWS\system32\wsp_health.dll
2018-10-10 18:30:55 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-10 18:30:55 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-10 18:30:55 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-10-10 18:30:55 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-10-10 18:30:55 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-10-10 18:30:55 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-10-10 18:30:55 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-10 18:30:54 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2018-10-10 18:30:54 ----A---- C:\WINDOWS\SYSWOW64\winmsipc.dll
2018-10-10 18:30:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2018-10-10 18:30:54 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-10-10 18:30:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-10-10 18:30:54 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-10-10 18:30:54 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-10-10 18:30:54 ----A---- C:\WINDOWS\system32\WWAHost.exe
2018-10-10 18:30:54 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-10 18:30:54 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-10-10 18:30:54 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2018-10-10 18:30:54 ----A---- C:\WINDOWS\system32\kerberos.dll
2018-10-10 18:30:54 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-10-10 18:30:54 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-10-10 18:30:54 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-10-10 18:30:54 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-10-10 18:30:54 ----A---- C:\WINDOWS\system32\devinv.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\SYSWOW64\SmartcardCredentialProvider.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\system32\schannel.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\system32\rpcss.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\system32\invagent.dll
2018-10-10 18:30:53 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\wpnapps.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\win32spl.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\usocore.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\ubpm.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\fveapi.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\clusapi.dll
2018-10-10 18:30:52 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\resutils.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\msxml3.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\dafBth.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\cryptui.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 18:30:51 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.XamlHost.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\winresume.exe
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\winload.exe
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\psmsrv.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\evr.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2018-10-10 18:30:50 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\winipcsecproc.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\winipcfile.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\sechost.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\scksp.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\mfps.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\das.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\bthserv.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\basecsp.dll
2018-10-10 18:30:49 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\winipcsecproc.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\winipcfile.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\system32\user32.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 18:30:48 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 18:30:48 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-10-10 18:30:48 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2018-10-10 18:30:48 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-10-10 18:30:48 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2018-10-10 18:30:48 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-10-10 18:30:48 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-10-10 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\wmpshell.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Proximity.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\fdBth.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\wmpshell.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\thumbcache.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\themeui.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\SCardBi.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\ProximityService.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\itss.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\fdBth.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-10-10 18:30:47 ----A---- C:\WINDOWS\system32\aclui.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\INETRES.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\dtdump.exe
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\utcutil.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\SCardSvr.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\runexehelper.exe
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\INETRES.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\drivers\Dumpstorport.sys
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\certprop.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\bthci.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\bdesvc.dll
2018-10-10 18:30:46 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll

======List of files/folders modified in the last 1 month======

2018-10-31 23:48:06 ----D---- C:\WINDOWS\Prefetch
2018-10-31 23:48:06 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-10-31 23:48:02 ----RD---- C:\Program Files
2018-10-31 23:47:56 ----D---- C:\Users\Zdeněk\AppData\Roaming\DMCache
2018-10-31 23:47:40 ----D---- C:\Windows
2018-10-31 23:34:39 ----D---- C:\WINDOWS\System32
2018-10-31 23:34:39 ----D---- C:\WINDOWS\INF
2018-10-31 23:34:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-31 23:28:03 ----D---- C:\ProgramData\NVIDIA
2018-10-31 23:27:49 ----D---- C:\WINDOWS\system32\drivers
2018-10-31 23:27:49 ----D---- C:\WINDOWS\system32\catroot2
2018-10-31 23:27:47 ----D---- C:\WINDOWS\Temp
2018-10-31 23:27:47 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-31 23:27:46 ----D---- C:\WINDOWS\system32\sru
2018-10-31 23:22:49 ----D---- C:\WINDOWS\system32\Tasks
2018-10-31 23:21:06 ----AD---- C:\Program Files (x86)\TeamViewer
2018-10-31 23:18:36 ----AD---- C:\ProgramData\Temp
2018-10-31 23:17:32 ----HD---- C:\ProgramData
2018-10-31 23:17:30 ----RD---- C:\Program Files (x86)
2018-10-31 23:14:21 ----D---- C:\WINDOWS\SysWOW64
2018-10-31 23:14:07 ----D---- C:\WINDOWS\Tasks
2018-10-31 23:13:52 ----HD---- C:\WINDOWS\system32\GroupPolicy
2018-10-31 23:00:51 ----D---- C:\WINDOWS\system32\SleepStudy
2018-10-31 22:26:55 ----D---- C:\ProgramData\Malwarebytes
2018-10-31 22:24:49 ----D---- C:\WINDOWS\AppReadiness
2018-10-31 22:24:42 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-31 22:24:42 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-10-31 21:43:30 ----D---- C:\WINDOWS\system32\LogFiles
2018-10-31 21:43:30 ----D---- C:\WINDOWS\Logs
2018-10-31 21:43:17 ----RD---- C:\WINDOWS\Microsoft.NET
2018-10-31 21:15:17 ----HD---- C:\Program Files\WindowsApps
2018-10-21 19:11:21 ----D---- C:\WINDOWS\system32\config
2018-10-21 17:52:23 ----D---- C:\WINDOWS\WinSxS
2018-10-21 17:41:31 ----D---- C:\WINDOWS\system32\DriverStore
2018-10-18 17:35:47 ----SHDC---- C:\WINDOWS\Installer
2018-10-18 17:35:47 ----SHD---- C:\Config.Msi
2018-10-18 17:35:47 ----D---- C:\Program Files (x86)\Java
2018-10-18 17:35:46 ----D---- C:\Program Files (x86)\Common Files
2018-10-18 17:35:06 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2018-10-16 18:01:12 ----D---- C:\WINDOWS\system32\CatRoot
2018-10-16 17:04:05 ----D---- C:\WINDOWS\CbsTemp
2018-10-16 16:53:19 ----D---- C:\ProgramData\Packages
2018-10-11 20:08:02 ----RSD---- C:\WINDOWS\assembly
2018-10-11 18:45:03 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-10-11 18:45:03 ----D---- C:\WINDOWS\system32\Macromed
2018-10-10 20:02:56 ----D---- C:\WINDOWS\TextInput
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-10-10 20:02:56 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\zu-ZA
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\yo-NG
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\xh-ZA
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\wo-SN
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\wbem
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\tn-ZA
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\ti-ET
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\ShellExperiences
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\rw-RW
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\nso-ZA
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\migration
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\ig-NG
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\en-US
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\cs-CZ
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\Boot
2018-10-10 20:02:55 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-10-10 20:02:54 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-10-10 20:02:54 ----RD---- C:\Program Files\Windows Defender
2018-10-10 20:02:54 ----D---- C:\WINDOWS\bcastdvr
2018-10-10 20:02:54 ----D---- C:\WINDOWS\apppatch
2018-10-10 20:02:54 ----D---- C:\Program Files\Windows Media Player
2018-10-10 20:02:54 ----D---- C:\Program Files\internet explorer
2018-10-10 20:02:54 ----D---- C:\Program Files (x86)\Windows Media Player
2018-10-10 20:02:54 ----D---- C:\Program Files (x86)\Windows Defender
2018-10-10 20:02:54 ----D---- C:\Program Files (x86)\Internet Explorer
2018-10-10 18:48:29 ----D---- C:\WINDOWS\system32\MRT
2018-10-10 18:46:52 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-10-10 18:46:03 ----D---- C:\ProgramData\Microsoft Help
2018-10-10 18:44:05 ----A---- C:\WINDOWS\win.ini
2018-10-06 12:05:23 ----AD---- C:\Program Files\PeerBlock
2018-10-06 12:04:15 ----D---- C:\WINDOWS\system32\NDF
2018-10-02 21:13:10 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-04-29 35016]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2013-09-30 19152]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 BstkDrv;BlueStacks Plus Hypervisor; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [2016-04-06 270904]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 IDMWFP;IDMWFP; C:\WINDOWS\system32\DRIVERS\idmwfp.sys [2017-08-05 225568]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-04-12 43520]
