VIRY.CZ

Logfile of random's system information tool 1.14 (written by random/random)
Run by Martin Janoušek at 2017-01-01 13:25:48
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 430 GB (62%) free of 699 GB
Total RAM: 8105 MB (60% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:26:59, on 1.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Users\Martin Janoušek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files\trend micro\Martin Janoušek_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [BingSvc] C:\Users\Martin Janoušek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Služba HP Trust Circles (CreoService) - CryptoMill Technologies Ltd. - C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Auditování/zamknutí zařízení nástroje HP (FLCDLOCK) - Hewlett-Packard Company - C:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\ws.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17002 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\system32\atiesrxx.exe
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 30147328
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
\??\C:\Windows\system32\conhost.exe "-1948762297-299035321197229672512369285715179376519447536272003304383321218135
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Users\Martin Janoušek\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\Program Files\COMODO\GeekBuddy\unit.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
C:\Windows\splwow64.exe 8192
"C:\Windows\SysWOW64\RunDll32.exe" "c:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"c:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=55.0.2883.87 --handshake-handle=0x200
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8364 --on-initialized-event-handle=664 --parent-handle=668 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Control6/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/*Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Control/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_39/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=F16EDFE4BBFA70B3A0E2CBA342B485E9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=F16EDFE4BBFA70B3A0E2CBA342B485E9 --mojo-platform-channel-handle=3944 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 884 888 896 65536 892
"C:\Users\Martin Janoušek\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HPCeeScheduleForMartin Janoušek.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMartin Janoušek (null)
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\HPCeeScheduleForMartin Janoušek - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMartin Janoušek (null)
C:\Windows\system32\tasks\Registration - "C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe" Registration ShowMessageTask2D
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\tasks\{627CFF76-A4D5-4EEE-85A1-B04D807D1F15} - C:\Windows\system32\pcalua.exe -a "C:\Users\Martin Janoušek\Downloads\SetupDWGTrueView2014_ENU_32bit.sfx.exe" -d "C:\Users\Martin Janoušek\Downloads"
C:\Windows\system32\tasks\{C4077172-0F59-47C6-980A-7F417144A1A8} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.2.0.103/cs/a ... age=tsBing
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1578652401-2311361242-3955085527-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\Windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\Windows\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\Windows\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9}
C:\Windows\system32\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}

=========Google Chrome=========

C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cmaiofennmphjldldcpphcechfnnohja 0 PrivDog 2.2.0.14
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 0.0.0.6
Extension ffjcmnpnoopgilmnfhloocdcbnimmmea 0 Elite Unzip 12.10.6.15045
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.2.15747.10003
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension ncffjdbbodifgldkcbhmiiljfcnbgjab 0 HP Client Security Manager 1.3.0.5833
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab]
"Path"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=CMNTDFJS


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=CMNTDFJS

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04 214216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-12-04 683720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04 2888904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-04 442568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19 414920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [2016-03-20 8641536]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-06-05 1703424]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-07-20 36352]
""= []
"CryptoMill Refresh"=C:\Program Files\Hewlett-Packard\HP Trust Circles\ceflauncher -m refresh []
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2015-12-10 2726728]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-05-02 3937448]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-11-29 6623112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Users\Martin Janoušek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-13 144008]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-11-15 27219928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"=C:\Windows\system32\cmd.exe [2010-11-21 345088]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"=C:\Windows\system32\cmd.exe [2010-11-21 345088]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"=C:\Windows\system32\cmd.exe [2010-11-21 345088]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"=C:\Windows\system32\cmd.exe [2010-11-21 345088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2015-05-25 296216]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-06-24 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-05-16 336672]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2015-07-01 96056]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2015-08-03 2213592]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2015-11-16 191200]
""= []
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2015-11-18 127528]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2015-12-10 1185112]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2016-09-22 1193728]
"tvncontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2016-03-29 2485944]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Start GeekBuddy.lnk - C:\Program Files\COMODO\GeekBuddy\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2017-01-01 13:25:48 ----D---- C:\rsit
2017-01-01 13:25:48 ----D---- C:\Program Files\trend micro
2016-12-27 19:29:28 ----A---- C:\Windows\system32\mshtml.dll
2016-12-27 19:29:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-12-27 19:29:26 ----A---- C:\Windows\system32\ieframe.dll
2016-12-27 19:29:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-12-27 19:29:24 ----A---- C:\Windows\system32\jscript9.dll
2016-12-27 19:29:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-12-27 19:29:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-12-27 19:29:22 ----A---- C:\Windows\system32\wininet.dll
2016-12-27 19:29:22 ----A---- C:\Windows\system32\win32k.sys
2016-12-27 19:29:21 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-12-27 19:29:21 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-12-27 19:29:21 ----A---- C:\Windows\system32\winload.exe
2016-12-27 19:29:21 ----A---- C:\Windows\system32\msi.dll
2016-12-27 19:29:21 ----A---- C:\Windows\system32\drivers\cng.sys
2016-12-27 19:29:21 ----A---- C:\Windows\system32\crypt32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-12-27 19:29:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\wintrust.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\usp10.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\user32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\iedkcs32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\gdi32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\consent.exe
2016-12-27 19:29:20 ----A---- C:\Windows\system32\clfs.sys
2016-12-27 19:29:20 ----A---- C:\Windows\system32\bcrypt.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\bcdedit.exe
2016-12-27 19:29:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-12-27 19:29:17 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-12-27 19:29:17 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-12-27 19:29:17 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-12-27 19:29:17 ----A---- C:\Windows\system32\ntdll.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\urlmon.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\nlsbres.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\hlink.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-12-27 19:29:16 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-12-27 19:29:16 ----A---- C:\Windows\system32\certcli.dll
2016-12-27 19:29:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-12-27 19:29:15 ----A---- C:\Windows\system32\vbscript.dll
2016-12-27 19:29:15 ----A---- C:\Windows\system32\msfeeds.dll
2016-12-27 19:29:15 ----A---- C:\Windows\system32\jscript.dll
2016-12-27 19:29:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-12-27 19:29:14 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-12-27 19:29:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-12-27 19:29:14 ----A---- C:\Windows\system32\iertutil.dll
2016-12-27 19:29:13 ----A---- C:\Windows\system32\rpcrt4.dll
2016-12-27 19:29:13 ----A---- C:\Windows\system32\ieapfltr.dll
2016-12-27 19:29:12 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-12-27 19:29:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-12-27 19:29:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-12-27 19:29:12 ----A---- C:\Windows\system32\msiexec.exe
2016-12-27 19:29:12 ----A---- C:\Windows\system32\ieui.dll
2016-12-27 19:29:12 ----A---- C:\Windows\system32\authui.dll
2016-12-27 19:29:11 ----A---- C:\Windows\system32\msihnd.dll
2016-12-27 19:29:11 ----A---- C:\Windows\system32\lsasrv.dll
2016-12-27 19:29:10 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\webcheck.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\smss.exe
2016-12-27 19:29:10 ----A---- C:\Windows\system32\mshtmled.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\dxtrans.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\dxtmsft.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\msrating.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\kerberos.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\jscript9diag.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-12-27 19:29:08 ----A---- C:\Windows\system32\advapi32.dll
2016-12-27 19:29:07 ----A---- C:\Windows\system32\occache.dll
2016-12-27 19:29:07 ----A---- C:\Windows\system32\kernel32.dll
2016-12-27 19:29:07 ----A---- C:\Windows\system32\cryptsvc.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\schannel.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-27 19:29:06 ----A---- C:\Windows\system32\jsproxy.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\inseng.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\ieUnatt.exe
2016-12-27 19:29:06 ----A---- C:\Windows\system32\cryptnet.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\appinfo.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\wow64win.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\winsrv.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\ncrypt.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\msv1_0.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\KernelBase.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\wow64.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\wdigest.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\TSpkg.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\sspicli.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\srcore.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\rpchttp.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\iesetup.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\iernonce.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-12-27 19:29:04 ----A---- C:\Windows\system32\ie4uinit.exe
2016-12-27 19:29:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-12-27 19:29:04 ----A---- C:\Windows\system32\drivers\appid.sys
2016-12-27 19:29:04 ----A---- C:\Windows\system32\csrsrv.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\conhost.exe
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\wow64cpu.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\sspisrv.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\srclient.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\secur32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\rstrui.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\ntvdm64.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\lsass.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\cryptbase.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\credssp.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\auditpol.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidsvc.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidapi.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\user.exe
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-12-27 19:29:02 ----A---- C:\Windows\system32\msimsg.dll
2016-12-27 19:29:02 ----A---- C:\Windows\system32\apisetschema.dll
2016-12-27 19:29:02 ----A---- C:\Windows\system32\adtschema.dll
2016-12-27 19:29:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-12-27 19:29:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-12-27 19:29:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\tzres.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\msobjs.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\msaudite.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-12-21 08:05:53 ----SHD---- C:\Config.Msi
2016-12-19 08:40:15 ----D---- C:\AMD

