Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomalý start, pomalé vypínání (restart) Win 10

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Mitn
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 pro 2005 11:42

Pomalý start, pomalé vypínání (restart) Win 10

#1 Příspěvek od Mitn »

Dobrý den,
poslední týden sleduji velké zpomalení ve vypínání a startování win 10. Při startování win 10 naběhne a dlouho setrvává v modré obrazovce s kroužkem uprostřed. Při restartování se win 10 normálně vypíná, pak černá obrazovka a dlouho trvá než se přístroj normálně vypne anebo restartuje. Posílám log. Děkuji za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2016-05-19 06:47:03
Microsoft Windows 10 Pro
System drive C: has 533 GB (75%) free of 715 GB
Total RAM: 8067 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:47:07, on 19.05.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
C:\Users\Michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [SafeInCloud] "C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe" /auto-start
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://downloads.dell.com/systemprofiler/SysProExe.cab
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @oem22.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Synaptics WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12492 bytes

======Listing Processes======







winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atiesrxx.exe
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\SysWow64\IntelCpHeciSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe"
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe 2053900168656
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\system32\BtwRSupportService.exe
"C:\Program Files\Conexant\SA3\CxUtilSvc.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\valWBFPolicyService.exe
dashost.exe {625cf2b6-2b45-4e0a-ab9698427dc280ac}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9b09a41e-c85e-426f-8f65-4e3194c1faac -SystemEventPortName:HostProcess-3ee79b98-3c90-4a29-a8f5-70e03883c7e7 -IoCancelEventPortName:HostProcess-cc38e3fc-69c8-496b-af20-36c9b0bd9703 -NonStateChangingEventPortName:HostProcess-0797bdfc-a86a-4cd9-ae53-c04014d9b243 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7ff793e9-a105-47ff-a4ee-27b54b0981e6 -DeviceGroupId:
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"