R2 npf;NetGroup Packet Filter Driver; \??\C:\WINDOWS\system32\drivers\npf.sys [2017-10-08 36600]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2018-04-12 4233728]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2018-04-12 198144]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-04-12 106496]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2018-04-12 48640]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 busenum;@oem5.inf,%busenum.SVCDESC%;Synology Virtual USB Hub; C:\WINDOWS\System32\drivers\busenum.sys [2012-08-03 57824]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 dtlitescsibus;@oem17.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-10 30264]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-12-19 7969760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-06-03 3986392]
R3 iwdbus;@oem22.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-06-26 39480]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2018-10-31 260384]
R3 MEIx64;@oem26.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-29 184096]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Ovladač přenosů Avrcp protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [2018-04-12 46592]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [2017-05-18 14456920]
R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-10-11 50624]
R3 nvvhci;@oem23.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-10-11 57976]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-04-12 604160]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2016-04-12 154680]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys [2016-05-16 44640]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-09-08 1096704]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 ew_usbccgpfilter;@oem38.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2018-08-23 18944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-09-20 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-06-26 50232]
S3 IntcDAud;@oem56.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 LMDriver;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2013-07-18 21360]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 mvusbews;@oem53.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-11-08 19968]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-10-11 30328]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys [2013-09-30 12504]
S3 RadioShim;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2013-07-18 14680]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RSUSBVSTOR;@oem25.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2014-03-27 331992]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2015-06-04 21984]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-13 83984]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2016-04-12 417304]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2015-07-23 2858336]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_47576;Uživatelská služba platformy připojených zařízení_47576; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DSAService;Intel(R) Driver and Support Assistant; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [2017-05-18 21240]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2012-11-08 126856]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2018-08-23 190784]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-12-19 373720]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-07-06 223008]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-07-06 415520]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-09-19 6347056]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2016-09-14 805752]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518264]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-11 460920]
R2 OneSyncSvc_47576;Hostitel synchronizace_47576; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 PnkBstrA;PunkBuster; D:\Instalace her\Airbone\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [2007-08-15 63040]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-16 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_47576;Data kontaktů_47576; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2016-04-12 437784]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 MicroV2Service;MicroV2Service; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-11 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_47576;Uživatelská služba pro GameDVR a vysílání her_47576; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_47576;Služba pro podporu uživatelů Bluetooth_47576; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BstHdPlusAndroidSvc;BlueStacks Plus Android Service; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [2016-04-12 433688]
S3 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2016-04-12 921112]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-12-19 301528]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_47576;DevicePicker_47576; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_47576;Tok zařízení_47576; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [2017-03-07 824592]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-04-24 203344]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-10 154440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-10 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_47576;Služba zasílání zpráv_47576; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE /auditservice []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-10-27 216528]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518264]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 187072]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_47576;PrintWorkflow_47576; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]

