mshta.exe

[Biggest]

Hezký den, prosím o pomoc.
Antivir hlásí problém s mshta.exe, což se objevilo několik dní po sobě či to bylo ještě na powershell.exe. Jméno hrozby: IDP.Generic fileless malware.
Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jakub at 2018-08-21 23:24:33
Microsoft Windows 10 Home
System drive C: has 133 GB (43%) free of 311 GB
Total RAM: 8104 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:24:35, on 21.08.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Windows\System32\TiltWheelMouse.exe
C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Jakub\AppData\Roaming\ICQ\bin\icq.exe
C:\Users\Jakub\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Users\Jakub\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files\trend micro\Jakub.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=29530
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [icq.desktop] "C:\Users\Jakub\AppData\Roaming\ICQ\bin\icq.exe" /startup
O4 - HKCU\..\Run: [World of Tanks] "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [HP DeskJet 5570 series (NET)] "C:\Program Files\HP\HP DeskJet 5570 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH64B2P0S00674:NW" -scfn "HP DeskJet 5570 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Startup: Facebook Gameroom.lnk = C:\Users\Jakub\AppData\Local\Facebook\Games\FacebookGameroom.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 12947 bytes

======Listing Processes======









c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a77f2f5d-9562-42e5-b5ca-a43d1c1c2215 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-017319e5-86cf-463e-ab83-02904e956149 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d5c0cbd4-63f1-4647-bde6-9f2a9d185e84 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-dd892cb8-ce20-44ff-a379-eaf15fd26cf1 -LifetimeId:e483ddb5-243d-4ae5-ab1a-e9ab4f5cd8ed -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
dashost.exe {0ea3b035-b2b5-4bec-94ff46fb7d237633}
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc

"C:\WINDOWS\system32\CxAudMsg64.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"fontdrvhost.exe"
atieclxx
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
igfxEM.exe
igfxHK.exe
C:\WINDOWS\Explorer.EXE
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"ctfmon.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\Jakub\AppData\Roaming\ICQ\bin\icq.exe" /startup
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\HP\HP DeskJet 5570 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH64B2P0S00674:NW" -scfn "HP DeskJet 5570 series (NET)" -AutoStart 1
"C:\Users\Jakub\AppData\Local\Facebook\Games\FacebookGameroom.exe" fbgames://windows_startup/
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end --restore-last-session
szndesktop.exe default start
"C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Jakub\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Jakub\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x84,0x8c,0x11c,0x7c,0x8,0x7ffd02af24d0,0x7ffd02af24e0,0x7ffd02af24f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=9656 --on-initialized-event-handle=492 --parent-handle=688 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1404,16121005445920629919,13510214579291475782,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=38265707E7934502097619DE725D0993 --mojo-platform-channel-handle=1416 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
AvastUI.exe /nogui
C:\WINDOWS\splwow64.exe 8192
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1404,16121005445920629919,13510214579291475782,131072 --service-pipe-token=48D0BE122392B067D1F736A39CEF0D67 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=48D0BE122392B067D1F736A39CEF0D67 --renderer-client-id=3 --mojo-platform-channel-handle=2424 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1404,16121005445920629919,13510214579291475782,131072 --service-pipe-token=D3415EB6D1840C801618B213AD94110F --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=D3415EB6D1840C801618B213AD94110F --renderer-client-id=4 --mojo-platform-channel-handle=2456 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1404,16121005445920629919,13510214579291475782,131072 --service-pipe-token=F069C8544726673236C31C8A3EE9BCD5 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=F069C8544726673236C31C8A3EE9BCD5 --renderer-client-id=5 --mojo-platform-channel-handle=2464 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1404,16121005445920629919,13510214579291475782,131072 --service-pipe-token=852367C3588A8F83555F9CA243452160 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=852367C3588A8F83555F9CA243452160 --renderer-client-id=6 --mojo-platform-channel-handle=2472 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1404,16121005445920629919,13510214579291475782,131072 --service-pipe-token=90D13344CB13F3CEDC98BDB9D828FB31 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=90D13344CB13F3CEDC98BDB9D828FB31 --renderer-client-id=7 --mojo-platform-channel-handle=2480 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1404,16121005445920629919,13510214579291475782,131072 --service-pipe-token=FC75E08226933C8BAAAA4574A373DB08 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=FC75E08226933C8BAAAA4574A373DB08 --renderer-client-id=14 --mojo-platform-channel-handle=4552 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"Facebook Gameroom Browser.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\Jakub\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 CanvasFrame/1.21.6697.19829 Safari/537.36 FacebookCanvasDesktop FBAN/GamesWindowsDesktopApp FBAV/1.21.6697.19829" --gpu-vendor-id=0x1002 --gpu-device-id=0x6604 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1050.0 --gpu-driver-date=6-30-2015 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0416 --amd-switchable --lang=en-US --log-file="C:\Users\Jakub\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 CanvasFrame/1.21.6697.19829 Safari/537.36 FacebookCanvasDesktop FBAN/GamesWindowsDesktopApp FBAV/1.21.6697.19829" --service-request-channel-token=3DBD8D9726467B3860D2CCABC1C564DC --mojo-platform-channel-handle=2460 /prefetch:2
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1807.2121.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE" /e
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1404,16121005445920629919,13510214579291475782,131072 --service-pipe-token=29537D984F3AE8DE4AC35EB420CCE1B3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=29537D984F3AE8DE4AC35EB420CCE1B3 --renderer-client-id=83 --mojo-platform-channel-handle=5516 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1404,16121005445920629919,13510214579291475782,131072 --service-pipe-token=5C4E69971AB22F6B8FF892C6365833FC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5C4E69971AB22F6B8FF892C6365833FC --renderer-client-id=92 --mojo-platform-channel-handle=12156 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1404,16121005445920629919,13510214579291475782,131072 --service-pipe-token=E72A7013334E4B1643E75B71B3F53A99 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=E72A7013334E4B1643E75B71B3F53A99 --renderer-client-id=93 --mojo-platform-channel-handle=6064 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding

"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\HP\HP DeskJet 5570 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x4fc
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Jakub\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\mlxdqle2.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\mlxdqle2.default\searchplugins\
badoo.xml
google-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-25 935104]
"MouseDriver"=C:\WINDOWS\system32\TiltWheelMouse.exe [2013-04-09 241152]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2013-07-19 6340312]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-31 36352]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2017-10-20 393200]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-01-27 15813616]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-01-27 80880]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-11-29 4866760]
"Windows Mobile Device Center"=C:\WINDOWS\WindowsMobile\wmdc.exe [2007-05-31 660360]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-06-25 242904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03 3944136]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-08-12 1644192]
"icq.desktop"=C:\Users\Jakub\AppData\Roaming\ICQ\bin\icq.exe [2018-05-24 27470488]
"World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe [2018-06-25 3139936]
"HP DeskJet 5570 series (NET)"=C:\Program Files\HP\HP DeskJet 5570 series\Bin\ScanToPCActivationApp.exe [2015-04-09 3558408]
"cz.seznam.software.szndesktop"=C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2014-03-25 1284680]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []

C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Gameroom.lnk - C:\Users\Jakub\AppData\Local\Facebook\Games\FacebookGameroom.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DisableCAD"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1
"SafeModeBlockNonAdmins"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-08-21 23:05:14 ----HD---- C:\OneDriveTemp
2018-08-20 22:14:46 ----D---- C:\rsit
2018-08-20 22:14:46 ----D---- C:\Program Files\trend micro
2018-08-20 22:02:08 ----D---- C:\AdwCleaner
2018-08-17 22:44:12 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2018-08-17 21:59:35 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-17 21:59:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-17 21:59:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-08-17 21:59:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-08-17 21:59:28 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-08-17 21:59:19 ----A---- C:\WINDOWS\system32\shell32.dll
2018-08-17 21:59:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-08-17 21:59:16 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-08-17 21:59:16 ----A---- C:\WINDOWS\system32\wininet.dll
2018-08-17 21:59:15 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2018-08-17 21:59:13 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-08-17 21:59:13 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-08-17 21:59:11 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-17 21:59:10 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-08-17 21:59:10 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-08-17 21:59:09 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-08-17 21:59:09 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-17 21:59:08 ----A---- C:\WINDOWS\system32\mos.dll
2018-08-17 21:59:08 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-08-17 21:59:06 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-17 21:59:05 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-08-17 21:59:05 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-17 21:59:05 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-08-17 21:59:04 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-08-17 21:59:03 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-08-17 21:59:02 ----A---- C:\WINDOWS\system32\twinui.dll
2018-08-17 21:59:01 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-17 21:59:00 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-08-17 21:59:00 ----A---- C:\WINDOWS\system32\tquery.dll
2018-08-17 21:59:00 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2018-08-17 21:58:59 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-08-17 21:58:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-08-17 21:58:56 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2018-08-17 21:58:56 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-08-17 21:58:55 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-17 21:58:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-08-17 21:58:53 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-08-17 21:58:51 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-08-17 21:58:51 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-17 21:58:50 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-08-17 21:58:49 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2018-08-17 21:58:49 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-17 21:58:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-08-17 21:58:48 ----A---- C:\WINDOWS\system32\InputService.dll
2018-08-17 21:58:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-08-17 21:58:47 ----A---- C:\WINDOWS\system32\BingMaps.dll
2018-08-17 21:58:45 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-08-17 21:58:45 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-08-17 21:58:45 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-17 21:58:45 ----A---- C:\WINDOWS\system32\dosvc.dll
2018-08-17 21:58:44 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-08-17 21:58:44 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-08-17 21:58:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2018-08-17 21:58:42 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-08-17 21:58:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-08-17 21:58:42 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-08-17 21:58:42 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-08-17 21:58:41 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-08-17 21:58:41 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-08-17 21:58:41 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-08-17 21:58:41 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-08-17 21:58:41 ----A---- C:\WINDOWS\system32\msctf.dll
2018-08-17 21:58:41 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2018-08-17 21:58:41 ----A---- C:\WINDOWS\system32\cdprt.dll
2018-08-17 21:58:41 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-17 21:58:40 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-08-17 21:58:40 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2018-08-17 21:58:40 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-08-17 21:58:40 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-17 21:58:39 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-08-17 21:58:39 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-08-17 21:58:39 ----A---- C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-17 21:58:39 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-08-17 21:58:38 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-08-17 21:58:38 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2018-08-17 21:58:38 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2018-08-17 21:58:38 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2018-08-17 21:58:38 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2018-08-17 21:58:38 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-08-17 21:58:37 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-17 21:58:37 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2018-08-17 21:58:37 ----A---- C:\WINDOWS\system32\mfplat.dll
2018-08-17 21:58:37 ----A---- C:\WINDOWS\system32\MapRouter.dll
2018-08-17 21:58:37 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2018-08-17 21:58:36 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2018-08-17 21:58:36 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2018-08-17 21:58:36 ----A---- C:\WINDOWS\system32\wsp_health.dll
2018-08-17 21:58:36 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-17 21:58:36 ----A---- C:\WINDOWS\system32\lpasvc.dll
2018-08-17 21:58:36 ----A---- C:\WINDOWS\system32\localspl.dll
2018-08-17 21:58:36 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-17 21:58:35 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-17 21:58:35 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-17 21:58:35 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-08-17 21:58:34 ----A---- C:\WINDOWS\system32\edgeangle.dll
2018-08-17 21:58:34 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-17 21:58:33 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-08-17 21:58:33 ----A---- C:\WINDOWS\system32\NMAA.dll
2018-08-17 21:58:32 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-08-17 21:58:32 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2018-08-17 21:58:32 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2018-08-17 21:58:32 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-08-17 21:58:32 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-08-17 21:58:32 ----A---- C:\WINDOWS\system32\jscript.dll
2018-08-17 21:58:32 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-08-17 21:58:31 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2018-08-17 21:58:31 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-17 21:58:31 ----A---- C:\WINDOWS\system32\policymanager.dll
2018-08-17 21:58:31 ----A---- C:\WINDOWS\system32\nettrace.dll
2018-08-17 21:58:31 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2018-08-17 21:58:30 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2018-08-17 21:58:30 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-08-17 21:58:30 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-08-17 21:58:30 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-08-17 21:58:30 ----A---- C:\WINDOWS\system32\WWAHost.exe
2018-08-17 21:58:29 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-08-17 21:58:29 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2018-08-17 21:58:29 ----A---- C:\WINDOWS\SYSWOW64\BingOnlineServices.dll
2018-08-17 21:58:29 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-08-17 21:58:29 ----A---- C:\WINDOWS\system32\msi.dll
2018-08-17 21:58:29 ----A---- C:\WINDOWS\system32\MapsStore.dll
2018-08-17 21:58:29 ----A---- C:\WINDOWS\system32\cloudAP.dll
2018-08-17 21:58:28 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2018-08-17 21:58:28 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2018-08-17 21:58:28 ----A---- C:\WINDOWS\system32\winload.exe
2018-08-17 21:58:28 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2018-08-17 21:58:28 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-08-17 21:58:28 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-17 21:58:27 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-17 21:58:27 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2018-08-17 21:58:27 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-08-17 21:58:26 ----A---- C:\WINDOWS\system32\winresume.exe
2018-08-17 21:58:26 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-08-17 21:58:26 ----A---- C:\WINDOWS\system32\tdh.dll
2018-08-17 21:58:26 ----A---- C:\WINDOWS\system32\provengine.dll
2018-08-17 21:58:26 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-17 21:58:26 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-17 21:58:25 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2018-08-17 21:58:25 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-08-17 21:58:25 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2018-08-17 21:58:25 ----A---- C:\WINDOWS\system32\provops.dll
2018-08-17 21:58:25 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-08-17 21:58:25 ----A---- C:\WINDOWS\system32\clusapi.dll
2018-08-17 21:58:25 ----A---- C:\WINDOWS\system32\ci.dll
2018-08-17 21:58:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-17 21:58:24 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2018-08-17 21:58:24 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-08-17 21:58:24 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2018-08-17 21:58:24 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-17 21:58:23 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2018-08-17 21:58:23 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-08-17 21:58:23 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-08-17 21:58:22 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2018-08-17 21:58:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-08-17 21:58:22 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2018-08-17 21:58:22 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-08-17 21:58:21 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-08-17 21:58:21 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-08-17 21:58:21 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-08-17 21:58:21 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-08-17 21:58:20 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2018-08-17 21:58:19 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2018-08-17 21:58:19 ----A---- C:\WINDOWS\system32\rsaenh.dll
2018-08-17 21:58:16 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2018-08-17 21:58:16 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-08-17 21:58:15 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-08-17 21:58:14 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2018-08-17 21:58:14 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-17 21:58:13 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-17 21:58:12 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-17 21:58:12 ----A---- C:\WINDOWS\system32\profsvc.dll
2018-08-17 21:58:12 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-08-17 21:58:11 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2018-08-17 21:58:11 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2018-08-17 21:58:10 ----A---- C:\WINDOWS\system32\resutils.dll
2018-08-17 21:58:10 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-08-17 21:58:09 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2018-08-17 21:58:09 ----A---- C:\WINDOWS\system32\wldp.dll
2018-08-17 21:58:09 ----A---- C:\WINDOWS\system32\PushToInstall.dll
2018-08-17 21:58:09 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-08-17 21:58:09 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2018-08-17 21:58:09 ----A---- C:\WINDOWS\system32\defragsvc.dll
2018-08-17 21:58:09 ----A---- C:\WINDOWS\system32\datamarketsvc.dll
2018-08-17 21:58:08 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-17 21:58:08 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2018-08-17 21:58:07 ----A---- C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-17 21:58:07 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-08-17 21:58:07 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2018-08-17 21:58:06 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-08-17 21:58:05 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-08-17 21:58:04 ----A---- C:\WINDOWS\system32\vertdll.dll
2018-08-17 21:58:04 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-08-17 21:58:04 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2018-08-17 21:58:03 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-08-17 21:58:03 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2018-08-17 21:58:03 ----A---- C:\WINDOWS\system32\services.exe
2018-08-17 21:58:03 ----A---- C:\WINDOWS\system32\rdpencom.dll
2018-08-17 21:58:03 ----A---- C:\WINDOWS\system32\nltest.exe
2018-08-17 21:58:03 ----A---- C:\WINDOWS\system32\hvhostsvc.dll
2018-08-17 21:58:03 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-08-17 21:58:03 ----A---- C:\WINDOWS\system32\drivers\scmbus.sys
2018-08-17 21:58:02 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-08-17 21:58:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.XamlHost.dll
2018-08-17 21:58:02 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2018-08-17 21:58:02 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2018-08-17 21:58:02 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-08-17 21:58:02 ----A---- C:\WINDOWS\system32\ProvSysprep.dll
2018-08-17 21:58:02 ----A---- C:\WINDOWS\system32\nshwfp.dll
2018-08-17 21:58:02 ----A---- C:\WINDOWS\system32\drivers\Ucx01000.sys
2018-08-17 21:58:02 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2018-08-17 21:58:01 ----A---- C:\WINDOWS\system32\sppc.dll
2018-08-17 21:58:01 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-08-17 21:58:01 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-08-17 21:58:00 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2018-08-17 21:58:00 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2018-08-17 21:58:00 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-17 21:58:00 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2018-08-17 21:58:00 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2018-08-17 21:58:00 ----A---- C:\WINDOWS\system32\kdnet.dll
2018-08-17 21:58:00 ----A---- C:\WINDOWS\system32\drivers\winhv.sys
2018-08-17 21:58:00 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-08-17 21:57:59 ----A---- C:\WINDOWS\system32\drivers\vpci.sys
2018-08-17 21:57:58 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2018-08-17 21:57:58 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-08-17 21:57:58 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-17 21:57:58 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-08-17 21:57:57 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-08-17 21:57:57 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2018-08-17 21:57:56 ----A---- C:\WINDOWS\SYSWOW64\WiFiDisplay.dll
2018-08-17 21:57:56 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2018-08-17 21:57:56 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2018-08-17 21:57:56 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-08-17 21:57:56 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2018-08-17 21:57:56 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2018-08-17 21:57:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Controls.dll
2018-08-17 21:57:55 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2018-08-17 21:57:55 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-08-17 21:57:54 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2018-08-17 21:57:54 ----A---- C:\WINDOWS\SYSWOW64\raschap.dll
2018-08-17 21:57:54 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-08-17 21:57:54 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2018-08-17 21:57:54 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2018-08-17 21:57:54 ----A---- C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-17 21:57:54 ----A---- C:\WINDOWS\system32\raschap.dll
2018-08-17 21:57:54 ----A---- C:\WINDOWS\system32\msiexec.exe
2018-08-17 21:57:54 ----A---- C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-17 21:57:54 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2018-08-17 21:57:54 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2018-08-17 21:57:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-17 21:57:53 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2018-08-17 21:57:53 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-17 21:57:53 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2018-08-17 21:57:53 ----A---- C:\WINDOWS\system32\drivers\winhvr.sys
2018-08-17 21:57:52 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-08-17 21:57:52 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2018-08-17 21:57:52 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-17 21:57:52 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2018-08-17 21:57:52 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-08-17 21:57:52 ----A---- C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-17 21:57:51 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2018-08-17 21:57:51 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-08-17 21:57:51 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2018-08-17 21:57:51 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2018-08-17 21:57:51 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-08-17 21:57:51 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-17 21:57:51 ----A---- C:\WINDOWS\system32\t2embed.dll
2018-08-17 21:57:51 ----A---- C:\WINDOWS\system32\hlink.dll
2018-08-17 21:57:51 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-08-17 21:57:50 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2018-08-17 21:57:50 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-17 21:57:50 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-08-17 21:57:50 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-08-17 21:57:49 ----A---- C:\WINDOWS\system32\mssph.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\system32\tzres.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\system32\atmlib.dll
2018-08-17 21:57:48 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-17 21:57:47 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2018-08-17 21:57:47 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2018-08-17 21:57:47 ----A---- C:\WINDOWS\system32\winshfhc.dll
2018-08-17 21:57:47 ----A---- C:\WINDOWS\system32\drivers\vmgid.sys
2018-08-12 20:39:03 ----A---- C:\WINDOWS\IE.exe
2018-08-03 19:06:33 ----D---- C:\Program Files\Google

======List of files/folders modified in the last 1 month======

2018-08-21 23:23:47 ----D---- C:\WINDOWS\Temp
2018-08-21 23:21:26 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-08-21 23:19:36 ----D---- C:\WINDOWS\system32\Tasks
2018-08-21 23:07:41 ----SHDC---- C:\WINDOWS\Installer
2018-08-21 23:06:50 ----D---- C:\WINDOWS\Prefetch
2018-08-21 23:04:30 ----D---- C:\WINDOWS\system32\sru
2018-08-21 23:03:43 ----D---- C:\WINDOWS\System32
2018-08-21 23:03:43 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-20 22:14:51 ----D---- C:\WINDOWS\system32\drivers\etc
2018-08-20 22:14:46 ----RD---- C:\Program Files
2018-08-20 22:11:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-20 22:11:41 ----D---- C:\WINDOWS\INF
2018-08-20 22:07:38 ----D---- C:\WINDOWS\AppReadiness
2018-08-20 22:03:45 ----D---- C:\WINDOWS\system32\catroot2
2018-08-20 22:03:33 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2018-08-20 21:46:42 ----D---- C:\WINDOWS\system32\SleepStudy
2018-08-20 21:18:42 ----HD---- C:\Program Files\WindowsApps
2018-08-20 21:06:41 ----D---- C:\Program Files\Opera
2018-08-20 21:04:15 ----D---- C:\WINDOWS\system32\LogFiles
2018-08-19 23:18:58 ----SHD---- C:\System Volume Information
2018-08-19 23:18:44 ----D---- C:\WINDOWS\Logs
2018-08-19 22:39:54 ----RD---- C:\WINDOWS\Microsoft.NET
2018-08-19 22:35:45 ----RSD---- C:\WINDOWS\assembly
2018-08-19 22:16:26 ----D---- C:\WINDOWS\system32\NDF
2018-08-19 22:11:43 ----D---- C:\WINDOWS\LiveKernelReports
2018-08-18 21:13:27 ----D---- C:\WINDOWS\system32\config
2018-08-18 21:02:52 ----D---- C:\WINDOWS\WinSxS
2018-08-18 21:02:27 ----D---- C:\WINDOWS\system32\DriverStore
2018-08-18 21:01:38 ----D---- C:\WINDOWS\system32\drivers
2018-08-17 23:02:53 ----D---- C:\WINDOWS\TextInput
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-08-17 23:02:53 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-08-17 23:02:52 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-08-17 23:02:52 ----D---- C:\WINDOWS\SysWOW64
2018-08-17 23:02:51 ----SD---- C:\WINDOWS\system32\UNP
2018-08-17 23:02:51 ----SD---- C:\WINDOWS\system32\F12
2018-08-17 23:02:51 ----SD---- C:\WINDOWS\system32\DiagSvcs
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\zu-ZA
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\yo-NG
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\xh-ZA
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\wo-SN
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\tn-ZA
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\ti-ET
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\ShellExperiences
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\rw-RW
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\nso-ZA
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\migration
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\ig-NG
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\en-US
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\drivers\en-US
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\cs-CZ
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-08-17 23:02:51 ----D---- C:\WINDOWS\system32\Boot
2018-08-17 23:02:48 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-08-17 23:02:47 ----RD---- C:\WINDOWS\PrintDialog
2018-08-17 23:02:47 ----RD---- C:\Program Files\Windows Defender
2018-08-17 23:02:47 ----D---- C:\WINDOWS\ShellExperiences
2018-08-17 23:02:47 ----D---- C:\WINDOWS\bcastdvr
2018-08-17 23:02:47 ----D---- C:\Program Files (x86)\Windows Defender
2018-08-17 22:44:14 ----D---- C:\WINDOWS\system32\Macromed
2018-08-17 22:44:13 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-08-17 22:24:02 ----D---- C:\WINDOWS\system32\MRT
2018-08-17 22:11:00 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-08-17 22:10:40 ----D---- C:\WINDOWS\CbsTemp
2018-08-16 23:14:05 ----SHD---- C:\Config.Msi
2018-08-16 23:00:13 ----D---- C:\ProgramData\Packages
2018-08-13 22:41:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-13 22:41:02 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-08-12 21:02:54 ----D---- C:\Windows
2018-08-06 17:19:36 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-08-03 19:14:07 ----D---- C:\WINDOWS\system32\drivers\wd