"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\Elantech\ETDGesture_DELL.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Dell\QuickSet\quickset.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE"
"C:\Program Files\Conexant\SA3\SmartAudio3.exe" /sa3 /nv:3.0+ /dne /s
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe" /auto-start
"C:\Users\Michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"fontdrvhost.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Program Files\Dell\DellDataVault\DellDataVault.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=50.0.2661.102 --handshake-handle=0x174
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2976.0.878292521\20564122" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,10,12,24,53 --gpu-vendor-id=0x1002 --gpu-device-id=0x6840 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1101.0 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/BrotliEncoding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="2976.2.156600246\979328138" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/BrotliEncoding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="2976.3.1679846218\993451415" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/BrotliEncoding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="2976.4.649108480\136476103" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/BrotliEncoding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="2976.5.334871419\523916863" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/BrotliEncoding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="2976.6.666099276\326401667" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/BrotliEncoding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="2976.7.1138034875\1528275351" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/BrotliEncoding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="2976.8.1962335992\1544845492" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/BrotliEncoding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="2976.11.1292868973\925346539" /prefetch:1
"C:\Windows\system32\wwahost.exe" -ServerName:App.wwa
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/BrotliEncoding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A10_Stable_R2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50pct_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="2976.14.1053194387\1768358745" /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 620 624 632 8192 628
"C:\Users\Michal\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\7zc2kvkh.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-05-01 236232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-01 2176816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-05-01 170696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-01 1522480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-07-07 3348200]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2013-08-22 5773640]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [2016-02-22 7520768]
"SmartAudio"=C:\Program Files\CONEXANT\SA3\SACpl.exe [2012-06-13 1647616]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-04-25 23484296]
"SafeInCloud"=C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [2016-04-06 2191872]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-10-21 563416]
"OneDrive"=C:\Users\Michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-17 554176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-06 767176]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-07-25 468112]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2012-03-06 577024]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-05-19 06:47:03 ----D---- C:\rsit
2016-05-19 06:24:46 ----HD---- C:\OneDriveTemp
2016-05-19 06:24:42 ----D---- C:\AdwCleaner
2016-05-18 15:26:14 ----D---- C:\Windows\LastGood.Tmp
2016-05-18 03:58:14 ----D---- C:\Program Files\Common Files\DESIGNER
2016-05-16 19:45:41 ----D---- C:\Program Files\Microsoft Office 15
2016-05-11 21:15:56 ----A---- C:\Windows\SYSWOW64\MosStorage.dll
2016-05-11 21:15:56 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2016-05-11 21:15:56 ----A---- C:\Windows\SYSWOW64\MapsBtSvc.dll
2016-05-11 21:15:56 ----A---- C:\Windows\SYSWOW64\MapConfiguration.dll
2016-05-11 21:15:56 ----A---- C:\Windows\SYSWOW64\JpMapControl.dll
2016-05-11 21:15:56 ----A---- C:\Windows\SYSWOW64\BingMaps.dll
2016-05-11 21:15:56 ----A---- C:\Windows\system32\MFMediaEngine.dll
2016-05-11 21:15:56 ----A---- C:\Windows\system32\MapsStore.dll
2016-05-11 21:15:56 ----A---- C:\Windows\system32\MapConfiguration.dll
2016-05-11 21:15:56 ----A---- C:\Windows\system32\JpMapControl.dll
2016-05-11 21:15:55 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2016-05-11 21:15:55 ----A---- C:\Windows\system32\BingMaps.dll
2016-05-11 21:15:51 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2016-05-11 21:15:50 ----A---- C:\Windows\system32\mshtml.dll
2016-05-11 21:15:49 ----A---- C:\Windows\SYSWOW64\NMAA.dll
2016-05-11 21:15:49 ----A---- C:\Windows\SYSWOW64\mos.dll
2016-05-11 21:15:49 ----A---- C:\Windows\SYSWOW64\MapControlCore.dll
2016-05-11 21:15:48 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-05-11 21:15:48 ----A---- C:\Windows\system32\NMAA.dll
2016-05-11 21:15:48 ----A---- C:\Windows\system32\mos.dll
2016-05-11 21:15:48 ----A---- C:\Windows\system32\MapControlCore.dll
2016-05-11 21:15:48 ----A---- C:\Windows\system32\kerberos.dll
2016-05-11 21:15:48 ----A---- C:\Windows\system32\edgehtml.dll
2016-05-11 21:15:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-05-11 21:15:45 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2016-05-11 21:15:42 ----A---- C:\Windows\system32\shell32.dll
2016-05-11 21:15:42 ----A---- C:\Windows\system32\modernexecserver.dll
2016-05-11 21:15:41 ----A---- C:\Windows\system32\twinui.dll
2016-05-11 21:15:41 ----A---- C:\Windows\system32\CredProvDataModel.dll
2016-05-11 21:15:40 ----A---- C:\Windows\system32\windows.storage.dll
2016-05-11 21:15:39 ----A---- C:\Windows\SYSWOW64\twinui.dll
2016-05-11 21:15:39 ----A---- C:\Windows\SYSWOW64\CredProvDataModel.dll
2016-05-11 21:15:39 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2016-05-11 21:15:39 ----A---- C:\Windows\system32\ieframe.dll
2016-05-11 21:15:38 ----A---- C:\Windows\system32\Chakra.dll
2016-05-11 21:15:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-05-11 21:15:35 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2016-05-11 21:15:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-05-11 21:15:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-05-11 21:15:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-05-11 21:15:34 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2016-05-11 21:15:34 ----A---- C:\Windows\system32\ntdll.dll
2016-05-11 21:15:33 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2016-05-11 21:15:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-11 21:15:31 ----A---- C:\Windows\system32\jscript9.dll
2016-05-11 21:15:31 ----A---- C:\Windows\system32\generaltel.dll
2016-05-11 21:15:31 ----A---- C:\Windows\system32\DeviceCensus.exe
2016-05-11 21:15:31 ----A---- C:\Windows\system32\d2d1.dll
2016-05-11 21:15:31 ----A---- C:\Windows\system32\appraiser.dll
2016-05-11 21:15:31 ----A---- C:\Windows\explorer.exe
2016-05-11 21:15:30 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2016-05-11 21:15:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-05-11 21:15:30 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-05-11 21:15:30 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-05-11 21:15:30 ----A---- C:\Windows\system32\twinui.appcore.dll
2016-05-11 21:15:29 ----A---- C:\Windows\system32\wuaueng.dll
2016-05-11 21:15:29 ----A---- C:\Windows\system32\wcmsvc.dll
2016-05-11 21:15:29 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-11 21:15:28 ----A---- C:\Windows\system32\win32kfull.sys
2016-05-11 21:15:28 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2016-05-11 21:15:27 ----A---- C:\Windows\system32\MosStorage.dll
2016-05-11 21:15:27 ----A---- C:\Windows\system32\moshost.dll
2016-05-11 21:15:27 ----A---- C:\Windows\system32\mapsupdatetask.dll
2016-05-11 21:15:27 ----A---- C:\Windows\system32\MapsCSP.dll
2016-05-11 21:15:27 ----A---- C:\Windows\system32\MapsBtSvc.dll
2016-05-11 21:15:27 ----A---- C:\Windows\system32\dwmcore.dll
2016-05-11 21:15:26 ----A---- C:\Windows\system32\moshostcore.dll
2016-05-11 21:15:26 ----A---- C:\Windows\system32\iertutil.dll
2016-05-11 21:15:25 ----A---- C:\Windows\system32\SettingSyncCore.dll
2016-05-11 21:15:25 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-05-11 21:15:25 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2016-05-11 21:15:25 ----A---- C:\Windows\system32\aeinv.dll
2016-05-11 21:15:24 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2016-05-11 21:15:24 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll
2016-05-11 21:15:24 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-05-11 21:15:24 ----A---- C:\Windows\system32\wifinetworkmanager.dll
2016-05-11 21:15:24 ----A---- C:\Windows\system32\TokenBroker.dll
2016-05-11 21:15:24 ----A---- C:\Windows\system32\NetworkMobileSettings.dll
2016-05-11 21:15:24 ----A---- C:\Windows\system32\KernelBase.dll
2016-05-11 21:15:24 ----A---- C:\Windows\system32\dxgi.dll
2016-05-11 21:15:23 ----A---- C:\Windows\system32\Windows.UI.dll
2016-05-11 21:15:23 ----A---- C:\Windows\system32\urlmon.dll
2016-05-11 21:15:23 ----A---- C:\Windows\system32\mfplat.dll
2016-05-11 21:15:23 ----A---- C:\Windows\system32\devinv.dll
2016-05-11 21:15:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-05-11 21:15:22 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-05-11 21:15:22 ----A---- C:\Windows\SYSWOW64\LogonController.dll
2016-05-11 21:15:22 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2016-05-11 21:15:22 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2016-05-11 21:15:22 ----A---- C:\Windows\system32\winlogon.exe
2016-05-11 21:15:22 ----A---- C:\Windows\system32\MPSSVC.dll
2016-05-11 21:15:22 ----A---- C:\Windows\system32\MFCaptureEngine.dll
2016-05-11 21:15:22 ----A---- C:\Windows\system32\LogonController.dll
2016-05-11 21:15:22 ----A---- C:\Windows\system32\AzureSettingSyncProvider.dll
2016-05-11 21:15:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-05-11 21:15:21 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2016-05-11 21:15:21 ----A---- C:\Windows\SYSWOW64\MFCaptureEngine.dll
2016-05-11 21:15:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-11 21:15:21 ----A---- C:\Windows\system32\wwansvc.dll
2016-05-11 21:15:21 ----A---- C:\Windows\system32\Windows.UI.Shell.dll
2016-05-11 21:15:21 ----A---- C:\Windows\system32\win32kbase.sys
2016-05-11 21:15:21 ----A---- C:\Windows\system32\vbscript.dll
2016-05-11 21:15:21 ----A---- C:\Windows\system32\SettingSync.dll
2016-05-11 21:15:21 ----A---- C:\Windows\system32\RDXService.dll
2016-05-11 21:15:21 ----A---- C:\Windows\system32\NetSetupShim.dll
2016-05-11 21:15:21 ----A---- C:\Windows\system32\LockAppHost.exe
2016-05-11 21:15:21 ----A---- C:\Windows\system32\jscript.dll
2016-05-11 21:15:21 ----A---- C:\Windows\system32\invagent.dll
2016-05-11 21:15:21 ----A---- C:\Windows\system32\ieproxy.dll
2016-05-11 21:15:21 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2016-05-11 21:15:21 ----A---- C:\Windows\system32\CoreMessaging.dll
2016-05-11 21:15:20 ----A---- C:\Windows\SYSWOW64\NetSetupShim.dll
2016-05-11 21:15:20 ----A---- C:\Windows\SYSWOW64\LockAppHost.exe
2016-05-11 21:15:20 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-05-11 21:15:20 ----A---- C:\Windows\system32\wuapi.dll
2016-05-11 21:15:20 ----A---- C:\Windows\system32\wifitask.exe
2016-05-11 21:15:20 ----A---- C:\Windows\system32\RDXTaskFactory.dll
2016-05-11 21:15:20 ----A---- C:\Windows\system32\drivers\bthport.sys
2016-05-11 21:15:19 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-05-11 21:15:19 ----A---- C:\Windows\system32\user32.dll
2016-05-11 21:15:19 ----A---- C:\Windows\system32\tileobjserver.dll
2016-05-11 21:15:19 ----A---- C:\Windows\system32\SHCore.dll
2016-05-11 21:15:19 ----A---- C:\Windows\system32\gdi32.dll
2016-05-11 21:15:19 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2016-05-11 21:15:19 ----A---- C:\Windows\system32\crypt32.dll
2016-05-11 21:15:18 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-11 21:15:18 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2016-05-11 21:15:18 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2016-05-11 21:15:18 ----A---- C:\Windows\SYSWOW64\ieproxy.dll
2016-05-11 21:15:18 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-05-11 21:15:18 ----A---- C:\Windows\SYSWOW64\AppxAllUserStore.dll
2016-05-11 21:15:18 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-11 21:15:18 ----A---- C:\Windows\system32\wcmcsp.dll
2016-05-11 21:15:18 ----A---- C:\Windows\system32\schannel.dll
2016-05-11 21:15:18 ----A---- C:\Windows\system32\provhandlers.dll
2016-05-11 21:15:18 ----A---- C:\Windows\system32\provengine.dll
2016-05-11 21:15:18 ----A---- C:\Windows\system32\DataSenseHandlers.dll
2016-05-11 21:15:18 ----A---- C:\Windows\system32\AppxAllUserStore.dll
2016-05-11 21:15:18 ----A---- C:\Windows\system32\aepic.dll
2016-05-11 21:15:18 ----A---- C:\Windows\system32\ActivationManager.dll
2016-05-11 21:15:17 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-11 21:15:17 ----A---- C:\Windows\SYSWOW64\AzureSettingSyncProvider.dll
2016-05-11 21:15:17 ----A---- C:\Windows\system32\SharedStartModel.dll
2016-05-11 21:15:17 ----A---- C:\Windows\system32\shacct.dll
2016-05-11 21:15:17 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-11 21:15:17 ----A---- C:\Windows\system32\drivers\sdport.sys
2016-05-11 21:15:17 ----A---- C:\Windows\system32\drivers\pci.sys
2016-05-11 21:15:17 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-11 21:15:16 ----A---- C:\Windows\SYSWOW64\shacct.dll
2016-05-11 21:15:16 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-11 21:15:16 ----A---- C:\Windows\SYSWOW64\AppXDeploymentClient.dll
2016-05-11 21:15:16 ----A---- C:\Windows\system32\StorSvc.dll
2016-05-11 21:15:16 ----A---- C:\Windows\system32\samsrv.dll
2016-05-11 21:15:16 ----A---- C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-05-11 21:15:16 ----A---- C:\Windows\system32\NgcCtnr.dll
2016-05-11 21:15:16 ----A---- C:\Windows\system32\MDMAppInstaller.exe
2016-05-11 21:15:16 ----A---- C:\Windows\system32\actxprxy.dll
2016-05-11 21:15:15 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-05-11 21:15:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-11 21:15:15 ----A---- C:\Windows\system32\wlanapi.dll
2016-05-11 21:15:15 ----A---- C:\Windows\system32\wininit.exe
2016-05-11 21:15:15 ----A---- C:\Windows\system32\SubscriptionMgr.dll
2016-05-11 21:15:15 ----A---- C:\Windows\system32\ngcsvc.dll
2016-05-11 21:15:15 ----A---- C:\Windows\system32\MosHostClient.dll
2016-05-11 21:15:15 ----A---- C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 21:15:15 ----A---- C:\Windows\system32\directmanipulation.dll
2016-05-11 21:15:15 ----A---- C:\Windows\system32\acmigration.dll
2016-05-11 21:15:14 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2016-05-11 21:15:14 ----A---- C:\Windows\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 21:15:14 ----A---- C:\Windows\SYSWOW64\MosHostClient.dll
2016-05-11 21:15:14 ----A---- C:\Windows\SYSWOW64\directmanipulation.dll
2016-05-11 21:15:14 ----A---- C:\Windows\SYSWOW64\CoreMessaging.dll
2016-05-11 21:15:14 ----A---- C:\Windows\system32\SettingSyncHost.exe
2016-05-11 21:15:14 ----A---- C:\Windows\system32\PhoneProviders.dll
2016-05-11 21:15:14 ----A---- C:\Windows\system32\ngcpopkeysrv.dll
2016-05-11 21:15:14 ----A---- C:\Windows\system32\NgcCtnrSvc.dll
2016-05-11 21:15:14 ----A---- C:\Windows\system32\ngccredprov.dll
2016-05-11 21:15:14 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-05-11 21:15:14 ----A---- C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 21:15:13 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2016-05-11 21:15:13 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2016-05-11 21:15:13 ----A---- C:\Windows\SYSWOW64\cryptngc.dll
2016-05-11 21:15:13 ----A---- C:\Windows\system32\wups.dll
2016-05-11 21:15:13 ----A---- C:\Windows\system32\wpdbusenum.dll
2016-05-11 21:15:13 ----A---- C:\Windows\system32\VEDataLayerHelpers.dll
2016-05-11 21:15:13 ----A---- C:\Windows\system32\rsaenh.dll
2016-05-11 21:15:13 ----A---- C:\Windows\system32\ListSvc.dll
2016-05-11 21:15:13 ----A---- C:\Windows\system32\dwminit.dll
2016-05-11 21:15:13 ----A---- C:\Windows\system32\drivers\ufxsynopsys.sys
2016-05-11 21:15:13 ----A---- C:\Windows\system32\drivers\UcmCx.sys
2016-05-11 21:15:13 ----A---- C:\Windows\system32\drivers\hidclass.sys
2016-05-11 21:15:13 ----A---- C:\Windows\system32\drivers\fvevol.sys
2016-05-11 21:15:13 ----A---- C:\Windows\system32\drivers\fastfat.sys
2016-05-11 21:15:13 ----A---- C:\Windows\system32\BrowserSettingSync.dll
2016-05-11 21:15:12 ----A---- C:\Windows\system32\wuauclt.exe
2016-05-11 21:15:12 ----A---- C:\Windows\system32\NetSetupEngine.dll
2016-05-11 21:15:10 ----A---- C:\Windows\system32\provisioningcsp.dll
2016-05-11 21:15:10 ----A---- C:\Windows\system32\drivers\pdc.sys
2016-05-11 21:15:10 ----A---- C:\Windows\system32\drivers\filecrypt.sys
2016-05-11 21:15:09 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-05-11 21:15:09 ----A---- C:\Windows\SYSWOW64\VEDataLayerHelpers.dll
2016-05-11 21:15:09 ----A---- C:\Windows\SYSWOW64\updatepolicy.dll
2016-05-11 21:15:09 ----A---- C:\Windows\SYSWOW64\NetSetupEngine.dll
2016-05-11 21:15:09 ----A---- C:\Windows\SYSWOW64\NetSetupApi.dll
2016-05-11 21:15:09 ----A---- C:\Windows\SYSWOW64\hmkd.dll
2016-05-11 21:15:09 ----A---- C:\Windows\SYSWOW64\ByteCodeGenerator.exe
2016-05-11 21:15:09 ----A---- C:\Windows\SYSWOW64\BrowserSettingSync.dll
2016-05-11 21:15:09 ----A---- C:\Windows\SYSWOW64\BluetoothApis.dll
2016-05-11 21:15:09 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2016-05-11 21:15:09 ----A---- C:\Windows\system32\updatepolicy.dll
2016-05-11 21:15:09 ----A---- C:\Windows\system32\NetSetupApi.dll
2016-05-11 21:15:09 ----A---- C:\Windows\system32\hmkd.dll
2016-05-11 21:15:09 ----A---- C:\Windows\system32\drivers\usbser.sys
2016-05-11 21:15:09 ----A---- C:\Windows\system32\cryptngc.dll
2016-05-11 21:15:09 ----A---- C:\Windows\system32\BluetoothApis.dll
2016-05-11 21:15:09 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2016-05-11 21:15:08 ----A---- C:\Windows\SYSWOW64\wshbth.dll
2016-05-11 21:15:08 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2016-05-11 21:15:08 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2016-05-11 21:15:08 ----A---- C:\Windows\SYSWOW64\wfdprov.dll
2016-05-11 21:15:08 ----A---- C:\Windows\SYSWOW64\VEEventDispatcher.dll
2016-05-11 21:15:08 ----A---- C:\Windows\system32\wshbth.dll
2016-05-11 21:15:08 ----A---- C:\Windows\system32\wificonnapi.dll
2016-05-11 21:15:08 ----A---- C:\Windows\system32\VEStoreEventHandlers.dll
2016-05-11 21:15:08 ----A---- C:\Windows\system32\VEEventDispatcher.dll
2016-05-11 21:15:08 ----A---- C:\Windows\system32\NFCProvisioningPlugin.dll
2016-05-11 21:15:08 ----A---- C:\Windows\system32\NetSetupSvc.dll
2016-05-11 21:15:08 ----A---- C:\Windows\system32\Chakradiag.dll
2016-05-11 21:15:08 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2016-05-11 21:15:08 ----A---- C:\Windows\system32\drivers\bthenum.sys
2016-05-11 21:15:08 ----A---- C:\Windows\system32\ByteCodeGenerator.exe
2016-05-11 21:15:08 ----A---- C:\Windows\system32\bcastdvr.exe
2016-05-11 21:15:08 ----A---- C:\Windows\system32\AppCapture.dll
2016-05-07 15:53:11 ----D---- C:\ProgramData\HandSetService
2016-05-07 15:53:09 ----D---- C:\ProgramData\HiSuiteOuc
2016-05-07 15:52:49 ----D---- C:\Program Files (x86)\HiSuite
2016-05-07 15:30:46 ----A---- C:\Windows\system32\drivers\WUDFUpdate_01009.dll
2016-05-07 15:30:46 ----A---- C:\Windows\system32\drivers\winusbcoinstaller2.dll
2016-05-07 15:30:46 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01009.dll
2016-05-07 15:30:45 ----A---- C:\Windows\system32\drivers\hw_usbdev.sys
2016-05-07 15:30:45 ----A---- C:\Windows\system32\drivers\hw_quusbnet.sys
2016-05-07 15:30:45 ----A---- C:\Windows\system32\drivers\hw_quusbmdm.sys
2016-05-07 15:30:45 ----A---- C:\Windows\system32\drivers\hw_cdcacm.sys
2016-05-07 15:30:45 ----A---- C:\Windows\system32\drivers\ew_usbccgpfilter.sys
2016-04-30 07:05:57 ----HDC---- C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}