-----------------EOF-----------------
Přílohy
Bez názvu.png1.png
Bez názvu.png1.png (162.48 KiB) Zobrazeno 1964 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: vyskakovaci okna

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zdenislav
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 22 dub 2006 14:24

Re: vyskakovaci okna

#3 Příspěvek od Zdenislav »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-31.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-01-2018
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1401 octets] - [20/07/2018 08:40:50]
AdwCleaner[C00].txt - [1509 octets] - [20/07/2018 08:41:19]
AdwCleaner[S01].txt - [1772 octets] - [31/10/2018 23:22:13]
AdwCleaner[C01].txt - [1864 octets] - [31/10/2018 23:22:20]
AdwCleaner[S02].txt - [1492 octets] - [31/10/2018 23:30:06]
AdwCleaner[S03].txt - [1555 octets] - [01/11/2018 19:44:07]
AdwCleaner[S04].txt - [1616 octets] - [01/11/2018 19:45:26]
AdwCleaner[C04].txt - [1802 octets] - [01/11/2018 19:45:34]
AdwCleaner[S05].txt - [1738 octets] - [01/11/2018 19:47:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: vyskakovaci okna

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zdenislav
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 22 dub 2006 14:24

Re: vyskakovaci okna

#5 Příspěvek od Zdenislav »

soubory
Přílohy
Addition.rar
(16.87 KiB) Staženo 72 x

Zdenislav
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 22 dub 2006 14:24

Re: vyskakovaci okna

#6 Příspěvek od Zdenislav »

2.soubor
Přílohy
FRST.rar
(12.67 KiB) Staženo 73 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: vyskakovaci okna

#7 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-22-B4ADED13-2FD4-4CC3-9FAB-96B990F5AAA0\setuplauncher.exe
    File: C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
    File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
    File: C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
    Folder: C:\WINDOWS\SysWOW64\qfuywrai
    Folder: C:\Users\Zdeněk\AppData\Roaming\juvy05izx2c
    Folder: C:\Program Files\Intel\SUR
    CMD: type "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
    
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
    HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
    HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
    HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
    FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{32082DD9-C536-43AA-AF48-D266049C6FDA}.xpi [2018-10-31] [not signed]
    CHR HomePage: Default -> hxxp://www.centrum.cz/
    CHR StartupUrls: Default -> "hxxp://www.centrum.cz/"
    CHR NewTab: Default ->  Active:"chrome-extension://ofmacdiceehcibkfednmgpkhgfhpacgi/newtab.html", Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
    S3 Microsoft SharePoint Workspace Audit Service; "C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /auditservice [X]
    S2 MicroV2Service; C:\Users\Zdeněk\AppData\Local\William\William.dll [X]
    S2 vsservp; "C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe" [X]
    2018-10-31 23:14 - 2018-10-31 23:18 - 000000000 ____D C:\WINDOWS\SysWOW64\qfuywrai
    2018-10-31 23:13 - 2018-10-31 23:18 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\juvy05izx2c
    2018-11-01 20:17 - 2018-07-10 05:13 - 000000736 _____ C:\DelFix.txt
    Task: {2E3BA783-7176-4A58-9CC6-7B53A623CAD5} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
    AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [153]
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zdenislav
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 22 dub 2006 14:24

Re: vyskakovaci okna

#8 Příspěvek od Zdenislav »

Error: (0) Failed to create a restore point.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 200
Average :
Sum : 17918948
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-22-B4ADED13-2FD4-4CC3-9FAB-96B990F5AAA0\setuplauncher.exe ========================

"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-22-B4ADED13-2FD4-4CC3-9FAB-96B990F5AAA0\setuplauncher.exe" => not found
====== End of File: ======


========================= File: C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe ========================

C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
File is digitally signed
MD5: A7E5EFF955B119D187E51EA6190E842B
Creation and modification date: 2017-06-01 17:26 - 2017-03-07 18:15
Size: 000824592
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product: Intel(R) System Usage Report
Description: Intel(R) System Usage Report
File Version:
Product Version:
Copyright: Copyright (C) 2017 Intel Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/c57cc52 ... 537837026/

====== End of File: ======


========================= File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe ========================

C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File not signed
MD5: 9CEE2BBB060DC4B7062BE4461774A7A0
Creation and modification date: 2018-08-23 13:42 - 2018-08-23 13:42
Size: 000190784
Attributes: ----A
Company Name:
Internal Name: DCSHOST
Original Name: HuaweiHiSuiteService.EXE
Product: HuaweiHiSuiteService
Description: HuaweiHiSuiteService
File Version: 2, 0, 0, 42
Product Version: 2, 0, 0, 42
Copyright: Copyright (C) 2008
VirusTotal: https://www.virustotal.com/file/bbe3aee ... 540540578/

====== End of File: ======


========================= File: C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe ========================

C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
File not signed
MD5: 635686E528F2C9CB916EC1BB04EE6AD1
Creation and modification date: 2015-05-11 08:12 - 2015-05-11 08:12
Size: 000248736
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/080a0f2 ... 539112759/

====== End of File: ======


========================= Folder: C:\WINDOWS\SysWOW64\qfuywrai ========================


====== End of Folder: ======


========================= Folder: C:\Users\Zden�k\AppData\Roaming\juvy05izx2c ========================

not found.