======List of files/folders modified in the last 1 month======

2017-01-01 13:26:21 ----D---- C:\Users\Martin Janoušek\AppData\Roaming\Skype
2017-01-01 13:26:01 ----D---- C:\Windows\Prefetch
2017-01-01 13:25:53 ----D---- C:\Windows\Temp
2017-01-01 13:25:48 ----RD---- C:\Program Files
2017-01-01 12:35:53 ----SHD---- C:\System Volume Information
2017-01-01 12:15:56 ----D---- C:\Windows\system32\config
2017-01-01 10:29:11 ----D---- C:\Windows\System32
2017-01-01 10:29:11 ----D---- C:\Windows\inf
2017-01-01 10:29:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-01 10:18:09 ----D---- C:\ProgramData\PDFC
2017-01-01 10:16:54 ----AD---- C:\Windows
2016-12-31 21:04:58 ----D---- C:\Windows\rescache
2016-12-31 20:29:38 ----D---- C:\Windows\Microsoft.NET
2016-12-31 12:27:17 ----SHD---- C:\Windows\Installer
2016-12-31 12:27:05 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-12-31 12:24:14 ----D---- C:\Program Files (x86)\Common Files
2016-12-31 12:21:30 ----D---- C:\Program Files (x86)\Microsoft Office
2016-12-28 17:20:25 ----D---- C:\Windows\system32\MRT
2016-12-28 17:20:25 ----D---- C:\Windows\debug
2016-12-28 17:20:04 ----AC---- C:\Windows\system32\MRT.exe
2016-12-28 16:14:13 ----RSD---- C:\Windows\assembly
2016-12-28 08:42:21 ----D---- C:\Windows\winsxs
2016-12-28 08:37:46 ----D---- C:\Windows\system32\catroot
2016-12-28 08:36:56 ----D---- C:\Program Files\Internet Explorer
2016-12-28 08:36:55 ----D---- C:\Program Files (x86)\Internet Explorer
2016-12-28 08:36:53 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-12-28 08:36:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-12-28 08:36:52 ----D---- C:\Windows\SYSWOW64\en-US
2016-12-28 08:36:51 ----D---- C:\Windows\SysWOW64
2016-12-28 08:36:46 ----D---- C:\Windows\system32\drivers
2016-12-28 08:36:45 ----D---- C:\Windows\system32\sk-SK
2016-12-28 08:36:44 ----D---- C:\Windows\system32\cs-CZ
2016-12-28 08:36:43 ----D---- C:\Windows\system32\en-US
2016-12-28 08:36:37 ----D---- C:\Windows\AppPatch
2016-12-28 08:36:32 ----D---- C:\Windows\system32\Boot
2016-12-28 08:33:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-12-28 03:47:59 ----D---- C:\Windows\system32\LogFiles
2016-12-27 19:32:06 ----D---- C:\Program Files (x86)
2016-12-27 19:31:57 ----D---- C:\Windows\Tasks
2016-12-27 18:57:58 ----D---- C:\Windows\system32\catroot2
2016-12-27 18:50:06 ----D---- C:\Windows\system32\wfp
2016-12-27 18:49:57 ----D---- C:\Windows\system32\wbem
2016-12-27 18:47:04 ----D---- C:\Windows\system32\DriverStore
2016-12-27 18:46:44 ----D---- C:\Windows\system32\Tasks
2016-12-27 18:46:43 ----D---- C:\Windows\system32\NDF
2016-12-27 18:46:40 ----D---- C:\Windows\system32\drivers\UMDF
2016-12-27 18:46:40 ----D---- C:\Windows\system32\CodeIntegrity
2016-12-27 18:46:38 ----D---- C:\Windows\servicing
2016-12-27 18:45:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-12-27 18:44:56 ----D---- C:\Program Files\AMD
2016-12-27 18:44:37 ----D---- C:\Program Files (x86)\AMD AVT
2016-12-27 18:44:37 ----D---- C:\Program Files (x86)\AMD
2016-12-27 18:42:52 ----D---- C:\Windows\registration
2016-12-27 18:11:30 ----D---- C:\Windows\SoftwareDistribution
2016-12-21 08:06:00 ----D---- C:\ProgramData\AMD
2016-12-14 09:04:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-12-14 09:03:58 ----D---- C:\Windows\system32\Macromed
2016-12-14 09:03:51 ----D---- C:\Windows\SYSWOW64\Macromed
2016-12-10 14:13:19 ----D---- C:\Windows\system32\wdi
2016-12-02 09:58:03 ----D---- C:\ProgramData\CanonIJPLM