======List of files/folders modified in the last 1 month======

2016-05-19 06:47:06 ----D---- C:\Program Files\trend micro
2016-05-19 06:46:28 ----D---- C:\Windows\Temp
2016-05-19 06:43:17 ----D---- C:\Windows\INF
2016-05-19 06:43:17 ----D---- C:\Windows\debug
2016-05-19 06:43:17 ----D---- C:\Windows
2016-05-19 06:40:36 ----D---- C:\Windows\System32
2016-05-19 06:40:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-19 06:37:10 ----D---- C:\Windows\system32\sru
2016-05-19 06:35:25 ----D---- C:\ProgramData\Validity
2016-05-19 06:27:32 ----D---- C:\Windows\Prefetch
2016-05-19 03:04:56 ----D---- C:\Windows\Microsoft.NET
2016-05-19 01:47:04 ----D---- C:\Windows\system32\drivers
2016-05-18 23:43:27 ----HD---- C:\Program Files\WindowsApps
2016-05-18 22:45:45 ----D---- C:\Windows\AppReadiness
2016-05-18 15:26:12 ----D---- C:\Windows\system32\DriverStore
2016-05-18 09:38:45 ----D---- C:\Windows\system32\NDF
2016-05-18 06:46:41 ----D---- C:\Windows\system32\Tasks
2016-05-18 03:58:41 ----SHD---- C:\Windows\Installer
2016-05-18 03:58:41 ----SHD---- C:\Config.Msi
2016-05-18 03:58:38 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2016-05-18 03:58:15 ----AD---- C:\Program Files\Common Files\microsoft shared
2016-05-18 03:58:14 ----D---- C:\Program Files\Common Files
2016-05-18 03:56:15 ----AD---- C:\Program Files\Microsoft Office
2016-05-17 14:43:57 ----D---- C:\Windows\system32\config
2016-05-17 14:42:30 ----RSD---- C:\Windows\assembly
2016-05-17 07:46:45 ----D---- C:\Windows\rescache
2016-05-17 04:02:33 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2016-05-16 21:21:14 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2016-05-16 20:57:32 ----D---- C:\Windows\SoftwareDistribution
2016-05-16 20:49:30 ----RSD---- C:\Windows\Fonts
2016-05-16 20:46:34 ----D---- C:\Users\Michal\AppData\Roaming\MPC-HC
2016-05-16 20:19:02 ----D---- C:\Windows\WinSxS
2016-05-16 19:48:16 ----D---- C:\Windows\SysWOW64
2016-05-16 19:45:41 ----SD---- C:\ProgramData\Microsoft
2016-05-16 19:45:41 ----RD---- C:\Program Files
2016-05-14 06:55:52 ----D---- C:\Windows\CbsTemp
2016-05-13 21:00:52 ----SHD---- C:\System Volume Information
2016-05-13 00:42:59 ----D---- C:\Windows\system32\catroot2
2016-05-12 01:19:27 ----D---- C:\Windows\SYSWOW64\migration
2016-05-12 01:19:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-12 01:19:25 ----D---- C:\Windows\system32\oobe
2016-05-12 01:19:25 ----D---- C:\Windows\system32\migration
2016-05-12 01:19:25 ----D---- C:\Windows\system32\drivers\UMDF
2016-05-12 01:19:25 ----D---- C:\Windows\system32\cs-CZ
2016-05-12 01:19:25 ----D---- C:\Windows\system32\appraiser
2016-05-12 01:19:20 ----D---- C:\Windows\Provisioning
2016-05-12 01:19:19 ----D---- C:\Windows\bcastdvr
2016-05-12 01:19:19 ----D---- C:\Windows\AppPatch
2016-05-12 01:19:19 ----D---- C:\Program Files\Windows Journal
2016-05-12 01:19:19 ----D---- C:\Program Files\Internet Explorer
2016-05-12 01:19:19 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-11 21:57:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-05-11 21:32:11 ----D---- C:\ProgramData\Microsoft Help
2016-05-11 21:27:09 ----D---- C:\Windows\system32\MRT
2016-05-11 21:16:52 ----A---- C:\Windows\system32\MRT.exe
2016-05-11 05:48:04 ----RD---- C:\Program Files (x86)
2016-05-11 05:48:03 ----D---- C:\Windows\Tasks
2016-05-07 19:21:21 ----D---- C:\Users\Michal\AppData\Roaming\MuseScore
2016-05-07 15:53:11 ----HD---- C:\ProgramData
2016-05-05 13:22:41 ----D---- C:\ProgramData\SupportAssistAgent
2016-05-04 07:30:48 ----A---- C:\Windows\win.ini
2016-04-28 15:30:51 ----D---- C:\Users\Michal\AppData\Roaming\dvdcss
2016-04-24 11:14:06 ----D---- C:\ProgramData\PCDr

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem7.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2015-07-31 82696]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-07 644968]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 EpfwLWF;@oem35.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-07-14 231520]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-10-30 47616]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-09-01 21655080]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-09-01 686120]
R3 bcbtums;@oem22.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2015-11-23 199472]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2016-02-22 22632]
R3 BCMWL63A;@oem61.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-12-03 11776264]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2016-04-23 112640]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2016-03-29 245760]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-10-30 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\drivers\BTHUSB.sys [2016-04-23 84992]
R3 btwampfl;@oem22.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2015-11-23 205608]
R3 btwaudio;@oem12.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2015-11-23 220448]
R3 btwavdt;@oem12.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2015-11-23 239392]
R3 btwl2cap;@oem21.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2015-11-23 48984]
R3 CnxtHdAudService;@oem48.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2016-01-06 1607328]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-06-16 176000]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-09-11 32464]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-09-11 24240]
R3 ETD;@oem4.inf,%PS2DeviceDesc%;Dell Touchpad; C:\Windows\system32\DRIVERS\ETD.sys [2015-07-07 469080]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-08-27 3797424]
R3 IntcDAud;@oem15.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2015-07-10 193336]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2016-03-29 181248]
R3 RSUSBVSTOR;@oem25.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-09-04 329944]
R3 rt640x64;@oem30.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2015-05-29 886528]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 BCM43XX;@oem47.inf,%BCM43XX_Service_DispName%;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2016-01-12 5443648]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\Windows\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BcmVWL;@oem29.inf,%BcmVWL.Service.DispName%;Broadcom Virtual Wireless; C:\Windows\System32\drivers\bcmvwl64.sys [2016-01-12 21568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\drivers\BTHport.sys [2016-04-23 954368]
S3 btwrchid;btwrchid; C:\Windows\System32\drivers\btwrchid.sys [2016-01-13 47392]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-11-22 117248]
S3 DFX11_1;@oem3.inf,%DFX_Device.SvcDesc%;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 DFX12;@oem43.inf,%DFX_Device.SvcDesc%;DFX Audio Enhancer; C:\Windows\system32\drivers\dfx12x64.sys [2015-11-15 39048]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 jakstaVA;@oem44.inf,%DeviceName%;Digital Video Recorder; C:\Windows\system32\DRIVERS\jaksta_va.sys [2014-12-09 103816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-09-01 265776]
R2 BcmBtRSupport;@oem22.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2015-11-23 2269440]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2015-07-08 980224]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-05-01 2912496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 CxUtilSvc;CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [2016-03-28 109184]
R2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-03-11 2572024]
R2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-03-11 202488]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-07-07 144104]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [2016-02-16 192304]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-08-27 330136]
R2 OneSyncSvc_46514;Hostitel synchronizace_46514; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 43944]
R3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-27 291744]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_46514;Data kontaktů_46514; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 DellDigitalDelivery;Dell Digital Delivery Service; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2015-03-16 237448]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-16 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1e1b9a;Hostitel synchronizace_1e1b9a; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2f237;Hostitel synchronizace_2f237; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3361e;Hostitel synchronizace_3361e; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_388c3;Hostitel synchronizace_388c3; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_39584;Hostitel synchronizace_39584; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_39dd2;Hostitel synchronizace_39dd2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3b8c2;Hostitel synchronizace_3b8c2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3be5d;Hostitel synchronizace_3be5d; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3ef9e;Hostitel synchronizace_3ef9e; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3f032;Hostitel synchronizace_3f032; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3f0d2;Hostitel synchronizace_3f0d2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_41190;Hostitel synchronizace_41190; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4211c;Hostitel synchronizace_4211c; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_43ec5;Hostitel synchronizace_43ec5; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_6a848;Hostitel synchronizace_6a848; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-16 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1e1b9a;Služba zasílání zpráv_1e1b9a; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2f237;Služba zasílání zpráv_2f237; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3361e;Služba zasílání zpráv_3361e; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_388c3;Služba zasílání zpráv_388c3; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_39584;Služba zasílání zpráv_39584; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_39dd2;Služba zasílání zpráv_39dd2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3b8c2;Služba zasílání zpráv_3b8c2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3be5d;Služba zasílání zpráv_3be5d; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3ef9e;Služba zasílání zpráv_3ef9e; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3f032;Služba zasílání zpráv_3f032; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3f0d2;Služba zasílání zpráv_3f0d2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_41190;Služba zasílání zpráv_41190; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_43ec5;Služba zasílání zpráv_43ec5; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_46514;Služba zasílání zpráv_46514; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_6a848;Služba zasílání zpráv_6a848; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-30 147624]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-05-01 252112]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1e1b9a;Data kontaktů_1e1b9a; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2f237;Data kontaktů_2f237; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3361e;Data kontaktů_3361e; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_388c3;Data kontaktů_388c3; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_39584;Data kontaktů_39584; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_39dd2;Data kontaktů_39dd2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3b8c2;Data kontaktů_3b8c2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3be5d;Data kontaktů_3be5d; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3ef9e;Data kontaktů_3ef9e; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3f032;Data kontaktů_3f032; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3f0d2;Data kontaktů_3f0d2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_41190;Data kontaktů_41190; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_43ec5;Data kontaktů_43ec5; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_6a848;Data kontaktů_6a848; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S4 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S4 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Pomalý start, pomalé vypínání (restart) Win 10