====== End of Folder: ======


========================= Folder: C:\Program Files\Intel\SUR ========================

2017-06-01 17:26 - 2017-06-01 17:30 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\Intel\SUR\QUEENCREEK
2017-06-01 17:26 - 2017-03-07 18:10 - 000248080 ____A [D86964DDE93189126605014EA5735A47] () C:\Program Files\Intel\SUR\QUEENCREEK\acpi_battery_input.dll
2017-06-01 17:26 - 2017-03-07 18:10 - 000175376 ____A [F5FA243BAD2E91799DE0F6AF98E77C97] () C:\Program Files\Intel\SUR\QUEENCREEK\devices_use_input.dll
2017-06-01 17:26 - 2017-03-07 18:13 - 000747792 ____A [5895C7F488A5B2156F34D38DC49A8745] () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
2017-06-01 17:26 - 2017-03-07 18:16 - 000443152 ____A [3AAD17E443556041066FE64A7C73E627] () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_lib.dll
2017-06-01 17:26 - 2017-03-07 18:16 - 000411408 ____A [4CBD248353B490B7B186B9D5CE9F983C] () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_lib_daq.dll
2017-06-01 17:26 - 2017-03-07 18:15 - 000824592 ____A [A7E5EFF955B119D187E51EA6190E842B] () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
2017-06-01 17:26 - 2017-03-07 18:11 - 000193296 ____A [038FECD89B0188A676731B7A78DC4682] () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_thread_monitor.dll
2017-06-01 17:26 - 2017-03-07 18:11 - 000238864 ____A [8C4D99B7E60055A05EE985A5A2632054] () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input.dll
2017-06-01 17:26 - 2017-03-07 18:11 - 000238864 ____A [5100CC6582BD90047CD87E625D1C8880] () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input_toe.dll
2017-06-01 17:26 - 2017-03-07 16:08 - 000082808 ____A [9F4296B14AE17C1CB2CD962614BC8685] () C:\Program Files\Intel\SUR\QUEENCREEK\installer.bat
2017-06-01 17:26 - 2017-03-07 18:05 - 000178448 ____A [45C63C386288DED8A13F1304D176854D] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_acdc_setting_input.dll
2017-06-01 17:26 - 2017-03-07 18:06 - 000446736 ____A [7ABE99D4687D9F7C1B16ACCAFAF3C2C6] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_dptf_input.dll
2017-06-01 17:26 - 2017-03-07 18:18 - 001981712 ____A [5928DB97E290BBE510FD172D3B35B33A] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll
2017-06-01 17:26 - 2017-03-07 18:08 - 000337680 ____A [6D784A3D734F45B42D13F6A4297B6877] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process_input.dll
2017-06-01 17:26 - 2017-03-07 18:08 - 000331024 ____A [9E68E54D324BD3009BF6C128AD8440E9] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process2_input.dll
2017-06-01 17:26 - 2017-03-07 18:06 - 000229648 ____A [85C63F17DB192F77D48CACC405B38537] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_reliability_input.dll
2017-06-01 17:26 - 2017-03-07 18:07 - 000238864 ____A [6DB9057A536C6303021C97AE41B408BE] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_reliability_input_toe.dll
2017-06-01 17:26 - 2017-03-07 18:07 - 000225040 ____A [E5303785A02FF772B1C4F80882BFE08A] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_sampler_input.dll
2017-06-01 17:26 - 2017-03-07 18:05 - 000212752 ____A [C5FA6BC0D1BB4921A91EE25D065B1311] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_stress_odometer_input.dll
2017-06-01 17:26 - 2017-03-07 18:09 - 000204048 ____A [238778F3FA442903FBB667A147BD8B08] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_system_power_state_input.dll
2017-06-01 17:26 - 2017-03-07 18:07 - 000220432 ____A [DE370F0CD6F1824ED6F4F1EF750150DA] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_turbo_input.dll