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem7.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2017-07-27 106424]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-06-25 201328]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-06-25 346664]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-06-25 59592]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-06-25 85968]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-06-25 381584]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-31 644968]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-06-25 197160]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-06-25 229392]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-06-25 239680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-06-25 111872]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-06-25 1027728]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-07-23 467064]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-06-25 159640]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-06-25 211160]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-04-12 43520]
R3 ACPIVPC;@oem25.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-01-27 35600]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-07-10 21625880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-07-10 673304]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2018-04-12 4233728]
R3 BTATH_BUS;@oem41.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-07 34384]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2018-04-12 198144]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-04-12 106496]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 CnxtHdAudService;@oem103.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-08-05 1561728]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2011-09-09 87040]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-10-20 7963632]
R3 L1C;@oem71.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-07-18 130248]
R3 MEIx64;@oem84.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-08-08 99288]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Ovladač přenosů Avrcp protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [2018-04-12 46592]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
R3 rtsuvc;@oem4.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2013-07-19 8247640]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2018-06-25 15360]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-06-25 46976]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-07-14 1069568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2010-03-20 13952]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\WINDOWS\System32\drivers\ew_juextctrl.sys [2011-09-09 28672]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-08-03 77608]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 IntcDAud;@oem90.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RTSUER;@oem13.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-07-03 410880]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2015-11-29 138752]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-07-10 254488]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-06-25 322464]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_b6ddec;Uživatelská služba platformy připojených zařízení_b6ddec; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-31 15720]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-10-20 365040]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-08-08 169432]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 OneSyncSvc_b6ddec;Hostitel synchronizace_b6ddec; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-06-25 7780400]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-20 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_b6ddec;Data kontaktů_b6ddec; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-17 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_b6ddec;Uživatelská služba pro GameDVR a vysílání her_b6ddec; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_b6ddec;Služba pro podporu uživatelů Bluetooth_b6ddec; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-10-20 494056]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_b6ddec;DevicePicker_b6ddec; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_b6ddec;Tok zařízení_b6ddec; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2017-02-14 273216]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 MessagingService_b6ddec;Služba zasílání zpráv_b6ddec; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-08-12 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_b6ddec;PrintWorkflow_b6ddec; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]

-----------------EOF-----------------

[Conder]

Ahoj

V akych umiestneniach Avast hlasi tento hrozby?

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

Ak nepouzivas, odorucam odinstalovat Seznam Software (Seznam Listicka).

[Biggest]

Log je zde, problém je, že jsem ho pouštěl před pár dny, kdy to našlo cca 32 hrozeb, tak log přidávám ještě pod to. Každopádně každý den se to hlášení opakuje. Seznam nepoužívám.
Jinak umístění hrozeb:
https://drive.google.com/file/d/1G4XSFB ... sp=sharing
https://drive.google.com/file/d/1emt3cM ... sp=sharing
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-20.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-22-2018
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4107 octets] - [20/08/2018 22:03:09]
AdwCleaner[C00].txt - [3723 octets] - [20/08/2018 22:03:36]
AdwCleaner[S01].txt - [1364 octets] - [22/08/2018 22:31:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

log 2

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-20.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-20-2018
# Duration: 00:00:13
# OS: Windows 10 Home
# Cleaned: 31
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Pokki
Deleted C:\Users\Jakub\AppData\Local\Pokki
Deleted C:\Users\svatba\AppData\Local\Pokki
Deleted C:\Users\Jakub\AppData\Local\SweetLabs App Platform

***** [ Files ] *****

Deleted C:\Windows\System32\Tasks_Migrated\SweetLabs App Platform
Deleted C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SweetLabs App Platform

***** [ Registry ] *****

Deleted HKCU\Software\SweetLabs App Platform
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKLM\Software\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Deleted HKLM\Software\Classes\CLSID\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2C892BD4-D9C0-4CFC-AE8D-7829DF093B48}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{10C3F12A-5DD2-4CDA-AE9D-AE9B51452AEF}
Deleted HKCU\Software\Classes\pokki
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FE66E54-E014-483F-8AEA-9ECAC71438CD}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2159D33-3CE2-401B-8967-1B270628A311}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2159D33-3CE2-401B-8967-1B270628A311}

***** [ Chromium (and derivatives) ] *****

Deleted MyStart One Click
Deleted bopakagnckmlgajfccecajhnimjiiedh

***** [ Chromium URLs ] *****

Deleted ICQ Search
Deleted DAEMON Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4107 octets] - [20/08/2018 22:03:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Conder]

Poprosim o logy z FRST (Farbar Recovery Scan Tool)

• Stiahni FRST a uloz na plochu: https://www.bleepingcomputer.com/downlo ... scan-tool/
• Je potrebne stiahnut 32 alebo 64 bitovu verziu podla operacneho systemu; ak si nie si isty, stiahni a vyskusaj obidve (spustit pojde len jedna)
• Klikni na FRST pravym tlacitkom mysi a vyber Spustit ako spravca
• Odsuhlas licencne podmienky
• Klikni na Scan a pockaj na dokoncenie
• Obidva vytvorene logy (FRST.txt a Addition.txt) vloz do nasledujcej odpovede
• Ak sa logy nezmestia do jednej odpovede, rozdel ich do viac odpovedi, pripadne zabal do archivu ZIP a posli ako prilohu

[Biggest]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by Jakub (administrator) on BG-PC (27-08-2018 18:41:45)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub & svatba)
Platform: Windows 10 Home Version 1803 17134.228 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
() C:\Users\Jakub\AppData\Roaming\ICQ\bin\icq.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP DeskJet 5570 series\Bin\ScanToPCActivationApp.exe
(Facebook) C:\Users\Jakub\AppData\Local\Facebook\Games\FacebookGameroom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(The CefSharp Authors) C:\Users\Jakub\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Program Files\Lenovo\iMController\AutoUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Lenovo\iMController\LegacyFeatures.exe
() C:\Program Files\Lenovo\iMController\PluginCommunication.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP DeskJet 5570 series\Bin\HPNetworkCommunicatorCom.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [393200 2017-10-20] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-01-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-01-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4866760 2015-11-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-25] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-03-25] (CANON INC.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\Run: [icq.desktop] => C:\Users\Jakub\AppData\Roaming\ICQ\bin\icq.exe [27470488 2018-05-24] ()
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\Run: [HP DeskJet 5570 series (NET)] => C:\Program Files\HP\HP DeskJet 5570 series\Bin\ScanToPCActivationApp.exe [3558408 2015-04-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-05-09]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Jakub\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9f34dabe-4363-480a-9687-ab8868dd266b}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{dc7fe4b5-2f7a-4aad-88e8-c09369fff6db}: [DhcpNameServer] 158.196.0.53

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=29530
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-4127452271-195137932-3024611630-1001 -> {59141C7B-AADE-4DB9-A3C2-1DA1F74B1A75} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-4127452271-195137932-3024611630-1001 -> {5A6D2331-E137-4DFD-9F0C-69754460AB13} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_29530
SearchScopes: HKU\S-1-5-21-4127452271-195137932-3024611630-1001 -> {8886DB45-6265-433D-B333-0095CFEB9259} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-4127452271-195137932-3024611630-1001 -> {89DB62CE-C578-45D7-AFC4-AC593A1E57FD} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_29530
SearchScopes: HKU\S-1-5-21-4127452271-195137932-3024611630-1001 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4127452271-195137932-3024611630-1001 -> {9DBE0070-B0E3-4FA1-BF4F-561C877193FA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-4127452271-195137932-3024611630-1001 -> {CDBF5A0A-4742-4332-9EF1-AC94F5F84121} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-4127452271-195137932-3024611630-1001 -> {D0F5A666-F20D-4CC6-B557-8855557BBFEF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-4127452271-195137932-3024611630-1001 -> {EFE44643-7AC4-4722-95D2-74F4CEC256B8} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_29530
SearchScopes: HKU\S-1-5-21-4127452271-195137932-3024611630-1001 -> {F16C5D0D-4265-4BE9-B4D6-3E672A52E3FF} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_29530
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\mlxdqle2.default [2018-08-12]
FF NewTabOverride: Mozilla\Firefox\Profiles\mlxdqle2.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Avast SafePrice) - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\mlxdqle2.default\Extensions\sp@avast.com.xpi [2018-06-20]
FF Extension: (Avast Online Security) - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\mlxdqle2.default\Extensions\wrc@avast.com.xpi [2018-06-20]
FF Extension: (Adblock Plus) - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\mlxdqle2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-23]
FF SearchPlugin: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\mlxdqle2.default\searchplugins\badoo.xml [2014-06-23]
FF SearchPlugin: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\mlxdqle2.default\searchplugins\google-avast.xml [2015-05-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-17] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4127452271-195137932-3024611630-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jakub\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4127452271-195137932-3024611630-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-07-27] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Jakub\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default [2018-08-27]
CHR Extension: (ProxFlow) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2018-02-05]
CHR Extension: (Dokumenty) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2018-03-10]
CHR Extension: (Adobe Acrobat) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Avast Passwords) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-08-14]
CHR Extension: (Booking.com for Chrome™) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip [2017-03-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (Avast Online Security) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-05]
CHR Extension: (Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-05]
CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iphahelpmejkbidhiecfeicblienleon] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-11-29] () [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-25] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-25] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273216 2017-02-14] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-03] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-03] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [106424 2017-07-27] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-06-25] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-06-25] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-06-25] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-06-25] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-06-25] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-25] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-06-25] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-06-25] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-06-25] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-06-25] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-06-25] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-06-25] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465640 2018-08-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-06-25] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-06-25] (AVAST Software)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 voxaldriver; C:\WINDOWS\system32\DRIVERS\voxaldriverx64.sys [43472 2017-05-06] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-03] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-03] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-03] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-27 18:41 - 2018-08-27 18:42 - 000025261 _____ C:\Users\Jakub\Desktop\FRST.txt
2018-08-27 18:41 - 2018-08-27 18:41 - 000000000 ____D C:\FRST
2018-08-27 18:41 - 2018-08-27 18:40 - 002413056 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2018-08-27 18:40 - 2018-08-27 18:40 - 002413056 _____ (Farbar) C:\Users\Jakub\Downloads\FRST64.exe
2018-08-27 18:38 - 2018-08-27 18:38 - 000000000 ___HD C:\OneDriveTemp
2018-08-20 22:14 - 2018-08-21 23:24 - 000000000 ____D C:\Program Files\trend micro
2018-08-20 22:14 - 2018-08-20 22:14 - 001222144 _____ C:\Users\Jakub\Downloads\RSITx64.exe
2018-08-20 22:14 - 2018-08-20 22:14 - 000000000 ____D C:\rsit
2018-08-20 22:02 - 2018-08-20 22:03 - 000000000 ____D C:\AdwCleaner
2018-08-20 21:58 - 2018-08-20 22:00 - 007417040 _____ (Malwarebytes) C:\Users\Jakub\Downloads\adwcleaner_7.2.2.exe
2018-08-17 22:44 - 2018-08-17 22:44 - 006314496 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-08-17 21:59 - 2018-08-03 10:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-17 21:59 - 2018-08-03 09:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-08-17 21:59 - 2018-08-03 05:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-17 21:59 - 2018-08-03 05:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-17 21:59 - 2018-08-03 05:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-17 21:59 - 2018-08-03 05:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-08-17 21:59 - 2018-08-03 05:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-17 21:59 - 2018-08-03 05:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-17 21:59 - 2018-08-03 05:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-17 21:59 - 2018-08-03 05:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-17 21:59 - 2018-08-03 05:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-17 21:59 - 2018-08-03 05:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-17 21:59 - 2018-08-03 05:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-17 21:59 - 2018-08-03 05:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-17 21:59 - 2018-08-03 05:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-17 21:59 - 2018-08-03 05:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-17 21:59 - 2018-08-03 05:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-17 21:59 - 2018-08-03 05:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-17 21:59 - 2018-08-03 05:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-17 21:59 - 2018-08-03 05:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-17 21:59 - 2018-07-15 02:44 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-17 21:59 - 2018-07-15 02:43 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-17 21:59 - 2018-07-15 02:42 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-17 21:59 - 2018-07-14 08:46 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-17 21:59 - 2018-07-14 08:42 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-17 21:59 - 2018-07-14 06:22 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-17 21:59 - 2018-07-14 06:18 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-17 21:59 - 2018-07-14 06:16 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-08-17 21:59 - 2018-07-14 05:57 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-17 21:59 - 2018-07-14 05:56 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-17 21:58 - 2018-08-03 10:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-17 21:58 - 2018-08-03 10:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-17 21:58 - 2018-08-03 10:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-17 21:58 - 2018-08-03 10:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-17 21:58 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-17 21:58 - 2018-08-03 10:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-17 21:58 - 2018-08-03 10:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2018-08-17 21:58 - 2018-08-03 10:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-17 21:58 - 2018-08-03 09:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-08-17 21:58 - 2018-08-03 09:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-08-17 21:58 - 2018-08-03 09:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-17 21:58 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-08-17 21:58 - 2018-08-03 09:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-08-17 21:58 - 2018-08-03 05:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-17 21:58 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-08-17 21:58 - 2018-08-03 05:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-17 21:58 - 2018-08-03 05:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-17 21:58 - 2018-08-03 05:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-17 21:58 - 2018-08-03 05:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-08-17 21:58 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-08-17 21:58 - 2018-08-03 05:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-17 21:58 - 2018-08-03 05:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-17 21:58 - 2018-08-03 05:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-17 21:58 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-17 21:58 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-17 21:58 - 2018-08-03 05:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-17 21:58 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-17 21:58 - 2018-08-03 05:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-17 21:58 - 2018-08-03 05:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-08-17 21:58 - 2018-08-03 05:39 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-17 21:58 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-17 21:58 - 2018-08-03 05:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-17 21:58 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-17 21:58 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-17 21:58 - 2018-08-03 05:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-17 21:58 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-17 21:58 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-17 21:58 - 2018-08-03 05:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-17 21:58 - 2018-08-03 05:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-08-17 21:58 - 2018-08-03 05:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-08-17 21:58 - 2018-08-03 05:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-17 21:58 - 2018-08-03 05:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-17 21:58 - 2018-08-03 05:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-17 21:58 - 2018-08-03 05:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-08-17 21:58 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-08-17 21:58 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-17 21:58 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-08-17 21:58 - 2018-08-03 05:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-17 21:58 - 2018-08-03 05:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-17 21:58 - 2018-08-03 05:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-08-17 21:58 - 2018-08-03 05:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-08-17 21:58 - 2018-08-03 05:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-17 21:58 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-08-17 21:58 - 2018-08-03 05:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-17 21:58 - 2018-08-03 05:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-08-17 21:58 - 2018-08-03 05:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-17 21:58 - 2018-08-03 05:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-17 21:58 - 2018-08-03 05:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-17 21:58 - 2018-08-03 05:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-17 21:58 - 2018-08-03 05:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-08-17 21:58 - 2018-08-03 05:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-17 21:58 - 2018-08-03 05:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-17 21:58 - 2018-08-03 05:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-17 21:58 - 2018-08-03 05:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-17 21:58 - 2018-08-03 05:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-17 21:58 - 2018-08-03 05:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-17 21:58 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-17 21:58 - 2018-08-03 05:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-17 21:58 - 2018-08-03 05:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-17 21:58 - 2018-08-03 05:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-17 21:58 - 2018-08-03 05:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-17 21:58 - 2018-08-03 05:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-17 21:58 - 2018-08-03 05:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-08-17 21:58 - 2018-08-03 05:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-17 21:58 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-17 21:58 - 2018-08-03 05:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-17 21:58 - 2018-08-03 05:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-08-17 21:58 - 2018-08-03 05:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-08-17 21:58 - 2018-08-03 05:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-17 21:58 - 2018-08-03 05:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-17 21:58 - 2018-08-03 05:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-17 21:58 - 2018-08-03 05:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-17 21:58 - 2018-08-03 05:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-17 21:58 - 2018-08-03 05:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-08-17 21:58 - 2018-08-03 05:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-17 21:58 - 2018-08-03 05:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-17 21:58 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-08-17 21:58 - 2018-08-03 05:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-17 21:58 - 2018-07-15 02:56 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-17 21:58 - 2018-07-15 02:42 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-17 21:58 - 2018-07-15 02:41 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-17 21:58 - 2018-07-15 02:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-17 21:58 - 2018-07-15 02:39 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-17 21:58 - 2018-07-15 02:39 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-17 21:58 - 2018-07-15 02:38 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-17 21:58 - 2018-07-15 02:38 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-17 21:58 - 2018-07-15 02:38 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-17 21:58 - 2018-07-15 02:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-17 21:58 - 2018-07-15 01:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-08-17 21:58 - 2018-07-15 01:18 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-08-17 21:58 - 2018-07-15 01:17 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-08-17 21:58 - 2018-07-15 01:15 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-08-17 21:58 - 2018-07-15 01:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-08-17 21:58 - 2018-07-15 01:13 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-17 21:58 - 2018-07-15 01:13 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-17 21:58 - 2018-07-14 06:37 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-17 21:58 - 2018-07-14 06:37 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-17 21:58 - 2018-07-14 06:23 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-17 21:58 - 2018-07-14 06:22 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-17 21:58 - 2018-07-14 06:22 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-17 21:58 - 2018-07-14 06:22 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-17 21:58 - 2018-07-14 06:21 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-17 21:58 - 2018-07-14 06:20 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-08-17 21:58 - 2018-07-14 06:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-08-17 21:58 - 2018-07-14 06:19 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-17 21:58 - 2018-07-14 06:19 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-17 21:58 - 2018-07-14 06:19 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-17 21:58 - 2018-07-14 06:19 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-17 21:58 - 2018-07-14 06:18 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-17 21:58 - 2018-07-14 06:18 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-17 21:58 - 2018-07-14 06:18 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-17 21:58 - 2018-07-14 06:18 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-17 21:58 - 2018-07-14 06:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-08-17 21:58 - 2018-07-14 06:18 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-17 21:58 - 2018-07-14 06:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-08-17 21:58 - 2018-07-14 06:17 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-17 21:58 - 2018-07-14 06:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-08-17 21:58 - 2018-07-14 06:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-08-17 21:58 - 2018-07-14 06:16 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-08-17 21:58 - 2018-07-14 06:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-08-17 21:58 - 2018-07-14 06:15 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-17 21:58 - 2018-07-14 06:15 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-17 21:58 - 2018-07-14 06:01 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-17 21:58 - 2018-07-14 05:59 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-17 21:58 - 2018-07-14 05:59 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-17 21:58 - 2018-07-14 05:59 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-08-17 21:58 - 2018-07-14 05:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-08-17 21:58 - 2018-07-14 05:57 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-17 21:58 - 2018-07-14 05:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-08-17 21:58 - 2018-07-14 05:56 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-17 21:58 - 2018-07-14 05:56 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-08-17 21:58 - 2018-07-14 05:56 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-17 21:58 - 2018-07-14 05:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-17 21:58 - 2018-07-14 05:56 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-08-17 21:58 - 2018-07-14 05:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-08-17 21:58 - 2018-07-14 05:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-17 21:58 - 2018-07-14 05:55 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-08-17 21:58 - 2018-07-14 05:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-08-17 21:58 - 2018-07-14 05:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-17 21:58 - 2018-07-14 05:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-17 21:58 - 2018-07-14 05:55 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-17 21:58 - 2018-07-14 05:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-17 21:58 - 2018-07-14 05:54 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-17 21:58 - 2018-07-14 05:53 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-17 21:58 - 2018-07-14 05:53 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-17 21:58 - 2018-07-14 05:53 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-17 21:58 - 2018-07-14 05:53 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-17 21:58 - 2018-07-14 05:53 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-08-17 21:58 - 2018-07-14 05:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-17 21:58 - 2018-07-14 05:53 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-17 21:58 - 2018-07-14 05:53 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-17 21:58 - 2018-07-14 05:53 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-17 21:58 - 2018-07-14 05:52 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-17 21:58 - 2018-07-14 05:52 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-17 21:58 - 2018-07-14 05:52 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-17 21:58 - 2018-07-14 05:52 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-17 21:58 - 2018-07-14 05:51 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-17 21:58 - 2018-07-14 05:51 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-17 21:58 - 2018-07-14 05:51 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-17 21:58 - 2018-07-14 05:51 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-17 21:58 - 2018-07-14 05:51 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-17 21:58 - 2018-07-14 05:51 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-17 21:58 - 2018-07-14 05:50 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-17 21:58 - 2018-07-14 05:50 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-17 21:58 - 2018-07-14 05:50 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-17 21:58 - 2018-07-14 05:50 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-17 21:58 - 2018-07-14 05:50 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-17 21:58 - 2018-07-14 05:50 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-17 21:58 - 2018-07-14 05:50 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-17 21:58 - 2018-07-14 05:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-17 21:58 - 2018-07-14 05:49 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-08-17 21:58 - 2018-07-14 05:49 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-17 21:58 - 2018-07-13 06:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-17 21:57 - 2018-08-03 10:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-17 21:57 - 2018-08-03 10:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-17 21:57 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-17 21:57 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-17 21:57 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-08-17 21:57 - 2018-08-03 10:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-08-17 21:57 - 2018-08-03 10:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-17 21:57 - 2018-08-03 09:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-08-17 21:57 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-08-17 21:57 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-08-17 21:57 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-08-17 21:57 - 2018-08-03 09:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-17 21:57 - 2018-08-03 07:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-17 21:57 - 2018-08-03 06:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-17 21:57 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-08-17 21:57 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-17 21:57 - 2018-08-03 05:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-08-17 21:57 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-17 21:57 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-08-17 21:57 - 2018-08-03 05:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-17 21:57 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-17 21:57 - 2018-08-03 05:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-17 21:57 - 2018-08-03 05:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-17 21:57 - 2018-08-03 05:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-17 21:57 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-17 21:57 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-08-17 21:57 - 2018-08-03 05:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-17 21:57 - 2018-08-03 05:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-17 21:57 - 2018-08-03 05:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-17 21:57 - 2018-08-03 05:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-17 21:57 - 2018-08-03 05:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-08-17 21:57 - 2018-08-03 05:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-17 21:57 - 2018-08-03 05:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-17 21:57 - 2018-08-03 05:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-08-17 21:57 - 2018-08-03 05:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-08-17 21:57 - 2018-08-03 03:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-17 21:57 - 2018-07-15 02:58 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-17 21:57 - 2018-07-15 02:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-08-17 21:57 - 2018-07-15 02:36 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-17 21:57 - 2018-07-15 01:13 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-17 21:57 - 2018-07-15 01:13 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-17 21:57 - 2018-07-15 01:11 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-17 21:57 - 2018-07-14 06:21 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-17 21:57 - 2018-07-14 05:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-08-17 21:57 - 2018-07-14 05:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-08-17 21:57 - 2018-07-14 05:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-08-17 21:57 - 2018-07-14 05:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-08-17 21:57 - 2018-07-14 05:56 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-17 21:57 - 2018-07-14 05:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-08-17 21:57 - 2018-07-14 05:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-08-17 21:57 - 2018-07-14 05:56 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-17 21:57 - 2018-07-14 05:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-08-17 21:57 - 2018-07-14 05:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-17 21:57 - 2018-07-14 05:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-08-17 21:57 - 2018-07-14 05:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-17 21:57 - 2018-07-14 05:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-17 21:57 - 2018-07-14 05:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-08-17 21:57 - 2018-07-14 05:55 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-17 21:57 - 2018-07-14 05:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-08-17 21:57 - 2018-07-14 05:55 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-17 21:57 - 2018-07-14 05:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-17 21:57 - 2018-07-14 05:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-17 21:57 - 2018-07-14 05:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-08-17 21:57 - 2018-07-14 05:54 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-17 21:57 - 2018-07-14 05:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-17 21:57 - 2018-07-14 05:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-17 21:57 - 2018-07-14 05:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-17 21:57 - 2018-07-14 05:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-17 21:57 - 2018-07-14 05:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-17 21:57 - 2018-07-14 05:53 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-17 21:57 - 2018-07-14 05:52 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-17 21:57 - 2018-07-14 05:51 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-17 21:57 - 2018-07-14 05:50 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-17 21:57 - 2018-07-14 05:50 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-13 23:02 - 2018-08-13 23:02 - 000000000 ____D C:\Users\Jakub\AppData\Local\D3DSCache
2018-08-12 20:39 - 2018-08-12 20:39 - 001676798 _____ C:\WINDOWS\IE.exe
2018-08-12 20:36 - 2018-08-12 20:36 - 000000003 _____ C:\Users\Jakub\lll.txt
2018-08-12 20:33 - 2018-08-12 20:33 - 000000000 ____D C:\Users\Jakub\Downloads\Horkýže slíže - Pustite Karola 2017 Album MP3 320 Deluxe
2018-08-12 20:07 - 2018-08-12 20:12 - 096805998 _____ C:\Users\Jakub\Downloads\Horkýže slíže - Pustite Karola 2017 Album MP3 320 Deluxe.rar
2018-08-12 19:59 - 2018-08-12 19:59 - 000000000 ____D C:\Users\Jakub\Downloads\Sabaton (2006) Attero Dominatus (full) - album
2018-08-12 19:50 - 2018-08-12 19:59 - 150569408 _____ C:\Users\Jakub\Downloads\Sabaton (2006) Attero Dominatus (full) - album.rar
2018-08-12 19:49 - 2018-08-12 19:49 - 000000000 ____D C:\Users\Jakub\Downloads\Sabaton - The Art Of War (Album)
2018-08-12 19:34 - 2018-08-12 19:42 - 140953251 _____ C:\Users\Jakub\Downloads\Sabaton - The Art Of War (Album).rar
2018-08-12 19:32 - 2015-09-26 14:59 - 000000000 ____D C:\Users\Jakub\Downloads\2005 - Primo Victoria
2018-08-12 19:19 - 2018-08-12 19:31 - 146751113 _____ C:\Users\Jakub\Downloads\Sabaton (2005) Primo Victoria (full) - album.rar
2018-08-12 19:19 - 2018-08-12 19:19 - 000000000 ____D C:\Users\Jakub\Downloads\Sabaton (2012) Carolus Rex (full) - album
2018-08-12 18:44 - 2018-08-12 18:59 - 253315447 _____ C:\Users\Jakub\Downloads\Sabaton (2012) Carolus Rex (full) - album.rar
2018-08-12 18:13 - 2018-08-12 18:14 - 000000000 ____D C:\Users\Jakub\Downloads\sabaton-heroes-album-rar
2018-08-12 17:07 - 2018-08-12 17:14 - 126837128 _____ C:\Users\Jakub\Downloads\sabaton-heroes-album-rar.bin
2018-08-12 12:59 - 2018-08-12 12:59 - 000215066 _____ C:\Users\Jakub\Downloads\Berlička-pro-průvodce-na-K5 (3).pdf
2018-08-12 12:57 - 2018-08-12 12:57 - 000156156 _____ C:\Users\Jakub\Downloads\Berlička-pro-průvodce-na-K5-2 (1).pdf
2018-08-09 22:36 - 2018-08-09 23:40 - 1161319188 _____ C:\Users\Jakub\Downloads\Sabaton - The Last Stand [Extended Edition] 2016_[MP3@320kbps+FLAC+ALAC].zip
2018-08-09 19:37 - 2018-08-09 20:28 - 891776243 _____ C:\Users\Jakub\Downloads\Sabaton - Coat Of Arms [Limited Edition] 2010_[MP3@320kbps+FLAC+ALAC].zip
2018-08-03 19:06 - 2018-08-03 19:06 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-08-03 19:06 - 2018-08-03 19:06 - 000002252 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-08-03 19:06 - 2018-08-03 19:06 - 000000000 ____D C:\Program Files\Google
2018-07-30 22:22 - 2018-07-30 22:22 - 000000000 ____D C:\Users\Jakub\Desktop\cedule

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-27 18:42 - 2014-06-05 20:14 - 000000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2018-08-27 18:39 - 2017-03-02 20:50 - 000000000 ____D C:\Users\Jakub\AppData\Local\AVAST Software
2018-08-27 18:39 - 2016-07-04 19:08 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-08-27 18:38 - 2014-06-05 19:59 - 000000000 ___RD C:\Users\Jakub\SkyDrive
2018-08-27 18:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-27 18:37 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-27 18:37 - 2017-06-09 16:07 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-27 18:37 - 2016-03-14 06:46 - 000000000 __SHD C:\Users\Jakub\IntelGraphicsProfiles
2018-08-27 18:36 - 2018-05-20 23:12 - 000000000 ____D C:\Users\Jakub
2018-08-27 18:33 - 2018-05-20 23:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-27 18:33 - 2018-05-20 23:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-27 07:47 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-27 07:35 - 2018-05-20 23:46 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-08-27 07:35 - 2018-05-20 11:54 - 000465640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-22 23:54 - 2018-05-26 22:26 - 000011768 _____ C:\Users\Jakub\Desktop\Polsko.xlsx
2018-08-22 22:41 - 2018-05-20 23:32 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-22 22:41 - 2018-04-12 17:50 - 000717314 _____ C:\WINDOWS\system32\perfh005.dat
2018-08-22 22:41 - 2018-04-12 17:50 - 000145070 _____ C:\WINDOWS\system32\perfc005.dat
2018-08-22 22:41 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-22 22:33 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-08-22 22:26 - 2017-12-27 21:21 - 000000000 ____D C:\Program Files\Opera
2018-08-22 22:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-20 22:03 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-08-20 21:10 - 2018-04-05 16:39 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-20 21:10 - 2018-04-05 16:39 - 000002474 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-08-19 22:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-18 21:25 - 2015-10-21 23:43 - 000000183 _____ C:\Users\Jakub\Desktop\TZ.txt
2018-08-18 21:03 - 2017-12-21 21:53 - 000000000 ___RD C:\Users\Jakub\3D Objects
2018-08-18 21:03 - 2016-02-13 15:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-18 21:02 - 2018-05-20 23:06 - 000460512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-17 23:02 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-17 23:02 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-17 22:44 - 2018-05-20 23:46 - 000004634 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-17 22:44 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-08-17 22:44 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-08-17 22:24 - 2014-06-06 06:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-17 22:11 - 2014-06-06 06:30 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-17 22:10 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-16 23:13 - 2015-11-16 22:54 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-16 23:00 - 2018-07-10 19:07 - 000000000 ____D C:\ProgramData\Packages
2018-08-13 22:41 - 2016-11-20 00:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-08-13 22:41 - 2014-06-05 20:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-12 21:28 - 2016-11-21 19:08 - 000000000 ____D C:\Users\Jakub\AppData\LocalLow\Mozilla
2018-08-12 15:53 - 2014-06-05 20:22 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-08-12 12:23 - 2015-08-24 18:29 - 000022528 _____ C:\Users\Jakub\Desktop\Kuba_splatky.xls
2018-08-12 09:16 - 2018-05-20 23:46 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4127452271-195137932-3024611630-1001
2018-08-12 09:16 - 2018-05-20 23:12 - 000002398 _____ C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-09 19:40 - 2015-11-03 21:23 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-09 19:40 - 2015-11-03 21:23 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-06 17:19 - 2018-07-12 20:50 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-08-06 17:19 - 2018-07-12 20:50 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-03 19:14 - 2018-05-20 23:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-08-03 19:05 - 2018-05-20 23:46 - 000003938 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1514402616
2018-08-03 19:04 - 2017-12-27 21:23 - 000001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk

==================== Files in the root of some directories =======

2017-05-06 19:10 - 2017-05-06 19:10 - 000001167 _____ () C:\Users\Jakub\AppData\Roaming\trace_FilterInstaller.txt
2017-05-06 19:10 - 2017-05-06 19:10 - 000000000 _____ () C:\Users\Jakub\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-06-30 00:25 - 2016-06-30 00:25 - 000003584 _____ () C:\Users\Jakub\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-28 19:07 - 2018-06-28 19:07 - 000001746 _____ () C:\Users\Jakub\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-20 23:06

==================== End of FRST.txt ============================

[Biggest]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Jakub (27-08-2018 18:43:36)
Running from C:\Users\Jakub\Desktop
Windows 10 Home Version 1803 17134.228 (X64) (2018-05-20 21:48:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4127452271-195137932-3024611630-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4127452271-195137932-3024611630-503 - Limited - Disabled)
Guest (S-1-5-21-4127452271-195137932-3024611630-501 - Limited - Disabled)
Jakub (S-1-5-21-4127452271-195137932-3024611630-1001 - Administrator - Enabled) => C:\Users\Jakub
svatba (S-1-5-21-4127452271-195137932-3024611630-1004 - Limited - Enabled) => C:\Users\svatba
WDAGUtilityAccount (S-1-5-21-4127452271-195137932-3024611630-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
AGCd - 2.0.1 (HKLM-x32\...\AGCd - 2.0.1_is1) (Version: - Intergraph CS s.r.o.)
AGCd - 2.1.0 (HKLM-x32\...\AGCd - 2.1.0_is1) (Version: - Intergraph CS s.r.o.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 68.0.746.59 - AVAST Software)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.03 - Canon Inc.)
Canon MP230 series On-screen Manual (HKLM-x32\...\Canon MP230 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.1 - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Facebook Gameroom 1.21.6697.19829 (HKLM-x32\...\{7BE2211B-F86C-40CA-A6CC-69564D9BD5E2}) (Version: 1.21.6697.19829 - Facebook)
Fish Fillets (HKLM-x32\...\Fish Fillets) (Version: - )
Garmin BaseCamp (HKLM-x32\...\{6AEC15C1-6D21-468F-A29D-B3339C31CCCA}) (Version: 3.1.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP DeskJet 5570 series Nápověda (HKLM-x32\...\{17C64B75-5B72-4BFF-B048-ADD986EDE0A8}) (Version: 35.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 4.23.05.00 - )
ICQ (verze 10.0.12341) (HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\icq.desktop) (Version: 10.0.12341 - ICQ)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
K-Lite Mega Codec Pack 10.9.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.5 - )
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{7BB9AAFD-3350-49C8-92D1-833AAFF9E74E}) (Version: 3.4.003.013 - Lenovo)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.2.4000 - Maxthon International Limited)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.2 (x64 cs)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.2.6793 - Mozilla)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{43245B34-BAEA-4716-B877-38E7E7026698}) (Version: 4.10.9764 - Apache Software Foundation)
Opera Stable 54.0.2952.64 (HKLM-x32\...\Opera 54.0.2952.64) (Version: 54.0.2952.64 - Opera Software)
PicaLoader 1.7.1 (HKLM-x32\...\PicaLoader) (Version: 1.7.1 - VOWSoft,Ltd.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Prince Of Persia (HKLM-x32\...\{F3B0AC10-3636-4166-81CF-86CD7A8B0123}) (Version: 1.0 - Ubisoft)
PX Profile Update (HKLM-x32\...\{688E032B-2432-CB57-7716-B734EF6995AE}) (Version: 1.00.1. - AMD) Hidden
QGIS Essen 2.14.1 Essen (HKLM\...\QGIS Essen) (Version: - QGIS Development Team)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\SeznamInstall) (Version: - Seznam.cz)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Studie vylepšování produktu HP DeskJet 5570 series (HKLM\...\{71997EDA-A717-4ECF-A957-42A2B63893F6}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
The Settlers 7 - CESTA KE KORUNĚ (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
TOPO Czech 3 (HKLM-x32\...\{1BBD9C84-4FDE-4318-8A32-B31CF4CF4CF8}) (Version: 3.00 - Picodas Praha, spol. s r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
Voxal Voice Changer (HKLM-x32\...\Voxal) (Version: 1.32 - NCH Software)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wooky 3.0.1.6 (HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\Wooky) (Version: 3.0.1.6 - Mobilbonus, s.r.o.)
Y.A. Photos Date Stamper (HKLM-x32\...\{A700A1F5-1381-4AF1-AAAF-1D1EC207C172}) (Version: 1.4.0 - Nakood)
Základní software zařízení HP DeskJet 5570 series (HKLM\...\{4D4488BC-AB61-4B57-91C7-53B899483A38}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-4127452271-195137932-3024611630-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4127452271-195137932-3024611630-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4127452271-195137932-3024611630-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4127452271-195137932-3024611630-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-25] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-25] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-25] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-25] (AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-25] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-4127452271-195137932-3024611630-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-4127452271-195137932-3024611630-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-4127452271-195137932-3024611630-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {001AE05A-9E01-452D-BDFE-6A5864E3919A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {0CD431E0-D0BE-4D30-B84F-B3DC19CA901D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-17] (Adobe Systems Incorporated)
Task: {1B56CEE3-14A7-49B1-9D17-2E0F32D854BD} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {1C96D06E-2485-4288-B822-9011E7105EE1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {210C043A-3D8B-453B-A540-C9C689B79384} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {26CBC4A4-7201-4EAB-8C54-0DC27C78D044} - \SystemSettings -> No File <==== ATTENTION
Task: {2BC7C183-9B58-4438-A930-32CC755D5C06} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8b17af532cb0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {314D6416-C67A-4A2B-95A8-4FFB71BDDB66} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-01-13] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3CC9EFB5-D9CB-4AA4-85EF-6B94E7D34656} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03] (Synaptics Incorporated)
Task: {4625125E-01B5-45A1-88FD-03360A9F5534} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {4A0F222C-AAC1-4CEF-BC55-044576217E0D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-03] (Microsoft Corporation)
Task: {4A665310-93D0-4CB1-B677-E3721D857D4D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4C8519E4-D31D-460E-B3E7-FC0DD3F419DB} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {4E178613-6DA1-4C1C-9A8D-449DF0DE73CF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-27] (AVAST Software)
Task: {4F490153-D2B8-4248-B56F-C43C7F7FB33B} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2017-02-14] (Lenovo)
Task: {5A0F318A-E7CF-4D0A-8CC2-4992D29A8723} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6229F195-DC65-4763-B85F-5DF8FFBB38DE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-21] (AVAST Software)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6A645974-4D66-4D32-85EA-8B393D9BA65D} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2017-02-14] (Lenovo)
Task: {6A777722-9BED-4804-8368-AF33FBDBA461} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6BBFCD43-A742-48FA-BE31-37E569C79E19} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] ()
Task: {6E05613F-17FA-42C4-B638-27D63BDDE07A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {70F25786-73F2-40F9-B43C-91FB5709F62D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {72C94918-3FBE-4F23-B5AE-55B2E5E36190} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-03] (Microsoft Corporation)
Task: {744B31FB-6881-44AD-8A24-AB258C6532C8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7D22DF17-1FF9-41CB-A334-D94BEEC8655E} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-08-01] (Maxthon International ltd.)
Task: {7F5EEF87-EF3D-4E7F-92B9-2E7DB775BC84} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {7FB2AEC1-8B88-435A-8705-45FF2CD8B937} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {85688563-A8DF-4125-B0ED-F850C3653642} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {85D7C705-5680-4F22-A88E-8869402801B6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2017-02-14] ()
Task: {9DAC891B-51C9-480F-93D5-3B79C26452D9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A4CF80B9-45B8-48B9-8AC6-35A0D7DF5AE1} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {BE684004-7638-48EE-8E38-BBD39EC7CEB8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BF98FA62-31D2-41C2-9F9E-B7836161E6B9} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {CDA8D895-6C97-4F0F-9B2E-402C6D11CBF5} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {CFD2E58A-708F-422E-8117-889A9F3E707E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-03] (Microsoft Corporation)
Task: {D47E45E2-76FF-41BB-957B-1A3D346F81AB} - System32\Tasks\HPCustParticipation HP DeskJet 5570 series => C:\Program Files\HP\HP DeskJet 5570 series\Bin\HPCustPartic.exe [2015-04-09] (Hewlett-Packard Development Company, LP)
Task: {D504B900-E26C-493B-A277-2DF818E08BB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-03] (Microsoft Corporation)
Task: {DAD0A9AD-809B-44EE-8C4F-03E013CE369F} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8b17af020584 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {DF2E8F32-A4E5-4183-85C6-7E85A959AC1B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-17] (Adobe Systems Incorporated)
Task: {EB5F256C-3FD4-4132-B0F8-A3837A13C1AD} - System32\Tasks\Opera scheduled Autoupdate 1514402616 => c:\program files\opera\launcher.exe [2018-07-25] (Opera Software)
Task: {EF8C45CB-1C5D-4932-906B-3402CE809CC9} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4127452271-195137932-3024611630-1001 -> No File <==== ATTENTION
Task: {F71F8D5C-14D0-438B-B7C4-D1E1A55EDDEE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F79F9E09-108A-4130-8F81-E764426E15CB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {FA383E38-51E4-4577-8D95-253A610B5003} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FEEE30A9-40CD-414F-A2F6-6A48DB1F604C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Jakub\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2014-01-27 05:18 - 2012-04-24 12:43 - 000390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-11-29 23:07 - 2015-11-29 23:07 - 000138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-05 16:39 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\13674libfoxloader-x64.dll
2018-08-17 21:58 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-25 20:09 - 2018-07-25 20:09 - 004383232 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1807.1991.0_x64__8wekyb3d8bbwe\OneConnect.dll
2018-08-03 19:11 - 2018-08-03 19:13 - 000066048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-08-03 19:11 - 2018-08-03 19:13 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-08-12 09:30 - 2018-08-12 09:32 - 035124224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-08-12 09:30 - 2018-08-12 09:31 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-08-12 09:30 - 2018-08-12 09:30 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 22:12 - 2017-09-26 22:20 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-12 09:30 - 2018-08-12 09:31 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-05-24 14:51 - 2018-05-24 14:51 - 027470488 _____ () C:\Users\Jakub\AppData\Roaming\ICQ\bin\icq.exe
2017-06-09 22:01 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-05-06 19:03 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2018-08-09 19:40 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-09 19:40 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2015-12-14 16:28 - 2015-12-14 16:28 - 000078808 _____ () C:\Program Files\Lenovo\iMController\AutoUpdate.exe
2015-12-14 16:28 - 2015-12-14 16:28 - 000020952 _____ () C:\Program Files\Lenovo\iMController\LegacyFeatures.exe
2015-12-14 16:28 - 2015-12-14 16:28 - 000026584 _____ () C:\Program Files\Lenovo\iMController\PluginCommunication.exe
2017-11-22 20:48 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\3556libfoxloader.dll
2018-05-24 14:51 - 2018-05-24 14:51 - 004759704 _____ () C:\Users\Jakub\AppData\Roaming\ICQ\bin\corelib.dll
2018-05-03 11:03 - 2018-05-03 11:03 - 001184256 _____ () C:\Users\Jakub\AppData\Local\Facebook\Games\CefSharp.Core.dll
2018-05-03 11:03 - 2018-05-03 11:03 - 071641088 _____ () C:\Users\Jakub\AppData\Local\Facebook\Games\libcef.dll
2017-05-06 19:03 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-03-06 08:16 - 2018-03-06 08:16 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-06-25 18:32 - 2018-06-25 18:32 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-06-25 18:32 - 2018-06-25 18:32 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-05-03 11:03 - 2018-05-03 11:03 - 000774656 _____ () C:\Users\Jakub\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2018-05-03 11:03 - 2018-05-03 11:03 - 003149824 _____ () C:\Users\Jakub\AppData\Local\Facebook\Games\libglesv2.dll
2018-05-03 11:03 - 2018-05-03 11:03 - 000078848 _____ () C:\Users\Jakub\AppData\Local\Facebook\Games\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-08-20 22:14 - 000000864 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{346D2489-E615-47A9-9D75-A857CE94E647}] => (Allow) C:\Program Files (x86)\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe
FirewallRules: [{A17F1E89-872C-4E68-968B-5854E29202D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe
FirewallRules: [{7D8FB79B-1965-4D17-BEB7-69CDA279ED51}] => (Allow) C:\Program Files (x86)\Ubisoft\Prince of Persia\Prince of Persia.exe
FirewallRules: [{5DBEB047-5C60-4026-9E22-A007460D18BA}] => (Allow) C:\Program Files (x86)\Ubisoft\Prince of Persia\Prince of Persia.exe
FirewallRules: [{22F355DF-16B8-42B8-91BF-43E5771C4C97}] => (Allow) C:\Program Files\HP\HP DeskJet 5570 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{ED7D97FD-AB83-44C7-A41B-3BCBFCE45C24}] => (Allow) LPort=5357
FirewallRules: [{40EBEC92-0620-4A15-A007-C99517ECFE2B}] => (Allow) C:\Program Files\HP\HP DeskJet 5570 series\Bin\DeviceSetup.exe
FirewallRules: [{9D3414E0-9BDE-4305-9EF5-895285A31353}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{64E6FCE3-44BF-4B23-9548-697909337A5E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{585CED4C-2946-4207-8B29-C2E1357478B1}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{B532A0AC-466B-4E20-B2FA-B9A75BB8E767}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [UDP Query User{363F4D0F-DC96-4CC8-A5FB-404819185BAE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{4EBAEFEC-BEE9-43B4-B7C9-2722DE3B73A5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6EF5DA4C-2CD0-4280-97AA-5E5CB634138C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3AD1B9DE-57FA-4D79-8701-6488D08E4834}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{89B0791B-2B58-42C4-B838-F9E26C7B92DA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8743840A-9B70-4A7C-A00E-628020004277}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7B34885C-9A45-4593-875C-1FC7BDDADADA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{ADF0EFBD-D4CB-48C4-B66C-998AA65ABB50}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{BEC25F80-A1E5-4732-8B8D-5D6E2F111651}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{843A16D7-0111-4A06-9743-46B816E0BAEB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6FC1B24F-F575-4765-B6CD-DEF896CC1DB0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{3B4A5990-F549-460C-B05F-1481504F0166}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{08927969-0004-4379-A4C6-70E98B0D38DA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{BA38858F-CBCD-4F69-8768-86106A9F6EDF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{50CA30E4-A8D3-4500-B7A7-009A903CCC20}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{692808DA-30D2-44C0-9B0E-E2981DBD21C0}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{58D20969-0970-43F5-8F63-C1F13A883369}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{BA776DAB-30A1-4B66-803D-B2B3512019B4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{76ADB75E-7710-438D-BE1C-12218094CB48}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{1FC11FC7-1893-4BC0-8966-764ECFC5AB1B}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{DC721094-FE22-49F7-A952-82D0909DFAA8}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [TCP Query User{F33B6802-D97F-4D62-8B01-9BD643EC6F36}C:\program files (x86)\dop3sim\dop3server.exe] => (Block) C:\program files (x86)\dop3sim\dop3server.exe
FirewallRules: [UDP Query User{B2D5AF6D-4514-491A-8DA1-57D94B4405E9}C:\program files (x86)\dop3sim\dop3server.exe] => (Block) C:\program files (x86)\dop3sim\dop3server.exe
FirewallRules: [{DEA2A610-25B0-4969-BDE9-AC18EADCD4AD}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{B156E144-3E7A-4C8C-8031-D74037FC7640}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{D415F4DF-9486-483E-94B2-AFA890BA1C66}] => (Allow) LPort=26675
FirewallRules: [{9DA757C0-A9F2-49E2-A956-BCEF92D70476}] => (Allow) C:\Program Files (x86)\Ubisoft\The Settlers 7 - CESTA KE KORUNĚ\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{5CD91318-3B94-4D05-8666-A12ED90356B3}] => (Allow) C:\Program Files (x86)\Ubisoft\The Settlers 7 - CESTA KE KORUNĚ\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{C5AF4196-E9E3-4F28-B53C-9E613697EB93}] => (Allow) c:\program files\opera\54.0.2952.60\opera.exe
FirewallRules: [{CDFA6CE4-D1BC-4637-B11F-B940E83EE6B1}] => (Allow) c:\program files\opera\54.0.2952.64\opera.exe
FirewallRules: [{D4EA61B3-42BE-4AA1-91B0-58E08EB94752}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{888DB2F0-204E-4AAC-A891-15FE4E35D116}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{66756497-AB89-4099-8B0D-D86D2C703235}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C5452E18-2A51-4D93-A683-1B3DCFE1FBA9}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

04-08-2018 09:09:46 Naplánovaný kontrolní bod
06-08-2018 18:47:40 Instalační služba modulů systému Windows
07-08-2018 20:46:56 Instalační služba modulů systému Windows
09-08-2018 19:38:32 Instalační služba modulů systému Windows
12-08-2018 10:46:46 Instalační služba modulů systému Windows
17-08-2018 21:56:58 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/27/2018 06:42:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: cnext.exe, verze: 10.1.1.1522, časové razítko: 0x565bcb13
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x1d7c
Čas spuštění chybující aplikace: 0x01d43e24452e5f51
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\cnext.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 59e8c4ca-1384-44f4-a4d9-f3c905c0ebe0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/27/2018 06:40:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/27/2018 06:37:35 PM) (Source: ESENT) (EventID: 447) (User: )
Description: Catalog Database (3348,D,27) Catalog Database: V B-stromu (ObjectId: 9, PgnoRoot: 35) v databázi C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb (8248 => 2510, 9) se zjistil špatný odkaz na stránku (chyba: -327).

Error: (08/27/2018 06:37:31 PM) (Source: ESENT) (EventID: 544) (User: )
Description: Catalog Database (3348,D,27) Catalog Database: Ověření načtení stránky databáze ze souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb na posunu 36626432 (0x00000000022ee000) (stránka databáze 8941 (0x22ED)) o 4096 (0x00001000) bajtů se nepovedlo. Došlo k neshodě časových razítek detekce zachovaného ztraceného vyprázdnění. Operace čtení se nepodaří a dojde k chybě -1119 (0xfffffba1).

Stav vyprázdnění stránky databáze 8941 (0x22ED) byl 1, zatímco stav vyprázdnění na stránce mapy vyprázdnění 0 (0x0) byl 3.
Pokud s tím budou dál problémy, obnovte databázi z předchozí zálohy. Příčinou tohoto problému je pravděpodobně vadný hardware. O další pomoc s diagnostikováním problému požádejte dodavatele hardwaru.

Error: (08/27/2018 06:37:30 PM) (Source: ESENT) (EventID: 544) (User: )
Description: Catalog Database (3348,D,27) Catalog Database: Ověření načtení stránky databáze ze souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb na posunu 28475392 (0x0000000001b28000) (stránka databáze 6951 (0x1B27)) o 4096 (0x00001000) bajtů se nepovedlo. Došlo k neshodě časových razítek detekce zachovaného ztraceného vyprázdnění. Operace čtení se nepodaří a dojde k chybě -1119 (0xfffffba1).

Stav vyprázdnění stránky databáze 6951 (0x1B27) byl 3, zatímco stav vyprázdnění na stránce mapy vyprázdnění 0 (0x0) byl 2.
Pokud s tím budou dál problémy, obnovte databázi z předchozí zálohy. Příčinou tohoto problému je pravděpodobně vadný hardware. O další pomoc s diagnostikováním problému požádejte dodavatele hardwaru.

Error: (08/27/2018 06:34:37 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (08/27/2018 08:09:54 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (08/27/2018 07:41:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (08/27/2018 06:40:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/27/2018 06:38:09 PM) (Source: DCOM) (EventID: 10016) (User: BG-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Bg-PC\Jakub (SID: S-1-5-21-4127452271-195137932-3024611630-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/27/2018 06:37:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/27/2018 06:37:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/27/2018 06:36:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/27/2018 06:34:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (08/27/2018 06:33:34 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Soubor s výpisem paměti se nepodařilo vytvořit kvůli chybě při vytváření výpisu paměti.

Error: (08/27/2018 06:33:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (7:30:56, ‎27.‎08.‎2018) bylo neočekávané.


Windows Defender:
===================================
Date: 2018-08-12 20:54:21.597
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {AA99BF82-C65F-4B9D-BEC6-DE07AD0D5A32}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: Bg-PC\Jakub

Date: 2018-08-12 20:41:23.689
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Fuerboos.E!cl
ID: 2147723656
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\IEcache.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Bg-PC\Jakub
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze podpisu: AV: 1.273.1264.0, AS: 1.273.1264.0, NIS: 1.273.1264.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-08-12 20:40:03.602
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Fuerboos.E!cl
ID: 2147723656
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\IEcache.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Bg-PC\Jakub
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze podpisu: AV: 1.273.1264.0, AS: 1.273.1264.0, NIS: 1.273.1264.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-08-12 20:39:37.314
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Fuerboos.E!cl
ID: 2147723656
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\IEcache.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Bg-PC\Jakub
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze podpisu: AV: 1.273.1264.0, AS: 1.273.1264.0, NIS: 1.273.1264.0
Verze modulu: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-08-07 20:11:44.203
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8D438E67-8A6C-4779-BD02-F702EC950D4D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-31 20:50:36.083
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.514.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-07-31 20:50:36.082
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.514.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-07-31 20:50:36.082
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.514.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-07-31 20:50:36.071
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.514.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-07-31 20:50:36.071
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.514.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 46%
Total physical RAM: 8104.27 MB
Available physical RAM: 4357.44 MB
Total Virtual: 9640.27 MB
Available Virtual: 5973.67 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:303.76 GB) (Free:129.52 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:20 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:586.04 GB) (Free:398.62 GB) NTFS

\\?\Volume{c198d4a4-eb2d-4532-b821-e163bf2e85a5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.62 GB) NTFS
\\?\Volume{36c42abc-3084-4288-ac15-692402ad4cf3}\ (PBR_DRV) (Fixed) (Total:14.38 GB) (Free:4.28 GB) NTFS
\\?\Volume{dceb4b4b-3928-4ada-b6ff-94f295ae9de7}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 452C2A5D)

Partition: GPT.

==================== End of Addition.txt ============================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  VirusTotal: C:\Windows\System32\mshta.exe
  VirusTotal: C:\Windows\IEcache.exe
  File: C:\Windows\System32\mshta.exe
  File: C:\Windows\IEcache.exe
  File: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
  File: C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe 
  File: C:\Program Files\Intel\iCLS Client\HeciServer.exe
  File: C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
  CMD: move "C:\Users\Jakub\lll.txt" "C:\Users\Jakub\Documents"
  
  HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
  HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=29530
  HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
  HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
  CHR NewTab: Default ->  Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
  CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
  CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
  CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
  CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
  CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
  CHR HKLM-x32\...\Chrome\Extension: [iphahelpmejkbidhiecfeicblienleon] - hxxps://clients2.google.com/service/update2/crx
  2018-08-20 22:14 - 2018-08-21 23:24 - 000000000 ____D C:\Program Files\trend micro
  2018-08-20 22:14 - 2018-08-20 22:14 - 001222144 _____ C:\Users\Jakub\Downloads\RSITx64.exe
  2018-08-20 22:14 - 2018-08-20 22:14 - 000000000 ____D C:\rsit
  2017-05-06 19:10 - 2017-05-06 19:10 - 000000000 _____ () C:\Users\Jakub\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
  
  HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\ChromeHTML: ->  <==== ATTENTION
  ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  Task: {210C043A-3D8B-453B-A540-C9C689B79384} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
  Task: {26CBC4A4-7201-4EAB-8C54-0DC27C78D044} - \SystemSettings -> No File <==== ATTENTION
  Task: {4A665310-93D0-4CB1-B677-E3721D857D4D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
  Task: {6A777722-9BED-4804-8368-AF33FBDBA461} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
  Task: {744B31FB-6881-44AD-8A24-AB258C6532C8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  Task: {7F5EEF87-EF3D-4E7F-92B9-2E7DB775BC84} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
  Task: {7FB2AEC1-8B88-435A-8705-45FF2CD8B937} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
  Task: {85688563-A8DF-4125-B0ED-F850C3653642} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
  Task: {9DAC891B-51C9-480F-93D5-3B79C26452D9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
  Task: {BE684004-7638-48EE-8E38-BBD39EC7CEB8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[Biggest]

Fix result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Jakub (27-08-2018 19:40:21) Run:1
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub & svatba)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\Windows\System32\mshta.exe
VirusTotal: C:\Windows\IEcache.exe
File: C:\Windows\System32\mshta.exe
File: C:\Windows\IEcache.exe
File: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File: C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
File: C:\Program Files\Intel\iCLS Client\HeciServer.exe
File: C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
CMD: move "C:\Users\Jakub\lll.txt" "C:\Users\Jakub\Documents"

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=29530
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iphahelpmejkbidhiecfeicblienleon] - hxxps://clients2.google.com/service/update2/crx
2018-08-20 22:14 - 2018-08-21 23:24 - 000000000 ____D C:\Program Files\trend micro
2018-08-20 22:14 - 2018-08-20 22:14 - 001222144 _____ C:\Users\Jakub\Downloads\RSITx64.exe
2018-08-20 22:14 - 2018-08-20 22:14 - 000000000 ____D C:\rsit
2017-05-06 19:10 - 2017-05-06 19:10 - 000000000 _____ () C:\Users\Jakub\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt

HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\ChromeHTML: -> <==== ATTENTION
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {210C043A-3D8B-453B-A540-C9C689B79384} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {26CBC4A4-7201-4EAB-8C54-0DC27C78D044} - \SystemSettings -> No File <==== ATTENTION
Task: {4A665310-93D0-4CB1-B677-E3721D857D4D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6A777722-9BED-4804-8368-AF33FBDBA461} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {744B31FB-6881-44AD-8A24-AB258C6532C8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7F5EEF87-EF3D-4E7F-92B9-2E7DB775BC84} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {7FB2AEC1-8B88-435A-8705-45FF2CD8B937} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {85688563-A8DF-4125-B0ED-F850C3653642} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9DAC891B-51C9-480F-93D5-3B79C26452D9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BE684004-7638-48EE-8E38-BBD39EC7CEB8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 13206
Average :
Sum : 2899615580
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

VirusTotal: C:\Windows\System32\mshta.exe => https://www.virustotal.com/file/64e7a25 ... 533662895/
"VirusTotal: C:\Windows\IEcache.exe" => not found

========================= File: C:\Windows\System32\mshta.exe ========================

C:\Windows\System32\mshta.exe
File is digitally signed
MD5: 197FC97C6A843BEBB445C1D9C58DCBDB
Creation and modification date: 2018-04-12 01:33 - 2018-04-12 01:33
Size: 000014848
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: MSHTA.EXE
Original Name: MSHTA.EXE
Product: Internet Explorer
Description: Microsoft (R) HTML Application host
File Version: 11.00.17134.1 (WinBuild.160101.0800)
Product Version: 11.00.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/64e7a25 ... 533662895/

====== End of File: ======


========================= File: C:\Windows\IEcache.exe ========================

"C:\Windows\IEcache.exe" => not found
====== End of File: ======


========================= File: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe ========================

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File is digitally signed
MD5: 95000560239032BC68B4C2FDFCDEF913
Creation and modification date: 2018-04-12 01:35 - 2018-04-12 01:35
Size: 000447488
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: POWERSHELL
Original Name: PowerShell.EXE
Product: Microsoft® Windows® Operating System
Description: Windows PowerShell
File Version: 10.0.17134.1 (WinBuild.160101.0800)
Product Version: 10.0.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/d3f8fad ... 535354058/

====== End of File: ======


========================= File: C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe ========================

C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
File not signed
MD5: BEE9FD66BC285BAC23407255EDEB7C06
Creation and modification date: 2015-11-29 23:07 - 2015-11-29 23:07
Size: 000138752
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/dfd0ee3 ... 526409202/

====== End of File: ======


========================= File: C:\Program Files\Intel\iCLS Client\HeciServer.exe ========================

C:\Program Files\Intel\iCLS Client\HeciServer.exe
File not signed
MD5: 0DB1E3F6189C628675F855C0EB510419
Creation and modification date: 2013-05-12 03:45 - 2013-05-12 03:45
Size: 000733696
Attributes: ----A
Company Name: Intel(R) Corporation
Internal Name: HeciServer
Original Name: HeciServer.exe
Product: Intel(R) Capability Licensing Service Interface
Description: Intel(R) Capability Licensing Service Interface
File Version: 1.28.487.1 sys_sysscbld
Product Version: 1,28,487,1
Copyright: (C) Copyright Intel(R) Corporation
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ========================

C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
File not signed
MD5: 86B8B1F5C1189D68B07666784BE882FE
Creation and modification date: 2013-09-07 11:27 - 2013-09-07 11:27
Size: 000323584
Attributes: ----A
Company Name: Atheros
Internal Name: Coex Agent
Original Name: Ath_CoexAgent.exe
Product: Ath_Coex Application
Description: Atheros Coex Service Application
File Version: 8.0.0.270
Product Version: 8.0.0.270
Copyright: Copyright (C) 2009
VirusTotal: 0

====== End of File: ======


========= move "C:\Users\Jakub\lll.txt" "C:\Users\Jakub\Documents" =========

1 file(s) moved.

========= End of CMD: =========

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => removed successfully
"HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => removed successfully
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"Chrome NewTab" => removed successfully
"HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig" => removed successfully
"HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd" => removed successfully
"HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iphahelpmejkbidhiecfeicblienleon" => removed successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Jakub\Downloads\RSITx64.exe => moved successfully
C:\rsit => moved successfully
C:\Users\Jakub\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt => moved successfully
"HKU\S-1-5-21-4127452271-195137932-3024611630-1001_Classes\ChromeHTML" => removed successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE" => removed successfully
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{210C043A-3D8B-453B-A540-C9C689B79384}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{210C043A-3D8B-453B-A540-C9C689B79384}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{26CBC4A4-7201-4EAB-8C54-0DC27C78D044}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26CBC4A4-7201-4EAB-8C54-0DC27C78D044}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemSettings" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A665310-93D0-4CB1-B677-E3721D857D4D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A665310-93D0-4CB1-B677-E3721D857D4D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A777722-9BED-4804-8368-AF33FBDBA461}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A777722-9BED-4804-8368-AF33FBDBA461}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{744B31FB-6881-44AD-8A24-AB258C6532C8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{744B31FB-6881-44AD-8A24-AB258C6532C8}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F5EEF87-EF3D-4E7F-92B9-2E7DB775BC84}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F5EEF87-EF3D-4E7F-92B9-2E7DB775BC84}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FB2AEC1-8B88-435A-8705-45FF2CD8B937}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FB2AEC1-8B88-435A-8705-45FF2CD8B937}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85688563-A8DF-4125-B0ED-F850C3653642}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85688563-A8DF-4125-B0ED-F850C3653642}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DAC891B-51C9-480F-93D5-3B79C26452D9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DAC891B-51C9-480F-93D5-3B79C26452D9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE684004-7638-48EE-8E38-BBD39EC7CEB8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE684004-7638-48EE-8E38-BBD39EC7CEB8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 127869685 B
Java, Flash, Steam htmlcache => 1274 B
Windows/system/drivers => 2468276 B
Edge => 2567464 B
Chrome => 584892243 B
Firefox => 41423447 B
Opera => 376429121 B

Temp, IE cache, history, cookies, recent:
Default => 13748 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 29292 B
LocalService => 0 B
NetworkService => 63524 B
NetworkService => 0 B
Jakub => 44912665 B
svatba => 43654 B

RecycleBin => 11641 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:43:47 ====

[Conder]

Nastala nejaka zmena?

Otazka, tento program tam chces mat?

Ak nepouzivas, odorucam odinstalovat Seznam Software (Seznam Listicka).

[Biggest]

Lišk(t)u jsem odinstaloval a co se problému týče, zdá se, že je klid.
Děkuji

[Conder]

Tak upraceme este po Seznam liste.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  C:\Program Files (x86)\Seznam.cz
  C:\Users\Jakub\AppData\Roaming\Seznam.cz
  
  HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
  HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=29530
  CHR NewTab: Default ->  Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
  CHR Extension: (Seznam doplněk - Esko) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-05]
  C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
  CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
  CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
  CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
  CHR HKLM-x32\...\Chrome\Extension: [iphahelpmejkbidhiecfeicblienleon] - hxxps://clients2.google.com/service/update2/crx
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[Biggest]

Fix result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Jakub (28-08-2018 21:56:41) Run:2
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub & svatba)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\Seznam.cz
C:\Users\Jakub\AppData\Roaming\Seznam.cz

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=29530
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Extension: (Seznam dopln�k - Esko) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-05]
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iphahelpmejkbidhiecfeicblienleon] - hxxps://clients2.google.com/service/update2/crx

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
C:\Program Files (x86)\Seznam.cz => moved successfully
"C:\Users\Jakub\AppData\Roaming\Seznam.cz" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => not found
"HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => not found
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"Chrome NewTab" => removed successfully
CHR Extension: (Seznam dopln�k - Esko) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-05] => Error: No automatic fix found for this entry.
"C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak" => not found
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => not found
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd => not found
HKU\S-1-5-21-4127452271-195137932-3024611630-1001\SOFTWARE\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iphahelpmejkbidhiecfeicblienleon => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12784823 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 368097 B
Edge => 0 B
Chrome => 396008690 B
Firefox => 71927274 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1806 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Jakub => 31362889 B
svatba => 0 B

RecycleBin => 4009910 B
EmptyTemp: => 502.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:58:27 ====

[Conder]

Vyzera to uz OK. Ak uz teda nie su ziadne problemy, tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

Plocha ma skoro 3 GB. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

[Biggest]

Děkuji ještě jednou. Plocha uklizena

[Conder]

Nie je zaco, rad som pomohol