#2 Příspěvek od altrok »

Krasny den Vam preju :bye:


:arrow: V AdwCleaneru jste zvolil i moznost Cleaning/Cisteni?


:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).


:arrow: Ulozte na plochu RogueKiller - http://www.bleepingcomputer.com/download/roguekiller/
  • spustte jako spravce
  • nahore prejdete na zalozku Scan
  • vpravo dole kliknete na Start Scan (potrva az nekolik desitek minut)
  • vlevo dole vyberte Open Report
  • vpravo dole Export TXT
  • report ulozte na plochu a jeho obsah vlozte do pristi odpovedi

  • Stahnete Crystal Disk Info (CDI) https://osdn.jp/frs/redir.php?m=cznic&f ... o6_7_5.zip
  • archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
  • ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
  • log vlozte do dalsi odpovedi (Ctrl + V)
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Mitn
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 pro 2005 11:42

Re: Pomalý start, pomalé vypínání (restart) Win 10

#3 Příspěvek od Mitn »

AdwCleaner v5.117 - Log soubor vytvořen 20/05/2016 o 08:37:53
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows 10 Pro (X64)
# Jméno uživatele : Michal - MICHAL-DESKTOP
# Spuštěno z : C:\Users\Michal\Desktop\adwcleaner_5.117.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****


***** [ Webové prohlížeče ] *****

[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : daemon-search.com
[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : search.icq.com
[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : ask.com
[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : ac3filter.en.softonic.com
[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : ashampoo-burning-studio-2013.en.softonic.com
[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : shoparamedik.cz

*************************

:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1772 bytes] - [19/05/2016 06:27:23]
C:\AdwCleaner\AdwCleaner[C2].txt - [1620 bytes] - [20/05/2016 08:37:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [1568 bytes] - [19/05/2016 06:25:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [1714 bytes] - [20/05/2016 08:36:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1839 bytes] ##########



RogueKiller V12.2.1.0 [May 16 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10586) 64 bits version
Spuštěno : Normální režim
Uživatel : Michal [Práva správce]
Started from : C:\Users\Michal\Desktop\RogueKiller.exe
Mód : Prohledat -- Datum : 05/20/2016 09:23:51

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{90756bc2-c61b-4462-ad53-54dc3cdbcd93} | DhcpNameServer : 172.16.0.1 85.93.101.5 ([][Czech Republic]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9d6ba323-de65-4656-9a8a-b7f7107576e2} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{e4cded74-ee8d-4c3e-b2c2-89518d5ae983} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ff36593b-4484-4f8a-ae27-6623d2fbf2f2} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{90756bc2-c61b-4462-ad53-54dc3cdbcd93} | DhcpNameServer : 172.16.0.1 85.93.101.5 ([][Czech Republic]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9d6ba323-de65-4656-9a8a-b7f7107576e2} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{e4cded74-ee8d-4c3e-b2c2-89518d5ae983} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ff36593b-4484-4f8a-ae27-6623d2fbf2f2} | DhcpNameServer : 10.0.0.138 ([]) -> Nalezeno
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[PUP][Soubor] C:\Windows\SECOH-QAD.exe -> Nalezeno

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0xc000036b]) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 7zc2kvkh.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nalezeno

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 10586] (x64)
Date : 2016/05/20 9:28:16

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- WDC WD7500BPKT-75PK4T0
- TSSTcorp CDDVDW SN-208FB
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD7500BPKT-75PK4T0 : 750,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD7500BPKT-75PK4T0
----------------------------------------------------------------------------
Model : WDC WD7500BPKT-75PK4T0
Firmware : 01.01A01
Serial Number : WD-WX21CC1T8323
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 15054 hod.
Power On Count : 9489 krát
Host Reads : 26031 GB
Host Writes : 18841 GB
Temperature : 42 C (107 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000002 Počet chyb čtení
03 196 171 _21 0000000004A7 Čas na roztočení ploten
04 _89 _89 __0 000000002C94 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _80 _80 __0 000000003ACE Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _91 _91 __0 000000002511 Počet cyklů zapnutí zařízení
BF __1 __1 __0 00000000B92F Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000088 Počet vypnutí disku
C1 174 174 __0 000000013BDE Počet cyklů načítání/vymazání
C2 105 _83 __0 00000000002A Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
F0 _81 _81 __0 0000000038FA Čas nastavování hlaviček - v hodinách
F1 200 200 __0 0009333421D0 Total Host Writes
F2 200 200 __0 000CB5FD349B Total Host Reads
FE _50 _50 __0 000000000096 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3231 4343 3154 3833 3233
020: 0000 8000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3735 3030 4250 4B54 2D37 3550 4B34 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7D09 6123 7469 BC09 6123 407F 003C
090: 003C 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 02AA 143B 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 16FE 013E 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 1028 0000 C000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 24A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 02 00 00 00 00 00 00 03 27
010: 00 C4 AB A7 04 00 00 00 00 00 04 32 00 59 59 94
020: 2C 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 50 50 CE 3A 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5B 5B 11 25 00 00 00 00 00 BF 32
070: 00 01 01 2F B9 00 00 00 00 00 C0 32 00 C8 C8 88
080: 00 00 00 00 00 00 C1 32 00 AE AE DE 3B 01 00 00
090: 00 00 C2 22 00 69 53 2A 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 F0 32 00 51 51 FA
0E0: 38 00 00 00 00 00 F1 32 00 C8 C8 D0 21 34 33 09
0F0: 00 00 F2 32 00 C8 C8 9B 34 FD B5 0C 00 00 FE 32
100: 00 32 32 96 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 68 2E 01 7B
170: 03 00 01 00 02 76 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5C

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 F0 00 00 00 00 00
0E0: 00 00 00 00 00 00 F1 00 00 00 00 00 00 00 00 00
0F0: 00 00 F2 00 00 00 00 00 00 00 00 00 00 00 FE 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ED


¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPKT-75PK4T0 +++++
--- User ---
[MBR] 178439026de4753d43dc0aa0f2346c81
[BSP] 55a0b5c5f339c55f72efe87021bee4c5 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 714902 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Pomalý start, pomalé vypínání (restart) Win 10

#4 Příspěvek od altrok »

:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Mitn
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 pro 2005 11:42

Re: Pomalý start, pomalé vypínání (restart) Win 10

#5 Příspěvek od Mitn »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:19-05-2016
Ran by Michal (administrator) on MICHAL-DESKTOP (20-05-2016 12:57:57)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture_DELL.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.19761.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.6965.57691.0_x64__8wekyb3d8bbwe\onenoteim.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348200 2015-07-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5773640 2013-08-22] (Dell Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2016-02-22] (Dell Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [468112 2011-07-25] (CANON INC.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-06] (Creative Technology Ltd)
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23484296 2016-04-25] (Google)
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [2191872 2016-04-06] ()
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-10-21] (ZONER software)
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\MountPoints2: {fe99404f-1402-11e6-b51d-e0db55d13873} - "E:\autorun.exe"
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\MountPoints2: {fe9941f7-1402-11e6-b51d-e0db55d13873} - "E:\autorun.exe"
HKU\S-1-5-21-499199583-512687402-1678617887-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-01-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.2
Tcpip\..\Interfaces\{024e872c-f31a-4a4d-9560-de9b20d884b1}: [DhcpNameServer] 192.168.2.2
Tcpip\..\Interfaces\{52d6d854-10f6-4972-b9b3-b2b9667c7d30}: [DhcpNameServer] 192.168.2.2
Tcpip\..\Interfaces\{71f64b08-407a-416c-9924-a80f78f44ea6}: [DhcpNameServer] 192.168.2.2
Tcpip\..\Interfaces\{751b8688-287a-4941-b21c-1a8f1d8b87d0}: [DhcpNameServer] 192.168.2.2
Tcpip\..\Interfaces\{90756bc2-c61b-4462-ad53-54dc3cdbcd93}: [DhcpNameServer] 172.16.0.1 85.93.101.5
Tcpip\..\Interfaces\{9d6ba323-de65-4656-9a8a-b7f7107576e2}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e4293df8-6220-4317-8595-72ccdc4dbbc2}: [DhcpNameServer] 192.168.2.2
Tcpip\..\Interfaces\{e4cded74-ee8d-4c3e-b2c2-89518d5ae983}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ff36593b-4484-4f8a-ae27-6623d2fbf2f2}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-499199583-512687402-1678617887-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotmail/home?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-05-19] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-19] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-05-19] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-19] (Microsoft Corporation)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://downloads.dell.com/systemprofiler/SysProExe.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-19] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-19] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-19] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-19] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-19] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-499199583-512687402-1678617887-1001 -> hxxp://www.seznam.cz/

FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\7zc2kvkh.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-19] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-05-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: S3.Google Translator - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\7zc2kvkh.default\extensions\s3google@translator.xpi [2015-11-17]
FF Extension: Youtube Mp3 Downloader - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\7zc2kvkh.default\Extensions\6asa42dfa4784fsf368g@youtubeconverter.me.xpi [2015-11-17]
FF Extension: Adblock Plus - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\7zc2kvkh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-17]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.google.com/ ... gs-bce.cz/"
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Překladač Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]
CHR Extension: (Prezentace Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-16]
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-16]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-16]
CHR Extension: (Adblock Plus) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Kalendář Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-11-16]
CHR Extension: (Tabulky Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-16]
CHR Extension: (Hodiny) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-11-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-02-02]
CHR Extension: (Uložit na Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2015-11-16]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-05-20]
CHR Extension: (Google Play Music) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-11-16]
CHR Extension: (Clearly) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-11-16]
CHR Extension: (SafeInCloud Password Manager) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchdigjbcmdgcfeijpfkpadacbijihjl [2016-03-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-16]
CHR Extension: (Mapy Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-11-16]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-11-16]
CHR Extension: (OneDrive) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2015-11-16]
CHR Extension: (Slinky Moderní) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nilnodhmmonndffbejancdeiggflcehi [2016-01-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-16]
CHR HKU\S-1-5-21-499199583-512687402-1678617887-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2269440 2015-11-23] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2912496 2016-05-01] (Microsoft Corporation)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2016-03-28] (Conexant Systems, Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-11] (Dell Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-07-07] (ELAN Microelectronics Corp.)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2016-02-16] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-04-22] (Dell Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [61976 2015-08-01] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2016-02-22] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [82696 2015-07-31] (Advanced Micro Devices, Inc.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [199472 2015-11-23] (Broadcom Corporation.)
R3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11776264 2015-12-03] (Broadcom Corp)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-09-11] (Dell Computer Corporation)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows (R) Win 7 DDK provider)
S3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-02-16] (Huawei Technologies Co., Ltd.)
S3 jakstaVA; C:\Windows\system32\DRIVERS\jaksta_va.sys [103816 2014-12-09] (e2eSoft)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-07-10] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [143592 2015-07-27] (STMicroelectronics)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-05-20] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-20 12:57 - 2016-05-20 12:58 - 00023301 _____ C:\Users\Michal\Desktop\FRST.txt
2016-05-20 12:57 - 2016-05-20 12:57 - 00000000 ____D C:\FRST
2016-05-20 12:55 - 2016-05-20 12:55 - 00112640 _____ (forum.viry.cz) C:\Users\Michal\Downloads\Nepotvrzeno 584638.crdownload
2016-05-20 12:54 - 2016-05-20 12:54 - 02382336 _____ (Farbar) C:\Users\Michal\Downloads\FRST64.exe
2016-05-20 12:54 - 2016-05-20 12:54 - 02382336 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2016-05-20 09:37 - 2016-05-20 09:37 - 00000000 ___HD C:\OneDriveTemp
2016-05-20 09:26 - 2016-05-20 09:26 - 04669119 _____ C:\Users\Michal\Downloads\CrystalDiskInfo6_7_5.zip
2016-05-20 08:48 - 2016-05-20 08:48 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-05-20 08:47 - 2016-05-20 09:25 - 00000000 ____D C:\ProgramData\RogueKiller
2016-05-20 08:46 - 2016-05-20 08:46 - 19840072 _____ C:\Users\Michal\Downloads\RogueKiller.exe
2016-05-20 08:46 - 2016-05-20 08:46 - 19840072 _____ C:\Users\Michal\Desktop\RogueKiller.exe
2016-05-19 13:52 - 2016-05-19 13:52 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-05-19 13:47 - 2016-05-19 13:47 - 00002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-05-19 13:47 - 2016-05-19 13:47 - 00002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-05-19 13:47 - 2016-05-19 13:47 - 00002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-05-19 13:47 - 2016-05-19 13:47 - 00002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-05-19 13:47 - 2016-05-19 13:47 - 00002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-05-19 13:47 - 2016-05-19 13:47 - 00002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2016-05-19 13:47 - 2016-05-19 13:47 - 00002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-05-19 13:47 - 2016-05-19 13:47 - 00002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-05-19 13:47 - 2016-05-19 13:47 - 00002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-05-19 13:47 - 2016-05-19 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-05-19 12:00 - 2016-05-20 01:26 - 00000000 ____D C:\Program Files\Microsoft Office
2016-05-19 12:00 - 2016-05-19 12:00 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-19 11:57 - 2016-05-19 11:57 - 04429512 _____ (Microsoft Corporation) C:\Users\Michal\Downloads\Setup.X64.cs-cz_O365ProPlusRetail_44d5dfb3-88ad-445b-ab4d-e18e9255629e_TX_DB_b_64_.exe
2016-05-19 06:58 - 2016-05-19 06:58 - 00144384 _____ C:\Users\Michal\Downloads\SkypeHost (2).exe
2016-05-19 06:58 - 2016-05-19 06:58 - 00144384 _____ C:\Users\Michal\Downloads\SkypeHost (1).exe
2016-05-19 06:57 - 2016-05-19 06:57 - 00144384 _____ C:\Users\Michal\Downloads\SkypeHost.exe
2016-05-19 06:47 - 2016-05-19 06:47 - 00000000 ____D C:\rsit
2016-05-19 06:24 - 2016-05-20 08:37 - 00000000 ____D C:\AdwCleaner
2016-05-18 15:26 - 2016-05-18 15:26 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-05-18 07:46 - 2016-05-18 07:45 - 00437552 _____ C:\Users\Michal\Desktop\Doklad_159342730Z.pdf
2016-05-18 07:45 - 2016-05-18 07:45 - 00437552 _____ C:\Users\Michal\Downloads\Doklad_159342730Z.pdf
2016-05-17 14:02 - 2016-05-17 14:02 - 08892608 _____ (Microsoft Corporation) C:\Users\Michal\Downloads\OneDriveSetup.exe
2016-05-17 14:02 - 2016-05-17 14:02 - 00002390 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-17 14:02 - 2016-05-17 14:02 - 00000000 ___RD C:\Users\Michal\OneDrive
2016-05-17 07:27 - 2016-05-17 07:27 - 00001361 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Práce SpgŠ BCE - zprávy, témaťáky, učebnice, plány apod.lnk
2016-05-16 21:29 - 2016-05-16 21:29 - 00000000 ____D C:\Users\Michal\AppData\Local\OfficeBSCache-ODB-michal.pernica@spgs-bce.cz
2016-05-16 21:21 - 2016-05-16 21:21 - 00000000 ____D C:\Users\Michal\Documents\Poznámkové bloky aplikace OneNote
2016-05-16 20:35 - 2016-05-20 09:37 - 00000000 ___RD C:\Users\Michal\OneDrive - Stredni pedagogicka skola Boskovice - Central School of education Boskovice
2016-05-16 19:44 - 2016-05-16 19:45 - 04429512 _____ (Microsoft Corporation) C:\Users\Michal\Downloads\Setup.X64.cs-cz_O365ProPlusRetail_ac644320-0941-4858-b0b0-00af90330a3a_TX_DB_b_64_.exe
2016-05-16 19:43 - 2016-05-16 19:44 - 03192512 _____ (Microsoft Corporation) C:\Users\Michal\Downloads\Setup.X86.cs-CZ_O365ProPlusRetail_ac644320-0941-4858-b0b0-00af90330a3a_TX_DB_b_67_.exe
2016-05-13 12:33 - 2016-05-13 12:33 - 00164082 _____ C:\Users\Michal\Downloads\2011050791.pdf
2016-05-13 07:27 - 2016-05-13 07:27 - 01107312 _____ C:\Users\Michal\Downloads\diplomová práce.pdf
2016-05-12 07:52 - 2016-05-12 07:52 - 01818839 _____ C:\Users\Michal\Downloads\convert-jpg-to-pdf.net_2016-05-12_07-52-37.pdf
2016-05-11 21:15 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdport.sys
2016-05-11 21:15 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2016-05-11 21:15 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-05-11 21:15 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2016-05-11 21:15 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2016-05-11 21:15 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2016-05-11 21:15 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2016-05-11 21:15 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-05-11 21:15 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-05-11 21:15 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-05-11 21:15 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-05-11 21:15 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-05-11 21:15 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-05-11 21:15 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-05-11 21:15 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-05-11 21:15 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-05-11 21:15 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-05-11 21:15 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-05-11 21:15 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 21:15 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 21:15 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 21:15 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 21:15 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 21:15 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 21:15 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-05-11 21:15 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-05-11 21:15 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-05-11 21:15 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-05-11 21:15 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 21:15 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-05-11 21:15 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-05-11 21:15 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2016-05-11 21:15 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-05-11 21:15 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-05-11 21:15 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-05-11 21:15 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2016-05-11 21:15 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-05-11 21:15 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-05-11 21:15 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-05-11 21:15 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2016-05-11 21:15 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufxsynopsys.sys
2016-05-11 21:15 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-05-11 21:15 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 21:15 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 21:15 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-05-11 21:15 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-11 21:15 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-11 21:15 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-05-11 21:15 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-11 21:15 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-05-11 21:15 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-05-11 21:15 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-05-11 21:15 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-05-11 21:15 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-05-11 21:15 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-05-11 21:15 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-11 21:15 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-05-11 21:15 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-05-11 21:15 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-05-11 21:15 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-05-11 21:15 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-05-11 21:15 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-05-11 21:15 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-05-11 21:15 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 21:15 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-05-11 21:15 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 21:15 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-05-11 21:15 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-05-11 21:15 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 21:15 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 21:15 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-05-11 21:15 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-11 21:15 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 21:15 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 21:15 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-05-11 21:15 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 21:15 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-05-11 21:15 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2016-05-11 21:15 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2016-05-11 21:15 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\Windows\system32\dwminit.dll
2016-05-11 21:15 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-05-11 21:15 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-05-11 21:15 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-05-11 21:15 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2016-05-11 21:15 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\hmkd.dll
2016-05-11 21:15 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-05-11 21:15 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2016-05-11 21:15 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2016-05-11 21:15 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmCx.sys
2016-05-11 21:15 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\ByteCodeGenerator.exe
2016-05-11 21:15 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\wificonnapi.dll
2016-05-11 21:15 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 21:15 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-05-11 21:15 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 21:15 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-05-11 21:15 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-05-11 21:15 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-05-11 21:15 - 2016-04-23 06:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2016-05-11 21:15 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-05-11 21:15 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2016-05-11 21:15 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-05-11 21:15 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filecrypt.sys
2016-05-11 21:15 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-05-11 21:15 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-05-11 21:15 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hmkd.dll
2016-05-11 21:15 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ByteCodeGenerator.exe