2017-06-01 17:26 - 2017-03-07 18:08 - 000218384 ____A [F8F72F6D1422D03B9D55D198C2425488] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_user_waiting_input.dll
2017-06-01 17:26 - 2017-03-07 18:05 - 000148240 ____A [D58484971662E49550FA6DFF7081BEF8] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_winstat_input.dll
2017-06-01 17:26 - 2017-03-07 18:09 - 000201488 ____A [4E83868EC7088AABB58D27278A856059] () C:\Program Files\Intel\SUR\QUEENCREEK\intel_xxd_input.dll
2017-06-01 17:26 - 2016-10-18 16:09 - 001202928 ____A [B511B9BF79164DDE6E1902065CFD163A] (Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\intel-ias2.dll
2017-06-01 17:26 - 2017-06-01 17:27 - 000001512 ____A [9EBDF5711443D4208377486878686E61] () C:\Program Files\Intel\SUR\QUEENCREEK\log_install.txt
2017-06-01 17:27 - 2017-06-01 17:27 - 000000506 ____A [E6BD09A652163EB458BC562935FB2B58] () C:\Program Files\Intel\SUR\QUEENCREEK\log_start.txt
2017-06-01 17:30 - 2017-06-01 17:30 - 000000508 ____A [B99BD5C88CDA61F0AE92E664F199DB74] () C:\Program Files\Intel\SUR\QUEENCREEK\log_stop.txt
2017-06-01 17:26 - 2017-06-01 17:27 - 000000415 ____A [54C10FAD846D3CDEB2C2F50740A64DDD] () C:\Program Files\Intel\SUR\QUEENCREEK\log_SurSvc.txt
2017-06-01 17:26 - 2016-10-18 16:18 - 000000275 ____A [B404B273EC3F93F743DE0BAC91D22B86] () C:\Program Files\Intel\SUR\QUEENCREEK\os_counters.txt
2017-06-01 17:26 - 2017-03-07 18:12 - 000098064 ____A [7D8669CB238CC1A29A4566C5B81AA91F] () C:\Program Files\Intel\SUR\QUEENCREEK\pl_agent_lib.dll
2017-06-01 17:30 - 2017-06-01 17:30 - 000011170 ____A [7133D695DDC453910AFDB5BCC1A4DE72] () C:\Program Files\Intel\SUR\QUEENCREEK\policy.json
2017-06-01 17:26 - 2016-10-18 16:15 - 000000260 ____A [6EFB667C2F71BF848AE641FDB10A6621] () C:\Program Files\Intel\SUR\QUEENCREEK\process_input_options.txt
2017-06-01 17:26 - 2017-03-07 18:12 - 000044304 ____A [0BF7443E025BBDD7A8FBA722E5AE4096] () C:\Program Files\Intel\SUR\QUEENCREEK\productivity_link.dll
2017-06-01 17:26 - 2017-03-07 18:11 - 000059152 ____A [9AD4315402050E5EB64829D617DDC219] () C:\Program Files\Intel\SUR\QUEENCREEK\productivity_link_helper.dll
2017-06-01 17:26 - 2017-03-14 17:49 - 000174352 ____A [4D678B6207EAF4C931A236D8C2C55357] () C:\Program Files\Intel\SUR\QUEENCREEK\rmdtntkl.exe
2017-06-01 17:26 - 2017-03-07 18:10 - 000213776 ____A [343F1EF45D81FB3EAED8F70007877FB5] () C:\Program Files\Intel\SUR\QUEENCREEK\sema_thermal_input.dll
2017-06-01 17:26 - 2016-10-18 16:14 - 000021984 ____A [07F83829E7429E60298440CD1E601A6A] () C:\Program Files\Intel\SUR\QUEENCREEK\semav6msr64.sys
2017-06-01 17:26 - 2016-10-18 16:12 - 001427968 ____A [7452CFAD7EB6FB19ABFE7F0AB5343006] (Robert Simpson, et al.) C:\Program Files\Intel\SUR\QUEENCREEK\SQLite.Interop.dll
2017-06-01 17:27 - 2017-06-01 17:27 - 000000051 ____A [5FD0323C1CFB4DD4F1333B34A25CAC06] () C:\Program Files\Intel\SUR\QUEENCREEK\task.bat
2017-06-01 17:26 - 2017-03-07 18:12 - 000165648 ____A [91BA158F1914B2EB7FF578161554F52A] () C:\Program Files\Intel\SUR\QUEENCREEK\task.exe
2017-06-01 17:27 - 2017-06-01 17:27 - 000000175 ____A [557969B6022E82535297BE3F9EEECF87] () C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs
2017-06-01 17:27 - 2017-06-01 17:27 - 000001650 ____A [C22FCDF247DE39DC60456BF0CA3FAA7C] () C:\Program Files\Intel\SUR\QUEENCREEK\task.xml
2017-06-01 17:26 - 2017-03-07 18:09 - 000213776 ____A [590AB447A8A7A4D84D5A0D88CF3894C1] () C:\Program Files\Intel\SUR\QUEENCREEK\wifi_input.dll