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2016-11-29 69320]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2015-11-18 31880]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-07-20 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-07-20 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2015-05-25 22800]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2015-11-19 56864]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2015-11-19 232480]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2015-11-19 138272]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2016-02-24 37976]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver; C:\Windows\system32\DRIVERS\hmd.sys [2014-06-26 14888]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2014-05-07 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2015-11-18 44680]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-09-24 165688]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2016-03-20 23800]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2016-03-20 7884536]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-10-29 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-03 598808]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-01 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\drivers\btwrchid.sys [2012-03-06 21544]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2016-07-18 502256]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2013-11-19 26936]
R3 IceKore;IceKore; C:\Windows\system32\DRIVERS\IceKore.sys [2015-08-03 411608]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-05-25 455440]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2015-05-25 390416]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-05-25 799504]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-11-10 100312]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-05-02 33960]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2015-08-03 1513208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2014-06-05 551936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2016-05-02 612008]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-04-13 147904]
R3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-10-29 19968]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-11-29 26713600]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-11-29 517512]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-04-24 96768]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-10-29 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys []
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-09-26 4932072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-07-07 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2013-09-04 30448]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-11-10 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-11-29 286088]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-12-07 1005944]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-12-30 3698888]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2016-11-09 76944]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-27 5817256]
R2 CreoService;Služba HP Trust Circles; C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [2015-08-03 1927128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2013-08-14 7168]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-09-18 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-09-18 298760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-02-10 500048]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2016-10-02 2272904]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2016-03-29 2485944]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2014-04-10 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2015-08-03 1758936]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2014-05-16 683296]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2015-11-18 44680]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-08-27 29728]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-07-20 18672]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-09-26 344184]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-11-10 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-11-10 390616]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2016-09-22 1719040]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-06-05 340480]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-05-02 237736]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2015-08-03 3221392]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2015-11-16 1527520]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-11-25 1102472]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-28 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-28 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14 270936]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-28 51384]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-27 2271928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-09-26 279160]
S3 FLCDLOCK;Auditování/zamknutí zařízení nástroje HP; C:\Windows\SysWOW64\flcdlock.exe [2014-04-10 567608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-12-27 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-12-03 209088]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-06-02 5132888]
S3 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2015-04-17 1771560]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2015-04-17 861736]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-28 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-28 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-28 135848]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v6.041 - Log vytvořen 01/01/2017 v 19:52:04
# Aktualizováno dne 16/12/2016 z Malwarebytes
# Databáze : 2016-12-30.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Martin Janoušek - MARTINJANOUSEK
# Spuštěno z : C:\Users\Martin Janoušek\Desktop\adwcleaner_6.041.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\Martin Janoušek\AppData\Local\AdTrustMedia
[-] Složka smazána: C:\Users\Martin Janoušek\AppData\Roaming\AdTrustMedia
[-] Složka smazána: C:\Users\Martin Janoušek\AppData\Roaming\OpenCandy
[-] Složka smazána: C:\Program Files\AdTrustMedia
[-] Složka smazána: C:\ProgramData\AdTrustMedia
[#] Složka smazána po restartu: C:\ProgramData\Application Data\AdTrustMedia
[-] Složka smazána: C:\Program Files (x86)\AdTrustMedia
[-] Složka smazána: C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjcmnpnoopgilmnfhloocdcbnimmmea


***** [ Soubory ] *****

[-] Soubor smazán: C:\Windows\SysNative\LavasoftTcpService64.dll
[-] Soubor smazán: C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] Soubor smazán: C:\prefs.js
[-] Soubor smazán: C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ffjcmnpnoopgilmnfhloocdcbnimmmea_0.localstorage


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
[-] Klíč smazán: HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Klíč smazán: HKU\S-1-5-21-1578652401-2311361242-3955085527-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
[-] Klíč smazán: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Klíč smazán po restartu: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Prohlížeče ] *****

[-] [C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: cmaiofennmphjldldcpphcechfnnohja
[-] [C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: ffjcmnpnoopgilmnfhloocdcbnimmmea


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2993 Bajty] - [01/01/2017 19:52:04]
C:\AdwCleaner\AdwCleaner[S0].txt - [3308 Bajty] - [01/01/2017 19:50:58]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3139 Bajty] ##########

A ještě jednu věc jsem zapomněl. Po spuštění se objeví tato hláška

Dejte nový log RSIT. Hláška se týká aplikace Accelerometr, který k chodu systému není třeba. Buď ho odinstalujte, nebo přeinstalujte.

Logfile of random's system information tool 1.14 (written by random/random)
Run by Martin Janoušek at 2017-01-01 21:40:27
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 421 GB (60%) free of 699 GB
Total RAM: 8105 MB (61% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:40:34, on 1.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Users\Martin Janoušek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Windows\SysWOW64\RunDll32.exe
c:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Martin Janoušek_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [BingSvc] C:\Users\Martin Janoušek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Služba HP Trust Circles (CreoService) - CryptoMill Technologies Ltd. - C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Auditování/zamknutí zařízení nástroje HP (FLCDLOCK) - Hewlett-Packard Company - C:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\ws.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17002 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\system32\atiesrxx.exe
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
C:\Windows\system32\WLANExt.exe 29934848
\??\C:\Windows\system32\conhost.exe "-1301788613198127558-1925907327-20185587676521640771987290612-925005906258093635
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Martin Janoušek\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files\COMODO\GeekBuddy\unit_manager.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "c:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Program Files\COMODO\GeekBuddy\unit.exe
"c:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe"
C:\Windows\splwow64.exe 8192
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=55.0.2883.87 --handshake-handle=0x200
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1300 --on-initialized-event-handle=664 --parent-handle=668 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Control6/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/*Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Control/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_39/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=5AAE3FA143D2B869C5648E1FC7E3DD46 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=5AAE3FA143D2B869C5648E1FC7E3DD46 --mojo-platform-channel-handle=4484 /prefetch:1
"C:\Users\Martin Janoušek\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HPCeeScheduleForMartin Janoušek.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMartin Janoušek (null)
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\HPCeeScheduleForMartin Janoušek - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMartin Janoušek (null)
C:\Windows\system32\tasks\Registration - "C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe" Registration ShowMessageTask2D
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\tasks\{627CFF76-A4D5-4EEE-85A1-B04D807D1F15} - C:\Windows\system32\pcalua.exe -a "C:\Users\Martin Janoušek\Downloads\SetupDWGTrueView2014_ENU_32bit.sfx.exe" -d "C:\Users\Martin Janoušek\Downloads"
C:\Windows\system32\tasks\{C4077172-0F59-47C6-980A-7F417144A1A8} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.2.0.103/cs/a ... age=tsBing
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1578652401-2311361242-3955085527-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\Windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\Windows\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\Windows\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9}
C:\Windows\system32\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}

=========Google Chrome=========

C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.2.15747.10003
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension ncffjdbbodifgldkcbhmiiljfcnbgjab 0 HP Client Security Manager 1.3.0.5833
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab]
"Path"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=CMNTDFJS


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=CMNTDFJS

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04 214216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-12-04 683720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04 2888904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-04 442568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19 414920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [2016-03-20 8641536]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-06-05 1703424]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-07-20 36352]
""= []
"CryptoMill Refresh"=C:\Program Files\Hewlett-Packard\HP Trust Circles\ceflauncher -m refresh []
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2015-12-10 2726728]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-05-02 3937448]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-11-29 6623112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Users\Martin Janoušek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-13 144008]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-11-15 27219928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"=C:\Windows\system32\cmd.exe [2010-11-21 345088]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"=C:\Windows\system32\cmd.exe [2010-11-21 345088]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"=C:\Windows\system32\cmd.exe [2010-11-21 345088]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"=C:\Windows\system32\cmd.exe [2010-11-21 345088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2015-05-25 296216]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-06-24 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-05-16 336672]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2015-07-01 96056]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2015-08-03 2213592]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2015-11-16 191200]
""= []
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2015-11-18 127528]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2015-12-10 1185112]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2016-09-22 1193728]
"tvncontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2016-03-29 2485944]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Start GeekBuddy.lnk - C:\Program Files\COMODO\GeekBuddy\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2017-01-01 19:49:41 ----D---- C:\AdwCleaner
2017-01-01 13:25:48 ----D---- C:\rsit
2017-01-01 13:25:48 ----D---- C:\Program Files\trend micro
2016-12-27 19:29:28 ----A---- C:\Windows\system32\mshtml.dll
2016-12-27 19:29:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-12-27 19:29:26 ----A---- C:\Windows\system32\ieframe.dll
2016-12-27 19:29:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-12-27 19:29:24 ----A---- C:\Windows\system32\jscript9.dll
2016-12-27 19:29:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-12-27 19:29:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-12-27 19:29:22 ----A---- C:\Windows\system32\wininet.dll
2016-12-27 19:29:22 ----A---- C:\Windows\system32\win32k.sys
2016-12-27 19:29:21 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-12-27 19:29:21 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-12-27 19:29:21 ----A---- C:\Windows\system32\winload.exe
2016-12-27 19:29:21 ----A---- C:\Windows\system32\msi.dll
2016-12-27 19:29:21 ----A---- C:\Windows\system32\drivers\cng.sys
2016-12-27 19:29:21 ----A---- C:\Windows\system32\crypt32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-12-27 19:29:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\wintrust.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\usp10.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\user32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\iedkcs32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\gdi32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\consent.exe
2016-12-27 19:29:20 ----A---- C:\Windows\system32\clfs.sys
2016-12-27 19:29:20 ----A---- C:\Windows\system32\bcrypt.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\bcdedit.exe
2016-12-27 19:29:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-12-27 19:29:17 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-12-27 19:29:17 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-12-27 19:29:17 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-12-27 19:29:17 ----A---- C:\Windows\system32\ntdll.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\urlmon.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\nlsbres.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\hlink.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-12-27 19:29:16 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-12-27 19:29:16 ----A---- C:\Windows\system32\certcli.dll
2016-12-27 19:29:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-12-27 19:29:15 ----A---- C:\Windows\system32\vbscript.dll
2016-12-27 19:29:15 ----A---- C:\Windows\system32\msfeeds.dll
2016-12-27 19:29:15 ----A---- C:\Windows\system32\jscript.dll
2016-12-27 19:29:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-12-27 19:29:14 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-12-27 19:29:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-12-27 19:29:14 ----A---- C:\Windows\system32\iertutil.dll
2016-12-27 19:29:13 ----A---- C:\Windows\system32\rpcrt4.dll
2016-12-27 19:29:13 ----A---- C:\Windows\system32\ieapfltr.dll
2016-12-27 19:29:12 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-12-27 19:29:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-12-27 19:29:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-12-27 19:29:12 ----A---- C:\Windows\system32\msiexec.exe
2016-12-27 19:29:12 ----A---- C:\Windows\system32\ieui.dll
2016-12-27 19:29:12 ----A---- C:\Windows\system32\authui.dll
2016-12-27 19:29:11 ----A---- C:\Windows\system32\msihnd.dll
2016-12-27 19:29:11 ----A---- C:\Windows\system32\lsasrv.dll
2016-12-27 19:29:10 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\webcheck.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\smss.exe
2016-12-27 19:29:10 ----A---- C:\Windows\system32\mshtmled.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\dxtrans.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\dxtmsft.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\msrating.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\kerberos.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\jscript9diag.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-12-27 19:29:08 ----A---- C:\Windows\system32\advapi32.dll
2016-12-27 19:29:07 ----A---- C:\Windows\system32\occache.dll
2016-12-27 19:29:07 ----A---- C:\Windows\system32\kernel32.dll
2016-12-27 19:29:07 ----A---- C:\Windows\system32\cryptsvc.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\schannel.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-27 19:29:06 ----A---- C:\Windows\system32\jsproxy.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\inseng.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\ieUnatt.exe
2016-12-27 19:29:06 ----A---- C:\Windows\system32\cryptnet.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\appinfo.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\wow64win.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\winsrv.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\ncrypt.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\msv1_0.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\KernelBase.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\wow64.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\wdigest.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\TSpkg.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\sspicli.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\srcore.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\rpchttp.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\iesetup.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\iernonce.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-12-27 19:29:04 ----A---- C:\Windows\system32\ie4uinit.exe
2016-12-27 19:29:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-12-27 19:29:04 ----A---- C:\Windows\system32\drivers\appid.sys
2016-12-27 19:29:04 ----A---- C:\Windows\system32\csrsrv.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\conhost.exe
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\wow64cpu.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\sspisrv.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\srclient.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\secur32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\rstrui.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\ntvdm64.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\lsass.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\cryptbase.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\credssp.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\auditpol.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidsvc.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidapi.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\user.exe
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-12-27 19:29:02 ----A---- C:\Windows\system32\msimsg.dll
2016-12-27 19:29:02 ----A---- C:\Windows\system32\apisetschema.dll
2016-12-27 19:29:02 ----A---- C:\Windows\system32\adtschema.dll
2016-12-27 19:29:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-12-27 19:29:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-12-27 19:29:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\tzres.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\msobjs.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\msaudite.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-12-21 08:05:53 ----SHD---- C:\Config.Msi
2016-12-19 08:40:15 ----D---- C:\AMD

======List of files/folders modified in the last 1 month======

2017-01-01 21:40:35 ----D---- C:\Windows\Prefetch
2017-01-01 21:40:16 ----D---- C:\Windows\Temp
2017-01-01 21:38:19 ----D---- C:\Users\Martin Janoušek\AppData\Roaming\Skype
2017-01-01 21:36:30 ----D---- C:\Windows\system32\config
2017-01-01 19:54:53 ----D---- C:\ProgramData\PDFC
2017-01-01 19:54:27 ----AD---- C:\Windows
2017-01-01 19:51:53 ----D---- C:\Windows\SysWOW64
2017-01-01 19:51:52 ----D---- C:\Windows\System32
2017-01-01 19:51:38 ----D---- C:\Program Files (x86)
2017-01-01 19:51:25 ----RD---- C:\Program Files
2017-01-01 19:51:25 ----HD---- C:\ProgramData
2017-01-01 17:24:42 ----SHD---- C:\System Volume Information
2017-01-01 14:38:42 ----D---- C:\ProgramData\CanonIJPLM
2017-01-01 10:29:11 ----D---- C:\Windows\inf
2017-01-01 10:29:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-31 21:04:58 ----D---- C:\Windows\rescache
2016-12-31 20:29:38 ----D---- C:\Windows\Microsoft.NET
2016-12-31 12:27:17 ----SHD---- C:\Windows\Installer
2016-12-31 12:27:05 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-12-31 12:24:14 ----D---- C:\Program Files (x86)\Common Files
2016-12-31 12:21:30 ----D---- C:\Program Files (x86)\Microsoft Office
2016-12-28 17:23:17 ----D---- C:\Windows\system32\MRT
2016-12-28 17:20:25 ----D---- C:\Windows\debug
2016-12-28 17:20:04 ----AC---- C:\Windows\system32\MRT.exe
2016-12-28 16:14:13 ----RSD---- C:\Windows\assembly
2016-12-28 08:42:21 ----D---- C:\Windows\winsxs
2016-12-28 08:37:46 ----D---- C:\Windows\system32\catroot
2016-12-28 08:36:56 ----D---- C:\Program Files\Internet Explorer
2016-12-28 08:36:55 ----D---- C:\Program Files (x86)\Internet Explorer
2016-12-28 08:36:53 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-12-28 08:36:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-12-28 08:36:52 ----D---- C:\Windows\SYSWOW64\en-US
2016-12-28 08:36:46 ----D---- C:\Windows\system32\drivers
2016-12-28 08:36:45 ----D---- C:\Windows\system32\sk-SK
2016-12-28 08:36:44 ----D---- C:\Windows\system32\cs-CZ
2016-12-28 08:36:43 ----D---- C:\Windows\system32\en-US
2016-12-28 08:36:37 ----D---- C:\Windows\AppPatch
2016-12-28 08:36:32 ----D---- C:\Windows\system32\Boot
2016-12-28 08:33:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-12-28 03:47:59 ----D---- C:\Windows\system32\LogFiles
2016-12-27 19:31:57 ----D---- C:\Windows\Tasks
2016-12-27 18:57:58 ----D---- C:\Windows\system32\catroot2
2016-12-27 18:50:06 ----D---- C:\Windows\system32\wfp
2016-12-27 18:49:57 ----D---- C:\Windows\system32\wbem
2016-12-27 18:47:04 ----D---- C:\Windows\system32\DriverStore
2016-12-27 18:46:44 ----D---- C:\Windows\system32\Tasks
2016-12-27 18:46:43 ----D---- C:\Windows\system32\NDF
2016-12-27 18:46:40 ----D---- C:\Windows\system32\drivers\UMDF
2016-12-27 18:46:40 ----D---- C:\Windows\system32\CodeIntegrity
2016-12-27 18:46:38 ----D---- C:\Windows\servicing
2016-12-27 18:45:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-12-27 18:44:56 ----D---- C:\Program Files\AMD
2016-12-27 18:44:37 ----D---- C:\Program Files (x86)\AMD AVT
2016-12-27 18:44:37 ----D---- C:\Program Files (x86)\AMD
2016-12-27 18:42:52 ----D---- C:\Windows\registration
2016-12-27 18:11:30 ----D---- C:\Windows\SoftwareDistribution
2016-12-21 08:06:00 ----D---- C:\ProgramData\AMD
2016-12-14 09:04:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-12-14 09:03:58 ----D---- C:\Windows\system32\Macromed
2016-12-14 09:03:51 ----D---- C:\Windows\SYSWOW64\Macromed
2016-12-10 14:13:19 ----D---- C:\Windows\system32\wdi

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2016-11-29 69320]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2015-11-18 31880]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-07-20 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-07-20 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2015-05-25 22800]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2015-11-19 56864]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2015-11-19 232480]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2015-11-19 138272]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2016-02-24 37976]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver; C:\Windows\system32\DRIVERS\hmd.sys [2014-06-26 14888]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2014-05-07 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2015-11-18 44680]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-09-24 165688]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2016-03-20 23800]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2016-03-20 7884536]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-10-29 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-03 598808]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-01 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\drivers\btwrchid.sys [2012-03-06 21544]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2016-07-18 502256]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2013-11-19 26936]
R3 IceKore;IceKore; C:\Windows\system32\DRIVERS\IceKore.sys [2015-08-03 411608]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-05-25 455440]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2015-05-25 390416]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-05-25 799504]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-11-10 100312]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-05-02 33960]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2015-08-03 1513208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2014-06-05 551936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2016-05-02 612008]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-04-13 147904]
R3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-10-29 19968]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-11-29 26713600]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-11-29 517512]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-04-24 96768]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-10-29 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys []
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-09-26 4932072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-07-07 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2013-09-04 30448]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-11-10 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-11-29 286088]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-12-07 1005944]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-12-30 3698888]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2016-11-09 76944]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-27 5817256]
R2 CreoService;Služba HP Trust Circles; C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [2015-08-03 1927128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2013-08-14 7168]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-09-18 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-09-18 298760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-02-10 500048]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2016-10-02 2272904]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2016-03-29 2485944]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2014-04-10 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2015-08-03 1758936]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2014-05-16 683296]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2015-11-18 44680]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-08-27 29728]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-07-20 18672]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-09-26 344184]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-11-10 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-11-10 390616]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2016-09-22 1719040]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-06-05 340480]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-05-02 237736]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2015-08-03 3221392]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2015-11-16 1527520]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-11-25 1102472]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-28 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-28 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14 270936]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-28 51384]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-27 2271928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-09-26 279160]
S3 FLCDLOCK;Auditování/zamknutí zařízení nástroje HP; C:\Windows\SysWOW64\flcdlock.exe [2014-04-10 567608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-12-27 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-12-03 209088]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-06-02 5132888]
S3 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2015-04-17 1771560]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2015-04-17 861736]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-28 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-28 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-28 135848]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\Bonjour
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]/64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=-

:services
Bonjour Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

All processes killed
========== FILES ==========
C:\Program Files\Bonjour folder moved successfully.
File/Folder C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore not found.
File/Folder C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc deleted successfully.
========== SERVICES/DRIVERS ==========
Service Bonjour Service stopped successfully!
Service Bonjour Service deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Martin Janoušek
->Temp folder emptied: 11671217 bytes
->Temporary Internet Files folder emptied: 45591313 bytes
->Google Chrome cache emptied: 177695699 bytes
->Flash cache emptied: 757 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 37292471 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46916 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 22439106460 bytes

Total Files Cleaned = 21 659,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Martin Janoušek
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 01012017_224308

Files moved on Reboot...
File C:\Users\Martin Janoušek\AppData\Local\Temp\etilqs_5tbvcr9Aoi2YIJP not found!
File C:\Users\Martin Janoušek\AppData\Local\Temp\etilqs_fadgnZUaY9hGnk1 not found!
C:\Users\Martin Janoušek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Martin Janoušek\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
C:\Windows\temp\HP Support Framework\HPSF_Config1.dll moved successfully.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
C:\Windows\temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\FXSTIFFDebugLogFile.txt moved successfully.
C:\Windows\temp\MARTINJANOUSEK-20170101-1953.log moved successfully.
File C:\Windows\temp\officeclicktorun.exe_streamserver(20170101195355A74).log not found!
File C:\Windows\temp\TMP000003560C0652668D837CA8 not found!
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Logfile of random's system information tool 1.14 (written by random/random)
Run by Martin Janoušek at 2017-01-01 22:53:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 442 GB (63%) free of 699 GB
Total RAM: 8105 MB (58% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:53:20, on 1.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Windows\SysWOW64\RunDll32.exe
c:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Martin Janoušek_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Služba HP Trust Circles (CreoService) - CryptoMill Technologies Ltd. - C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Auditování/zamknutí zařízení nástroje HP (FLCDLOCK) - Hewlett-Packard Company - C:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\ws.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16744 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\system32\atiesrxx.exe
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
C:\Windows\system32\WLANExt.exe 23102512
\??\C:\Windows\system32\conhost.exe "339643849498331325-15681620991501867287-604172124-21160935172110809628-749554125
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe"
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
C:\Program Files\COMODO\GeekBuddy\unit.exe
"C:\Windows\SysWOW64\RunDll32.exe" "c:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"c:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe"
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=55.0.2883.87 --handshake-handle=0x200
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7204 --on-initialized-event-handle=664 --parent-handle=668 /prefetch:6
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PointerEvent<PointerEvent,*PreconnectMore<PreconnectMore,*PreferHtmlOverPlugins<Html5ByDefault,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/AutofillCreditCardSigninPromo/Default/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Control6/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/*Html5ByDefault/Default/*InstanceID/Enabled/MaterialDesignDownloads/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Default/*SiteIsolationExtensions/Control/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Control/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_39/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_13/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=70924670F8CCC95C1060389AC1427553 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --service-request-channel-token=70924670F8CCC95C1060389AC1427553 --mojo-platform-channel-handle=2736 /prefetch:1
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Users\Martin Janoušek\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HPCeeScheduleForMartin Janoušek.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMartin Janoušek (null)
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\HPCeeScheduleForMartin Janoušek - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMartin Janoušek (null)
C:\Windows\system32\tasks\Registration - "C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe" Registration ShowMessageTask2D
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\tasks\{627CFF76-A4D5-4EEE-85A1-B04D807D1F15} - C:\Windows\system32\pcalua.exe -a "C:\Users\Martin Janoušek\Downloads\SetupDWGTrueView2014_ENU_32bit.sfx.exe" -d "C:\Users\Martin Janoušek\Downloads"
C:\Windows\system32\tasks\{C4077172-0F59-47C6-980A-7F417144A1A8} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.2.0.103/cs/a ... age=tsBing
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1578652401-2311361242-3955085527-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\Windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\Windows\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\Windows\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\Windows\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
C:\Windows\system32\tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - "C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {0FB77674-7905-4F34-A362-C5A9A26F8CF9}
C:\Windows\system32\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {F140D794-60B6-4F00-9235-D6457AA25B22}
C:\Windows\system32\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
C:\Windows\system32\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - "C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe" --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}

=========Google Chrome=========

C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.2.15747.10003
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension ncffjdbbodifgldkcbhmiiljfcnbgjab 0 HP Client Security Manager 1.3.0.5833
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Martin Janoušek\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab]
"Path"=C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=CMNTDFJS


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04 214216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-12-04 683720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04 2888904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-04 442568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19 414920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [2016-03-20 8641536]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-06-05 1703424]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-07-20 36352]
""= []
"CryptoMill Refresh"=C:\Program Files\Hewlett-Packard\HP Trust Circles\ceflauncher -m refresh []
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2015-12-10 2726728]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-05-02 3937448]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-11-29 6623112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-11-15 27219928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"=C:\Windows\system32\cmd.exe [2010-11-21 345088]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"=C:\Windows\system32\cmd.exe [2010-11-21 345088]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"=C:\Windows\system32\cmd.exe [2010-11-21 345088]
"Uninstall C:\Users\Martin Janoušek\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"=C:\Windows\system32\cmd.exe [2010-11-21 345088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2015-05-25 296216]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-06-24 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-05-16 336672]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2015-07-01 96056]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2015-08-03 2213592]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2015-11-16 191200]
""= []
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2015-11-18 127528]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2015-12-10 1185112]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2016-09-22 1193728]
"tvncontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2016-03-29 2485944]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Start GeekBuddy.lnk - C:\Program Files\COMODO\GeekBuddy\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2017-01-01 22:43:08 ----D---- C:\_OTM
2017-01-01 19:49:41 ----D---- C:\AdwCleaner
2017-01-01 13:25:48 ----D---- C:\rsit
2017-01-01 13:25:48 ----D---- C:\Program Files\trend micro
2016-12-27 19:29:28 ----A---- C:\Windows\system32\mshtml.dll
2016-12-27 19:29:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-12-27 19:29:26 ----A---- C:\Windows\system32\ieframe.dll
2016-12-27 19:29:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-12-27 19:29:24 ----A---- C:\Windows\system32\jscript9.dll
2016-12-27 19:29:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-12-27 19:29:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-12-27 19:29:22 ----A---- C:\Windows\system32\wininet.dll
2016-12-27 19:29:22 ----A---- C:\Windows\system32\win32k.sys
2016-12-27 19:29:21 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-12-27 19:29:21 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-12-27 19:29:21 ----A---- C:\Windows\system32\winload.exe
2016-12-27 19:29:21 ----A---- C:\Windows\system32\msi.dll
2016-12-27 19:29:21 ----A---- C:\Windows\system32\drivers\cng.sys
2016-12-27 19:29:21 ----A---- C:\Windows\system32\crypt32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-12-27 19:29:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\wintrust.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\usp10.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\user32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\iedkcs32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\gdi32.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\consent.exe
2016-12-27 19:29:20 ----A---- C:\Windows\system32\clfs.sys
2016-12-27 19:29:20 ----A---- C:\Windows\system32\bcrypt.dll
2016-12-27 19:29:20 ----A---- C:\Windows\system32\bcdedit.exe
2016-12-27 19:29:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-12-27 19:29:17 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-12-27 19:29:17 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-12-27 19:29:17 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-12-27 19:29:17 ----A---- C:\Windows\system32\ntdll.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-12-27 19:29:16 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\urlmon.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\nlsbres.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\hlink.dll
2016-12-27 19:29:16 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-12-27 19:29:16 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-12-27 19:29:16 ----A---- C:\Windows\system32\certcli.dll
2016-12-27 19:29:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-12-27 19:29:15 ----A---- C:\Windows\system32\vbscript.dll
2016-12-27 19:29:15 ----A---- C:\Windows\system32\msfeeds.dll
2016-12-27 19:29:15 ----A---- C:\Windows\system32\jscript.dll
2016-12-27 19:29:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-12-27 19:29:14 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-12-27 19:29:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-12-27 19:29:14 ----A---- C:\Windows\system32\iertutil.dll
2016-12-27 19:29:13 ----A---- C:\Windows\system32\rpcrt4.dll
2016-12-27 19:29:13 ----A---- C:\Windows\system32\ieapfltr.dll
2016-12-27 19:29:12 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-12-27 19:29:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-12-27 19:29:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-12-27 19:29:12 ----A---- C:\Windows\system32\msiexec.exe
2016-12-27 19:29:12 ----A---- C:\Windows\system32\ieui.dll
2016-12-27 19:29:12 ----A---- C:\Windows\system32\authui.dll
2016-12-27 19:29:11 ----A---- C:\Windows\system32\msihnd.dll
2016-12-27 19:29:11 ----A---- C:\Windows\system32\lsasrv.dll
2016-12-27 19:29:10 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\webcheck.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\smss.exe
2016-12-27 19:29:10 ----A---- C:\Windows\system32\mshtmled.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\dxtrans.dll
2016-12-27 19:29:10 ----A---- C:\Windows\system32\dxtmsft.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\msrating.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\kerberos.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\jscript9diag.dll
2016-12-27 19:29:08 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-12-27 19:29:08 ----A---- C:\Windows\system32\advapi32.dll
2016-12-27 19:29:07 ----A---- C:\Windows\system32\occache.dll
2016-12-27 19:29:07 ----A---- C:\Windows\system32\kernel32.dll
2016-12-27 19:29:07 ----A---- C:\Windows\system32\cryptsvc.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-12-27 19:29:06 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\schannel.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-27 19:29:06 ----A---- C:\Windows\system32\jsproxy.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\inseng.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\ieUnatt.exe
2016-12-27 19:29:06 ----A---- C:\Windows\system32\cryptnet.dll
2016-12-27 19:29:06 ----A---- C:\Windows\system32\appinfo.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-12-27 19:29:05 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\wow64win.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\winsrv.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\ncrypt.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\msv1_0.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\KernelBase.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-12-27 19:29:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-12-27 19:29:04 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\wow64.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\wdigest.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\TSpkg.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\sspicli.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\srcore.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\rpchttp.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\iesetup.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\iernonce.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-12-27 19:29:04 ----A---- C:\Windows\system32\ie4uinit.exe
2016-12-27 19:29:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-12-27 19:29:04 ----A---- C:\Windows\system32\drivers\appid.sys
2016-12-27 19:29:04 ----A---- C:\Windows\system32\csrsrv.dll
2016-12-27 19:29:04 ----A---- C:\Windows\system32\conhost.exe
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-27 19:29:03 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-12-27 19:29:03 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\wow64cpu.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\sspisrv.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\srclient.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\secur32.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\rstrui.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\ntvdm64.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\lsass.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\cryptbase.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\credssp.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\auditpol.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidsvc.dll
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-12-27 19:29:03 ----A---- C:\Windows\system32\appidapi.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-27 19:29:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\user.exe
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-12-27 19:29:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-12-27 19:29:02 ----A---- C:\Windows\system32\msimsg.dll
2016-12-27 19:29:02 ----A---- C:\Windows\system32\apisetschema.dll
2016-12-27 19:29:02 ----A---- C:\Windows\system32\adtschema.dll
2016-12-27 19:29:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-12-27 19:29:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-12-27 19:29:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\tzres.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\msobjs.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\msaudite.dll
2016-12-27 19:29:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-12-21 08:05:53 ----SHD---- C:\Config.Msi
2016-12-19 08:40:15 ----D---- C:\AMD

======List of files/folders modified in the last 1 month======

2017-01-01 22:53:17 ----D---- C:\Windows\Temp
2017-01-01 22:52:01 ----D---- C:\Users\Martin Janoušek\AppData\Roaming\Skype
2017-01-01 22:51:14 ----D---- C:\Windows\Prefetch
2017-01-01 22:48:43 ----D---- C:\Windows\system32\config
2017-01-01 22:48:35 ----D---- C:\ProgramData\PDFC
2017-01-01 22:47:53 ----AD---- C:\Windows
2017-01-01 22:43:10 ----RD---- C:\Program Files
2017-01-01 19:51:53 ----D---- C:\Windows\SysWOW64
2017-01-01 19:51:52 ----D---- C:\Windows\System32
2017-01-01 19:51:38 ----D---- C:\Program Files (x86)
2017-01-01 19:51:25 ----HD---- C:\ProgramData
2017-01-01 17:24:42 ----SHD---- C:\System Volume Information
2017-01-01 14:38:42 ----D---- C:\ProgramData\CanonIJPLM
2017-01-01 10:29:11 ----D---- C:\Windows\inf
2017-01-01 10:29:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-12-31 21:04:58 ----D---- C:\Windows\rescache
2016-12-31 20:29:38 ----D---- C:\Windows\Microsoft.NET
2016-12-31 12:27:17 ----SHD---- C:\Windows\Installer
2016-12-31 12:27:05 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-12-31 12:24:14 ----D---- C:\Program Files (x86)\Common Files
2016-12-31 12:21:30 ----D---- C:\Program Files (x86)\Microsoft Office
2016-12-28 17:23:17 ----D---- C:\Windows\system32\MRT
2016-12-28 17:20:25 ----D---- C:\Windows\debug
2016-12-28 17:20:04 ----AC---- C:\Windows\system32\MRT.exe
2016-12-28 16:14:13 ----RSD---- C:\Windows\assembly
2016-12-28 08:42:21 ----D---- C:\Windows\winsxs
2016-12-28 08:37:46 ----D---- C:\Windows\system32\catroot
2016-12-28 08:36:56 ----D---- C:\Program Files\Internet Explorer
2016-12-28 08:36:55 ----D---- C:\Program Files (x86)\Internet Explorer
2016-12-28 08:36:53 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-12-28 08:36:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-12-28 08:36:52 ----D---- C:\Windows\SYSWOW64\en-US
2016-12-28 08:36:46 ----D---- C:\Windows\system32\drivers
2016-12-28 08:36:45 ----D---- C:\Windows\system32\sk-SK
2016-12-28 08:36:44 ----D---- C:\Windows\system32\cs-CZ
2016-12-28 08:36:43 ----D---- C:\Windows\system32\en-US
2016-12-28 08:36:37 ----D---- C:\Windows\AppPatch
2016-12-28 08:36:32 ----D---- C:\Windows\system32\Boot
2016-12-28 08:33:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-12-28 03:47:59 ----D---- C:\Windows\system32\LogFiles
2016-12-27 19:31:57 ----D---- C:\Windows\Tasks
2016-12-27 18:57:58 ----D---- C:\Windows\system32\catroot2
2016-12-27 18:50:06 ----D---- C:\Windows\system32\wfp
2016-12-27 18:49:57 ----D---- C:\Windows\system32\wbem
2016-12-27 18:47:04 ----D---- C:\Windows\system32\DriverStore
2016-12-27 18:46:44 ----D---- C:\Windows\system32\Tasks
2016-12-27 18:46:43 ----D---- C:\Windows\system32\NDF
2016-12-27 18:46:40 ----D---- C:\Windows\system32\drivers\UMDF
2016-12-27 18:46:40 ----D---- C:\Windows\system32\CodeIntegrity
2016-12-27 18:46:38 ----D---- C:\Windows\servicing
2016-12-27 18:45:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-12-27 18:44:56 ----D---- C:\Program Files\AMD
2016-12-27 18:44:37 ----D---- C:\Program Files (x86)\AMD AVT
2016-12-27 18:44:37 ----D---- C:\Program Files (x86)\AMD
2016-12-27 18:42:52 ----D---- C:\Windows\registration
2016-12-27 18:11:30 ----D---- C:\Windows\SoftwareDistribution
2016-12-21 08:06:00 ----D---- C:\ProgramData\AMD
2016-12-14 09:04:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-12-14 09:03:58 ----D---- C:\Windows\system32\Macromed
2016-12-14 09:03:51 ----D---- C:\Windows\SYSWOW64\Macromed
2016-12-10 14:13:19 ----D---- C:\Windows\system32\wdi

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2016-11-29 69320]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2015-11-18 31880]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-07-20 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-07-20 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2015-05-25 22800]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2015-11-19 56864]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2015-11-19 232480]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2015-11-19 138272]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2016-02-24 37976]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver; C:\Windows\system32\DRIVERS\hmd.sys [2014-06-26 14888]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2014-05-07 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2015-11-18 44680]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-09-24 165688]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2016-03-20 23800]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2016-03-20 7884536]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-10-29 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-03 598808]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-01 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\drivers\btwrchid.sys [2012-03-06 21544]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2016-07-18 502256]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2013-11-19 26936]
R3 IceKore;IceKore; C:\Windows\system32\DRIVERS\IceKore.sys [2015-08-03 411608]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-05-25 455440]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2015-05-25 390416]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-05-25 799504]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-11-10 100312]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-05-02 33960]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2015-08-03 1513208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2014-06-05 551936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2016-05-02 612008]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-04-13 147904]
R3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-10-29 19968]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-11-29 26713600]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-11-29 517512]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-04-24 96768]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-10-29 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys []
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-09-26 4932072]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-07-07 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2013-09-04 30448]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-11-10 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-11-29 286088]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-12-07 1005944]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-12-30 3698888]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2016-11-09 76944]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-27 5817256]
R2 CreoService;Služba HP Trust Circles; C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [2015-08-03 1927128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2013-08-14 7168]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-09-18 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-09-18 298760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-02-10 500048]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2016-10-02 2272904]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2016-03-29 2485944]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2014-04-10 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2015-08-03 1758936]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2014-05-16 683296]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2015-11-18 44680]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-08-27 29728]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-07-20 18672]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-09-26 344184]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-11-10 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-11-10 390616]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2016-09-22 1719040]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-06-05 340480]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-05-02 237736]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2015-08-03 3221392]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2015-11-16 1527520]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-11-25 1102472]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-28 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-28 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14 270936]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-28 51384]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-27 2271928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-09-26 279160]
S3 FLCDLOCK;Auditování/zamknutí zařízení nástroje HP; C:\Windows\SysWOW64\flcdlock.exe [2014-04-10 567608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-08 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-12-27 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-12-03 209088]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-06-02 5132888]
S3 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2015-04-17 1771560]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2015-04-17 861736]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-28 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-28 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-28 135848]

-----------------EOF-----------------

Smazáno. Nastala nějaká změna?

Ano. Zdá se mi to ok. Díky moc! Kde Vás můžu podpořit finančně?

Nemáte zač! Všechny možnosti podpory našeho fóra, najdete zde: http://forum.viry.cz/viewtopic.php?f=7&t=78175 . Nemáte zač!