2016-05-11 21:15 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-05-11 21:15 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-05-11 21:15 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 21:15 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2016-05-11 21:15 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2016-05-11 21:15 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-05-11 21:15 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2016-05-11 21:15 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-05-11 21:15 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2016-05-11 21:15 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-05-11 21:15 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2016-05-11 21:15 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-05-11 21:15 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2016-05-11 21:15 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-05-11 21:15 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2016-05-11 21:15 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-05-11 21:15 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-05-11 21:15 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-05-11 21:15 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-05-11 21:15 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2016-05-11 21:15 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2016-05-11 21:15 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-05-11 21:15 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2016-05-11 21:15 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 21:15 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-05-11 21:15 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-05-11 21:15 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-05-11 21:15 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\BrowserSettingSync.dll
2016-05-11 21:15 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2016-05-11 21:15 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-05-11 21:15 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-05-11 21:15 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-05-11 21:15 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 21:15 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-05-11 21:15 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 21:15 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-05-11 21:15 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-05-11 21:15 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-05-11 21:15 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-05-11 21:15 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2016-05-11 21:15 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-05-11 21:15 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-05-11 21:15 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-05-11 21:15 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-05-11 21:15 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-11 21:15 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-05-11 21:15 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-05-11 21:15 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2016-05-11 21:15 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BrowserSettingSync.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00954368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2016-05-11 21:15 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-05-11 21:15 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-05-11 21:15 - 2016-04-23 06:18 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2016-05-11 21:15 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-05-11 21:15 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-05-11 21:15 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 21:15 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2016-05-11 21:15 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-05-11 21:15 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-05-11 21:15 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-05-11 21:15 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-05-11 21:15 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-05-11 21:15 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-11 21:15 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-05-11 21:15 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-11 21:15 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 21:15 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-05-11 21:15 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 21:15 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-05-11 21:15 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-05-11 21:15 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-05-11 21:15 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 21:15 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 21:15 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-05-11 21:15 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-05-11 21:15 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-05-11 21:15 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-05-11 21:15 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-05-11 21:15 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-11 21:15 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-05-11 21:15 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 21:15 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 21:15 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-05-11 21:15 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 21:15 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-05-11 21:15 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 21:15 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-05-11 21:15 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-05-11 21:15 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-05-11 21:15 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 21:15 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-05-11 21:15 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-05-11 21:15 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-05-11 21:15 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-05-11 21:15 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-05-11 21:15 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-05-11 21:15 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-05-11 21:15 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-05-11 21:15 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-05-11 21:15 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-05-11 21:15 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-05-11 21:15 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 21:15 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-05-11 21:15 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 21:15 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-05-11 21:15 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-05-11 21:15 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-05-11 21:15 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-05-11 21:15 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-05-11 21:15 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-05-11 21:15 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-05-11 21:15 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-05-11 21:15 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-05-11 21:15 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-05-11 21:15 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2016-05-11 21:15 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-05-11 21:15 - 2016-04-23 04:10 - 00002186 _____ C:\Windows\system32\AppxProvisioning.xml
2016-05-11 21:15 - 2016-04-19 00:30 - 00002186 _____ C:\Windows\SysWOW64\AppxProvisioning.xml
2016-05-10 09:41 - 2016-05-10 09:41 - 05467040 _____ C:\Users\Michal\Downloads\Pain Perception and the Human Brain.mp4
2016-05-10 09:41 - 2016-05-10 09:41 - 05467040 _____ C:\Users\Michal\Desktop\Pain Perception and the Human Brain.mp4
2016-05-09 19:45 - 2016-05-09 19:45 - 03552239 _____ C:\Users\Michal\Downloads\Zeměpis-pro-střední-odborné-školy-a-učiliště----kolektiv.pdf
2016-05-09 19:44 - 2016-05-09 19:44 - 00731673 _____ C:\Users\Michal\Downloads\Zeměpis-pro-střední-odborné-školy-a-učiliště---2.-vydání---kolektiv-autorů.pdf
2016-05-09 16:36 - 2016-05-09 16:41 - 180155986 _____ C:\Users\Michal\Downloads\projekce_sponzori_2016.mp4
2016-05-07 15:53 - 2016-05-07 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2016-05-07 15:53 - 2016-05-07 15:53 - 00000000 ____D C:\ProgramData\HiSuiteOuc
2016-05-07 15:53 - 2016-05-07 15:53 - 00000000 ____D C:\ProgramData\HandSetService
2016-05-07 15:52 - 2016-05-07 16:06 - 00000000 ____D C:\Program Files (x86)\HiSuite
2016-05-07 15:52 - 2016-05-07 15:53 - 00000000 ____D C:\Users\Michal\AppData\Local\Hisuite
2016-05-07 15:52 - 2016-05-07 15:52 - 26408013 _____ C:\Users\Michal\Downloads\hisuite_4.0.4.204 (2).rar
2016-05-07 15:49 - 2016-05-07 15:49 - 06882192 _____ (Piriform Ltd) C:\Users\Michal\Downloads\ccsetup517.exe
2016-05-07 15:30 - 2016-05-07 16:21 - 00000000 ____D C:\Users\Michal\Documents\HiSuite
2016-05-07 15:30 - 2016-02-16 11:04 - 02152176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2016-05-07 15:30 - 2016-02-16 11:04 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2016-05-07 15:30 - 2016-02-16 11:04 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2016-05-07 15:30 - 2016-02-16 11:04 - 00287232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2016-05-07 15:30 - 2016-02-16 11:04 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2016-05-07 15:30 - 2016-02-16 11:04 - 00126592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2016-05-07 15:30 - 2016-02-16 11:04 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2016-05-07 15:30 - 2016-02-16 11:04 - 00018816 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2016-05-07 15:28 - 2016-05-07 15:28 - 26408013 _____ C:\Users\Michal\Downloads\hisuite_4.0.4.204 (1).rar
2016-05-07 15:27 - 2016-05-07 15:28 - 26408013 _____ C:\Users\Michal\Downloads\hisuite_4.0.4.204.rar
2016-05-06 10:28 - 2016-05-06 10:29 - 106587826 _____ C:\Users\Michal\Downloads\Group 13 cover Tina Turner’s Proud Mary - Boot Camp - The X Factor UK 2015.mp4
2016-05-04 12:02 - 2016-05-04 12:02 - 00528233 _____ C:\Users\Michal\Downloads\klementova_2016-05-04_11-53-02.pdf
2016-05-04 07:20 - 2016-05-04 07:21 - 32367482 _____ C:\Users\Michal\Downloads\zasilka-JER29ZB8TNNNSEUS.zip
2016-05-03 05:46 - 2016-05-03 05:46 - 01076818 _____ C:\Users\Michal\Downloads\Zakovsky pruvodce MZ_2016 (1).pdf
2016-05-03 05:36 - 2016-05-03 05:36 - 01076818 _____ C:\Users\Michal\Downloads\Zakovsky pruvodce MZ_2016.pdf
2016-05-03 05:15 - 2016-05-03 05:15 - 01531325 _____ C:\Users\Michal\Downloads\Maturitni_zpravodaj_37_16.pdf
2016-05-03 04:54 - 2016-05-03 04:54 - 00115478 _____ C:\Users\Michal\Downloads\JZS_jaro-2016_podrobne schema_(priloha 8)_fin.pdf
2016-05-03 04:54 - 2016-05-03 04:54 - 00085776 _____ C:\Users\Michal\Downloads\JZS_jaro-2016_prilohy_fin.pdf
2016-05-02 08:20 - 2016-05-02 08:20 - 01166299 _____ C:\Users\Michal\Downloads\RHF2016-hlasovaci_zeton_.pdf
2016-05-02 08:19 - 2016-05-02 08:19 - 29905535 _____ C:\Users\Michal\Downloads\zasilka-JD32UN7AVLTGFMR9.zip
2016-04-30 07:51 - 2016-04-30 07:52 - 12518342 _____ C:\Users\Michal\Downloads\Honor 7 Quick Start Guide-%28V100R001_01%2CALL%29.pdf
2016-04-30 07:51 - 2016-04-30 07:51 - 27715041 _____ C:\Users\Michal\Downloads\HUAWEI PLK-L01 Mobile Phone User Guide-%28V100R001_01%2CCZ%2CNormal%29.pdf
2016-04-30 07:05 - 2016-04-30 07:05 - 00000000 __HDC C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}
2016-04-28 19:04 - 2016-04-28 19:04 - 00093325 _____ C:\Users\Michal\Downloads\vp_dd_1942164_2016_84671.pdf
2016-04-27 23:21 - 2016-04-27 23:27 - 104857600 _____ C:\Users\Michal\Downloads\319_-_Sean_Cody_-_Parker_s_Rim_Job.avi
2016-04-25 09:47 - 2016-04-25 09:47 - 00012728 _____ C:\Users\Michal\Downloads\HODNOCENÍ U PŘEHRÁVEK.xlsx
2016-04-25 08:44 - 2016-04-25 08:44 - 02768384 _____ C:\Users\Michal\Downloads\Ploštěnci_-_Plathelmintes_1.ppt
2016-04-22 12:11 - 2016-04-22 12:11 - 00525839 _____ C:\Users\Michal\Downloads\Harmonogram 11. a 12. 5. 2016.pdf
2016-04-20 13:43 - 2016-04-20 13:43 - 00044477 _____ C:\Users\Michal\Downloads\Spojení- na obce ORP Boskovice - 2015.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-20 12:53 - 2015-11-16 14:25 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-20 12:51 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-20 12:51 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-05-20 09:41 - 2015-11-16 13:49 - 01783434 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-20 09:41 - 2015-10-30 20:31 - 00755528 _____ C:\Windows\system32\perfh005.dat
2016-05-20 09:41 - 2015-10-30 20:31 - 00152642 _____ C:\Windows\system32\perfc005.dat
2016-05-20 09:41 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-05-20 09:37 - 2015-11-16 14:35 - 00000000 ___RD C:\Users\Michal\Disk Google
2016-05-20 09:36 - 2015-11-16 14:25 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-20 09:36 - 2015-11-16 14:17 - 00000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2016-05-20 09:36 - 2015-11-16 14:13 - 00000000 ____D C:\ProgramData\Validity
2016-05-20 09:35 - 2015-11-16 13:41 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-20 09:34 - 2015-10-30 08:28 - 00786432 ___SH C:\Windows\system32\config\BBI
2016-05-20 09:33 - 2016-03-13 11:37 - 00000000 ____D C:\Users\Michal\AppData\Local\SafeInCloud
2016-05-20 07:58 - 2015-11-16 16:21 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-20 01:12 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\NDF
2016-05-19 13:58 - 2015-11-16 13:39 - 00341344 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-19 13:52 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-19 13:52 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-19 11:50 - 2015-11-16 13:45 - 00000000 ____D C:\Users\Michal
2016-05-19 11:14 - 2015-10-30 20:35 - 00000000 ____D C:\Windows\ShellNew
2016-05-19 11:08 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-05-19 11:03 - 2015-11-16 13:45 - 00000000 ____D C:\Users\Michal\AppData\Local\Packages
2016-05-19 10:55 - 2016-01-31 21:42 - 00000000 ____D C:\Program Files\trend micro
2016-05-17 13:58 - 2015-11-18 16:05 - 00000000 ____D C:\Users\Michal\AppData\Local\Microsoft Help
2016-05-17 07:46 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2016-05-17 04:02 - 2015-11-23 21:01 - 00000000 ____D C:\Users\Michal\AppData\Roaming\vlc
2016-05-16 20:46 - 2016-01-12 06:33 - 00000000 ____D C:\Users\Michal\AppData\Roaming\MPC-HC
2016-05-16 20:46 - 2015-11-21 11:37 - 00000000 ____D C:\Users\Michal\AppData\Local\CrashDumps
2016-05-14 06:55 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-05-13 20:12 - 2015-11-16 16:21 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-13 00:55 - 2015-11-16 14:26 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-12 05:29 - 2015-11-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-12 01:19 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 01:19 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\oobe
2016-05-12 01:19 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-12 01:19 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\Provisioning
2016-05-12 01:19 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr
2016-05-12 01:18 - 2015-10-30 09:24 - 00015703 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 21:27 - 2015-12-08 23:56 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 21:16 - 2015-12-08 23:56 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 05:48 - 2015-11-16 14:25 - 00004048 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 05:48 - 2015-11-16 14:25 - 00003816 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-07 19:21 - 2016-03-16 08:46 - 00000000 ____D C:\Users\Michal\AppData\Roaming\MuseScore
2016-05-05 13:22 - 2015-11-16 18:22 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2016-05-04 07:30 - 2015-10-30 09:24 - 00000167 _____ C:\Windows\win.ini
2016-04-28 15:30 - 2015-11-28 15:28 - 00000000 ____D C:\Users\Michal\AppData\Roaming\dvdcss
2016-04-28 04:49 - 2015-11-16 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-24 11:14 - 2015-11-16 18:05 - 00000000 ____D C:\ProgramData\PCDr

==================== Files in the root of some directories =======

2015-11-22 10:01 - 2015-11-22 10:01 - 0007649 _____ () C:\Users\Michal\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Michal\AppData\Local\Temp\libeay32.dll
C:\Users\Michal\AppData\Local\Temp\msvcr120.dll
C:\Users\Michal\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-17 14:37

==================== End of FRST.txt ============================
Nahoru
Mitn
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 pro 2005 11:42

Re: Pomalý start, pomalé vypínání (restart) Win 10

#6 Příspěvek od Mitn »

dditional scan result of Farbar Recovery Scan Tool (x64) Version:19-05-2016
Ran by Michal (2016-05-20 12:59:08)
Running from C:\Users\Michal\Desktop
Windows 10 Pro Version 1511 (X64) (2015-11-16 11:44:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-499199583-512687402-1678617887-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-499199583-512687402-1678617887-503 - Limited - Disabled)
Guest (S-1-5-21-499199583-512687402-1678617887-501 - Limited - Disabled)
Michal (S-1-5-21-499199583-512687402-1678617887-1001 - Administrator - Enabled) => C:\Users\Michal

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AMD Catalyst Install Manager (HKLM\...\{7EABB7C4-BD84-2B20-5268-82D547C8F898}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
App-V Deployment Kit For Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-0000-7760-0C0F084E7200}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Ashampoo Burning Studio 16 (HKLM-x32\...\{91B33C97-A730-69CE-7A4F-4ADF378BB993}_is1) (Version: 16.0.6 - Ashampoo GmbH & Co. KG)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Balíček ovladače systému Windows - Broadcom (BcmVWL) Net (10/21/2011 6.20.55.1) (HKLM\...\D3D5243E35F0E912D4EBC814E30F950D23D4C15B) (Version: 10/21/2011 6.20.55.1 - Broadcom)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version: - )
Canon MX710 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX710_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Conexant HD Audio (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 1.0.52.0 - Conexant)
Conexant SmartAudio HD (HKLM-x32\...\{7A630EC4-B56A-4709-B18F-769B4F80DD17}) (Version: 8.54.40.50 - Conexant)
Dell Data Vault (Version: 4.3.8.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{3ED468C2-2235-4747-90AD-A7A34F0FE70A}) (Version: 1.2.2.8 - Dell)
Dell System Detect (HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\58d94f3ce2c27db0) (Version: 7.3.0.6 - Dell)
Dell Touchpad (HKLM\...\Elantech) (Version: 15.3.0.14 - ELAN Microelectronic Corp.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.58 - Dell Inc.)
ESET Smart Security (HKLM\...\{4D8E383E-0AB7-482D-9327-BB92D53312B4}) (Version: 8.0.319.1 - ESET, spol s r. o.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.74.5237 - Gretech Corporation)
Google Drive (HKLM-x32\...\{D7269C20-B3CE-4CD0-8E88-3D307D3BD41A}) (Version: 1.29.2074.1528 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.6001.1078 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MuseScore 2 (HKLM-x32\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6001.1078 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.026 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Revo Uninstaller Pro 3.1.4 (HKLM\...\Revo Uninstaller Pro PREACTIVATED by .:sHaRe:. @~1067B756_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
SafeInCloud Password Manager (HKLM-x32\...\{2C3F29B7-6FE5-4808-A2E8-86234C47246D}) (Version: 16.1.1 - Andrey Shcherbakov)
Smart View (HKLM-x32\...\{A617A39E-66FF-4BDC-A4C2-194B5266CBCC}) (Version: 1.0.0.0 - Samsung )
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0071 - ST Microelectronics)
Synaptics WBF Driver 5011 (11) (HKLM\...\{743D2E3F-46F6-47B4-A333-0ABA88761A0C}) (Version: 4.5.289.0 - Synaptics)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.690 - Broadcom Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_EN_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-499199583-512687402-1678617887-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Michal\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-499199583-512687402-1678617887-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D9BCE84-F084-4887-9FEA-B580305FB28F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-01] (Microsoft Corporation)
Task: {16D59704-7625-46C7-8C03-750DF0CDFDF8} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-03-24] (PC-Doctor, Inc.)
Task: {1A272DA8-93CF-41AB-91E0-29439760CD07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-16] (Google Inc.)
Task: {1BE3BF24-FE63-493F-9BE5-427A3E4E9A51} - System32\Tasks\{F698A910-7471-4EF3-AC26-4733B19810C5} => pcalua.exe -a D:\OV_Genomika.exe -d D:\
Task: {243F924A-45A5-451B-B259-8A5DF0E2B092} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-01] (Microsoft Corporation)
Task: {4F02F1ED-D9F5-40DA-A75F-44D53C181490} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-03-24] (PC-Doctor, Inc.)
Task: {5AEA428C-5BB0-4422-9938-F14E3619688D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {7FAD1209-67A6-4E24-9010-26E6B7F80BCD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-05-19] (Microsoft Corporation)
Task: {9E58A766-5BFF-44B7-AB54-429C6394410C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-04-22] (Dell Inc.)
Task: {9F32B449-6D69-4CC2-A6D1-42CF9E536000} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {B12996A8-B5C6-4B44-97A7-784C0C663851} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-16] (Google Inc.)
Task: {B59588D3-7C05-4928-939A-A1D84693CAF0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-05-19] (Microsoft Corporation)
Task: {BF5AC71E-8262-42AD-8F6B-978D35CE6F9B} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {C8D8924C-CB05-4A80-839E-3DC75BB13186} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {E5E62AFD-0C69-4ECC-8306-C54135893937} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-05-19] (Microsoft Corporation)
Task: {ED219080-0459-4D2D-876B-1C4FA2F9C47C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2012-10-25 17:46 - 2012-10-25 17:46 - 00710656 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\KOAYQJAO.DLL
2015-07-08 04:44 - 2015-07-08 04:44 - 00049408 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2016-05-19 11:59 - 2016-05-01 04:52 - 00171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-05-07 15:53 - 2016-02-16 11:04 - 00192304 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2016-04-13 13:38 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-13 13:38 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-17 14:02 - 2016-05-17 14:02 - 00959176 _____ () C:\Users\Michal\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64\ClientTelemetry.dll
2015-12-17 23:30 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 21:15 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 21:15 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 21:15 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 21:15 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 21:15 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-06 17:17 - 2012-07-18 11:03 - 00165024 _____ () C:\Program Files\Conexant\SA3\MaxxAudioWrapper.dll
2016-04-06 12:30 - 2016-04-06 12:30 - 02191872 _____ () C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
2016-05-18 22:46 - 2016-05-18 22:47 - 00933576 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.6965.57691.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2016-05-18 22:46 - 2016-05-18 22:47 - 00138440 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.6965.57691.0_x64__8wekyb3d8bbwe\textinputdriver.dll
2016-05-18 22:46 - 2016-05-18 22:47 - 00634560 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.6965.57691.0_x64__8wekyb3d8bbwe\SignalRClient_winapp.dll
2016-05-04 07:06 - 2016-05-04 07:07 - 03940040 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\gfxim.dll
2016-01-21 08:25 - 2016-01-21 08:25 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-15 07:47 - 2015-12-15 07:47 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-05-13 00:55 - 2016-05-11 05:49 - 02224280 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 00:55 - 2016-05-11 05:49 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2016-05-17 14:02 - 2016-05-17 14:02 - 00679624 _____ () C:\Users\Michal\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\ClientTelemetry.dll
2016-05-20 09:37 - 2016-05-20 09:37 - 00098816 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32api.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00110080 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\pywintypes27.dll
2016-05-20 09:37 - 2016-05-20 09:37 - 00364544 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\pythoncom27.dll
2016-05-20 09:37 - 2016-05-20 09:37 - 00320512 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32com.shell.shell.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00776704 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\_hashlib.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 01176576 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\wx._core_.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00806400 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\wx._gdi_.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00816128 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\wx._windows_.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 01067008 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\wx._controls_.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00733184 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\wx._misc_.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00682496 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\pysqlite2._sqlite.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00088064 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\_ctypes.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00119808 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32file.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00108544 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32security.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00007168 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\hashobjs_ext.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00017920 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\thumbnails_ext.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00088064 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\usb_ext.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00167936 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32gui.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00018432 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32event.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00046080 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\_socket.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 01208320 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\_ssl.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00128512 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\_elementtree.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00127488 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\pyexpat.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00012288 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\common.time34.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00038912 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32inet.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00036864 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\_psutil_windows.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00525208 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\windows._lib_cacheinvalidation.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00011264 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32crypt.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00077312 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\wx._html2.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00027136 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\_multiprocessing.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00020480 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\_yappi.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00035840 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32process.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00686080 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\unicodedata.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00078848 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\wx._animate.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00123392 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\wx._wizard.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00024064 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32pipe.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00010240 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\select.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00025600 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32pdh.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00017408 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32profile.pyd
2016-05-20 09:37 - 2016-05-20 09:37 - 00022528 ____R () C:\Users\Michal\AppData\Local\Temp\_MEI69842\win32ts.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\sharepoint.com -> hxxps://spgsbce-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-499199583-512687402-1678617887-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Dell Webcam Central"
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4FE1D508-6C10-4BCD-83EB-F72E37DD1747}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F3D10B37-E8A3-4BC7-B6E6-9FC48AB53142}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69454518-C593-4092-B4C1-1B4ED5B6A0D6}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{A39CCA44-7B31-4DAB-AE50-F9B1296A54DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8B26D660-8EA4-42E1-B503-B68A69C3F24A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{AB9AE779-5A32-4046-977D-74D5A7097B61}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{77CAD28F-02AD-4590-A131-67CC52B4F750}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{FB0900F9-5401-4CC1-8817-074D1B507BE2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2A3E451A-F787-4C12-8A2F-FC1F92D28325}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe

==================== Restore Points =========================

07-05-2016 15:47:40 Revo Uninstaller Pro's restore point - HiSuite
11-05-2016 21:16:15 Windows Update
19-05-2016 11:05:45 Revo Uninstaller Pro's restore point - Microsoft Office Professional Plus 2013
19-05-2016 11:06:22 Removed Microsoft Office Professional Plus 2013

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/20/2016 12:51:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAL-DESKTOP)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/20/2016 12:51:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LockApp.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 60c

Čas spuštění: 01d1b27aee700c92

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

ID hlášení: c24aec95-1e78-11e6-b533-642737f90606

Úplný název balíčku s chybou: Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: WindowsDefaultLockScreen

Error: (05/20/2016 08:38:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe, verze: 10.0.10586.0, časové razítko: 0x5632d7ba
Název chybujícího modulu: ESENT.dll, verze: 10.0.10586.212, časové razítko: 0x56fa1686
Kód výjimky: 0xc0000602
Posun chyby: 0x000000000022885f
ID chybujícího procesu: 0xa28
Čas spuštění chybující aplikace: 0xsvchost.exe0
Cesta k chybující aplikaci: svchost.exe1
Cesta k chybujícímu modulu: svchost.exe2
ID zprávy: svchost.exe3
Úplný název chybujícího balíčku: svchost.exe4
ID aplikace související s chybujícím balíčkem: svchost.exe5

Error: (05/20/2016 08:38:01 AM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2600) Proces se ukončuje kvůli neopravitelnému selhání: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS).

Error: (05/20/2016 07:56:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MICHAL-DESKTOP)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/20/2016 07:56:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LockApp.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1864

Čas spuštění: 01d1b25be5781494

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

ID hlášení: 9ed9f852-1e4f-11e6-b531-e0db55d13873

Úplný název balíčku s chybou: Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: WindowsDefaultLockScreen

Error: (05/20/2016 07:53:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: MICHAL-DESKTOP)
Description: Aplikace Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen se nespustila ve stanovenou dobu.

Error: (05/20/2016 06:56:24 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (05/19/2016 02:03:53 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/19/2016 01:52:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem Nezdařila se fáze obnovení..

Kontext: aplikace , katalog SystemIndex

Podrobnosti:
Vypínání indexovacího modulu (HRESULT : 0x80040d23) (0x80040d23)


System errors:
=============
Error: (05/20/2016 11:35:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (05/20/2016 09:35:28 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech DPPassFilter kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (05/20/2016 09:33:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_3d2ba byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (05/20/2016 09:33:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_3d2ba byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (05/20/2016 09:33:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_3d2ba byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (05/20/2016 09:33:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_3d2ba byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (05/20/2016 09:33:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (05/20/2016 08:48:04 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys

Error: (05/20/2016 08:40:19 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech DPPassFilter kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (05/20/2016 08:38:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Bluetooth Service neuspěla při spuštění v důsledku následující chyby:
%%109


CodeIntegrity:
===================================
Date: 2016-05-19 13:54:00.557
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-19 13:47:22.423
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-19 11:13:23.214
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-18 03:57:29.052
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-16 20:20:37.087
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-16 19:53:54.200
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-16 19:52:20.015
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-14 07:12:12.098
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-13 01:26:23.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-05-12 01:25:46.279
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz
Percentage of memory in use: 40%
Total physical RAM: 8067.35 MB
Available physical RAM: 4811.89 MB
Total Virtual: 9347.35 MB
Available Virtual: 5815.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.15 GB) (Free:531.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: D666A74B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Pomalý start, pomalé vypínání (restart) Win 10

#7 Příspěvek od altrok »

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-10-21] (ZONER software)
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\MountPoints2: {fe99404f-1402-11e6-b51d-e0db55d13873} - "E:\autorun.exe"
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\MountPoints2: {fe9941f7-1402-11e6-b51d-e0db55d13873} - "E:\autorun.exe" 
2016-05-20 09:26 - 2016-05-20 09:26 - 04669119 _____ C:\Users\Michal\Downloads\CrystalDiskInfo6_7_5.zip
2016-05-19 06:47 - 2016-05-19 06:47 - 00000000 ____D C:\rsit
2016-05-19 06:24 - 2016-05-20 08:37 - 00000000 ____D C:\AdwCleaner
Folder: C:\Users\Michal\AppData\Local\CrashDumps
2016-05-19 10:55 - 2016-01-31 21:42 - 00000000 ____D C:\Program Files\trend micro
File: C:\Windows\SECOH-QAD.exe
Task: {1BE3BF24-FE63-493F-9BE5-427A3E4E9A51} - System32\Tasks\{F698A910-7471-4EF3-AC26-4733B19810C5} => pcalua.exe -a D:\OV_Genomika.exe -d D:\
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Mitn
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 pro 2005 11:42

Re: Pomalý start, pomalé vypínání (restart) Win 10

#8 Příspěvek od Mitn »

ix result of Farbar Recovery Scan Tool (x64) Version:19-05-2016
Ran by Michal (2016-05-20 13:25:42) Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-10-21] (ZONER software)
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\MountPoints2: {fe99404f-1402-11e6-b51d-e0db55d13873} - "E:\autorun.exe"
HKU\S-1-5-21-499199583-512687402-1678617887-1001\...\MountPoints2: {fe9941f7-1402-11e6-b51d-e0db55d13873} - "E:\autorun.exe"
2016-05-20 09:26 - 2016-05-20 09:26 - 04669119 _____ C:\Users\Michal\Downloads\CrystalDiskInfo6_7_5.zip
2016-05-19 06:47 - 2016-05-19 06:47 - 00000000 ____D C:\rsit
2016-05-19 06:24 - 2016-05-20 08:37 - 00000000 ____D C:\AdwCleaner
Folder: C:\Users\Michal\AppData\Local\CrashDumps
2016-05-19 10:55 - 2016-01-31 21:42 - 00000000 ____D C:\Program Files\trend micro
File: C:\Windows\SECOH-QAD.exe
Task: {1BE3BF24-FE63-493F-9BE5-427A3E4E9A51} - System32\Tasks\{F698A910-7471-4EF3-AC26-4733B19810C5} => pcalua.exe -a D:\OV_Genomika.exe -d D:\
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-499199583-512687402-1678617887-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
"HKU\S-1-5-21-499199583-512687402-1678617887-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe99404f-1402-11e6-b51d-e0db55d13873}" => key removed successfully
HKCR\CLSID\{fe99404f-1402-11e6-b51d-e0db55d13873} => key not found.
"HKU\S-1-5-21-499199583-512687402-1678617887-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe9941f7-1402-11e6-b51d-e0db55d13873}" => key removed successfully
HKCR\CLSID\{fe9941f7-1402-11e6-b51d-e0db55d13873} => key not found.
C:\Users\Michal\Downloads\CrystalDiskInfo6_7_5.zip => moved successfully
C:\rsit => moved successfully
C:\AdwCleaner => moved successfully

========================= Folder: C:\Users\Michal\AppData\Local\CrashDumps ========================


====== End of Folder: ======

C:\Program Files\trend micro => moved successfully

========================= File: C:\Windows\SECOH-QAD.exe ========================

====== End of File: ======

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BE3BF24-FE63-493F-9BE5-427A3E4E9A51}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BE3BF24-FE63-493F-9BE5-427A3E4E9A51}" => key removed successfully
C:\Windows\System32\Tasks\{F698A910-7471-4EF3-AC26-4733B19810C5} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F698A910-7471-4EF3-AC26-4733B19810C5}" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 2.9 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 13:27:21 ====
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7317
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Pomalý start, pomalé vypínání (restart) Win 10

#9 Příspěvek od altrok »

Ted by se melo nacitani zrychlit (prvni restart jeste ne, ale ty dalsi by mely jit znat). Malware v PC nebyl, ale procistili jsme docasne adresare (cache, tempy, etc.).

Poradne vyzkousejte chovani PC a dejte pak vedet, jak se chova, pripadne jake jsou dalsi problemy.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“