====== End of Folder: ======


========= type "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs" =========

Set objShell = CreateObject("WScript.Shell")
objShell.Run("C:\WINDOWS\system32\cmd.exe /c ""C:\Program Files\Intel\SUR\QUEENCREEK\task.bat"""), 0
Set objShell = Nothing

========= End of CMD: =========

HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
C:\Program Files (x86)\Mozilla Firefox\browser\features\{32082DD9-C536-43AA-AF48-D266049C6FDA}.xpi => moved successfully
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
HKLM\System\CurrentControlSet\Services\Microsoft SharePoint Workspace Audit Service => removed successfully
Microsoft SharePoint Workspace Audit Service => service removed successfully
HKLM\System\CurrentControlSet\Services\MicroV2Service => removed successfully
MicroV2Service => service removed successfully
HKLM\System\CurrentControlSet\Services\vsservp => removed successfully
vsservp => service removed successfully
C:\WINDOWS\SysWOW64\qfuywrai => moved successfully
"C:\Users\Zden�k\AppData\Roaming\juvy05izx2c" => not found
C:\DelFix.txt => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2E3BA783-7176-4A58-9CC6-7B53A623CAD5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E3BA783-7176-4A58-9CC6-7B53A623CAD5}" => removed successfully
C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC_QUEENCREEK" => removed successfully
C:\ProgramData\Temp => ":1CE11B51" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 169596619 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 17073604 B
Edge => 2359225 B
Chrome => 671871519 B
Firefox => 1081632317 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 62240 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Zdeněk => 77202942 B
Administrator.acer => 0 B

RecycleBin => 6313 B
EmptyTemp: => 1.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 05:19:37 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: vyskakovaci okna

#9 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    Folder: C:\Users\Zdeněk\AppData\Roaming\juvy05izx2c
    2018-10-31 23:13 - 2018-10-31 23:18 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\juvy05izx2c
    Hosts:
    EmptyTemp:
    End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zdenislav
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 22 dub 2006 14:24

Re: vyskakovaci okna

#10 Příspěvek od Zdenislav »

Fix result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Zdeněk (03-11-2018 21:26:08) Run:3
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Folder: C:\Users\Zdeněk\AppData\Roaming\juvy05izx2c
2018-10-31 23:13 - 2018-10-31 23:18 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\juvy05izx2c
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.

========================= Folder: C:\Users\Zdeněk\AppData\Roaming\juvy05izx2c ========================

not found.

====== End of Folder: ======

"C:\Users\Zdeněk\AppData\Roaming\juvy05izx2c" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8610669 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 13672278 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 904 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Zdeněk => 117956 B
Administrator.acer => 0 B

RecycleBin => 1213 B
EmptyTemp: => 29.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:27:04 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: vyskakovaci okna

#11 Příspěvek od Conder »

:arrow: Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zdenislav
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 22 dub 2006 14:24

Re: vyskakovaci okna

#12 Příspěvek od Zdenislav »

Pc je už ok,nic už nevyskakuje,diky moc za pomoc,jste dobří. :thumbsup: :) :)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: vyskakovaci okna

#13 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět