VIRY.CZ

Dobry den,
prosim o kontrolu logu.
Dekuji


Logfile of random's system information tool 1.16 (written by random/random)
Run by stoupa101 at 2017-08-25 17:26:34
Microsoft Windows 10 Home
System drive C: has 12 GB (5%) free of 236 GB
Total RAM: 16289 MB (67% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:27:08, on 25.08.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\stoupa101\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\stoupa101\AppData\Local\Viber\Viber.exe
C:\Users\stoupa101\AppData\Roaming\uTorrent\utorrent.exe
C:\Users\stoupa101\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\stoupa101\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
C:\Users\stoupa101\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe
C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Git\bin\sh.exe
C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\stoupa101_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Invincea Web Redirector - {1C52FA7C-51B7-4621-9D5A-11101BA13134} - C:\Program Files (x86)\Invincea\Enterprise\InvRedirHostIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_ADF39C3253FCD0951CADB08AD48F1E6A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\stoupa101\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Viber] "C:\Users\stoupa101\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [uTorrent] "C:\Users\stoupa101\AppData\Roaming\uTorrent\utorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [ownCloud] C:\Program Files (x86)\ownCloud\owncloud.exe
O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
O4 - HKCU\..\Run: [LINE] "C:\Users\stoupa101\AppData\Local\LINE\bin\LineLauncher.exe" --booting
O4 - HKCU\..\Run: [OPENVPN-GUI] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\stoupa101\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [Spotify] C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Synology Cloud Station.lnk = C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem65.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service (ApHidMonitorService) - Alps Electric Co., Ltd. - C:\Program Files\DellTPad\HidMonitorSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dell Command | Power Manager Notify (dcpm-notify) - Dell Inc. - C:\Program Files\Dell\CommandPowerManager\NotifyService.exe
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service: Dell Data Vault Collector (DDVDataCollector) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Management Agent Service (DellMgmtAgent) - Dell Inc. - C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe
O23 - Service: Dell Security Framework Loader (DellMgmtLoader) - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
O23 - Service: DELL Security Framework Local Server (DellMgmtServer) - Dell, Inc. - C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe
O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dell Data Protection Security Tools Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem28.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\WINDOWS\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Invincea Service (InvProtectSvc) - Invincea, Inc. - C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\WINDOWS\System32\drivers\o2flash.exe (file missing)
O23 - Service: OpenVpnService - - C:\Program Files\OpenVPN\bin\openvpnserv2.exe
O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: OpenVPN Legacy Service (OpenVPNServiceLegacy) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SboxSvc - Invincea, Inc. - C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
O23 - Service: SDIOAssist - Unknown owner - C:\Windows\System32\SDIOAssist.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Intel(R) Common Connectivity Framework (STCServ) - Intel Corporation - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: wampapache64 - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.18\bin\httpd.exe
O23 - Service: wampmysqld64 - Unknown owner - c:\wamp\bin\mysql\mysql5.6.29\bin\mysqld.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16643 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k networkservice -s TermService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s bthserv
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-669d1869-934f-4b45-837d-3cfcacaa82fd -SystemEventPortName:HostProcess-03f5235d-caec-41d3-8056-d6ca1635ac52 -IoCancelEventPortName:HostProcess-5ec5f6aa-412c-4056-993e-f055f75c035a -NonStateChangingEventPortName:HostProcess-13cefa20-ce9e-4139-9aaa-5204bc32a6df -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f6b3847d-c4ce-4ef4-b72c-b3f872f18b24 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-62141773-cab1-401a-be4f-bf4707765b76 -SystemEventPortName:HostProcess-6c359b68-9629-4e85-bbc2-a467dec08a98 -IoCancelEventPortName:HostProcess-346d2d38-fa88-479d-9d49-8c9c1c2d0d6c -NonStateChangingEventPortName:HostProcess-f09fd8bc-1a6d-48a9-bb4c-26e24320490b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a9dc14f3-e86d-4b58-88e6-b221564cc776 -DeviceGroupId:
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bbd6de5c-205d-4d81-ac6c-a6df4b21218a -SystemEventPortName:HostProcess-b63b4461-0faa-49a0-bee3-c20910eafb07 -IoCancelEventPortName:HostProcess-33aaaee0-2fac-41bf-8a67-dd644010d58f -NonStateChangingEventPortName:HostProcess-b88f97d7-b984-4d5e-963e-6329a8268400 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:596e8a11-85a2-420f-8f71-7b045290b07b -DeviceGroupId:
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SCardSvr
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k netsvcs -s SessionEnv
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\AUDIODG.EXE 0x46c
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 1935586866528
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
c:\windows\system32\svchost.exe -k wbiosvcgroup -s WbioSrvc
"C:\Program Files\DellTPad\HidMonitorSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
"C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe"
"C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\WINDOWS\system32\ibtsiva.exe
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
C:\WINDOWS\System32\drivers\o2flash.exe
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
C:\WINDOWS\system32\IProsetMonitor.exe
"c:\program files\openvpn\bin\openvpnserv.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\System32\SDIOAssist.exe
"C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe"
"C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DPCardEngine.exe"
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NgcSvc
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
"C:\Program Files\DellTPad\Apoint.exe"
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
"C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DPAgent.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
C:\Program Files\DellTPad\Apntex.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\TortoiseSVN\bin\TSVNCache.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe" showtraymin
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" /s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
"C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
"C:\Users\stoupa101\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\stoupa101\AppData\Local\Viber\Viber.exe" StartMinimized
C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
"C:\Users\stoupa101\AppData\Roaming\uTorrent\utorrent.exe" /MINIMIZED
c:\windows\system32\svchost.exe -k netsvcs -s BITS
"C:\Program Files\OpenVPN\bin\openvpn-gui.exe
"C:\Users\stoupa101\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe" --autostart --minimized
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Users\stoupa101\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe" uTorrent_7476_00AFF150_760622058 µTorrent4823DF041B09 uTorrent
"C:\Users\stoupa101\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe" uTorrent_7476_00AFF1E8_143234887 µTorrent4823DF041B09 uTorrent
C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 "--database=C:\Users\stoupa101\AppData\Local\Spotify\User Data\Crashpad" "--metrics-dir=C:\Users\stoupa101\AppData\Local\Spotify\User Data" --url=https://crashdump.spotify.com:443 --annotation=channel= --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.0.60.492 --initial-client-data=0x588,0x58c,0x590,0x584,0x594,0x62be8214,0x62be8224,0x62be8234
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --no-sandbox --disable-d3d11 --lang=en-US --log-file="C:\Users\stoupa101\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.60.492 --app-protocol-secure --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,19,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4531 --gpu-driver-date=9-29-2016 --lang=en-US --log-file="C:\Users\stoupa101\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.60.492 --app-protocol-secure --service-request-channel-token=3D0F62FD29783710D6A2B648BA218F65 --mojo-platform-channel-handle=1716 /prefetch:2
"C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --disable-pinch --no-sandbox --primordial-pipe-token=9302C45359052F5FB9A23D10763CB58B --lang=en-US --lang=en-US --log-file="C:\Users\stoupa101\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.60.492 --disable-spell-checking --app-protocol-secure --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=9302C45359052F5FB9A23D10763CB58B --renderer-client-id=3 --mojo-platform-channel-handle=3028 /prefetch:1
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
"C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe"
"C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe"
"C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe"
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe"
"C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=60.0.3112.101 --initial-client-data=0x1dc,0x1e0,0x1e4,0x1d8,0x1e8,0x7ffee8a829c0,0x7ffee8a829d8,0x7ffee8a829e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=13284 --on-initialized-event-handle=636 --parent-handle=640 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,20,24,26,43,64,77 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4531 --gpu-driver-date=9-29-2016 --service-request-channel-token=82FDA2A863BC18746A88E659B6D4B1F4 --mojo-platform-channel-handle=1636 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=2A903187C570725D65BD8E85FF076D46 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=2A903187C570725D65BD8E85FF076D46 --renderer-client-id=4 --mojo-platform-channel-handle=3784 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=C4F1495A18C12AC2286E31701E1B1C0D --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=C4F1495A18C12AC2286E31701E1B1C0D --renderer-client-id=5 --mojo-platform-channel-handle=3812 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=988732370251C8B79D044DD5B39C1F81 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=988732370251C8B79D044DD5B39C1F81 --renderer-client-id=6 --mojo-platform-channel-handle=3944 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=CC6936F5D3136CD0B7C286BFCDB7E0D5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=CC6936F5D3136CD0B7C286BFCDB7E0D5 --renderer-client-id=9 --mojo-platform-channel-handle=4072 /prefetch:1
"C:\Program Files\Altap Salamander\salamand.exe"
"C:\Program Files\Altap Salamander\utils\salmon.exe" "Salmon280" "czech.slg"
"C:\Program Files\MPC-HC\mpc-hc64.exe" "C:\Users\stoupa101\Downloads\_WATCH\Preacher.S02E10.HDTV.x264-SVA.mkv"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=CA2707C3D0912F1E670D6D052657B9EE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=CA2707C3D0912F1E670D6D052657B9EE --renderer-client-id=12 --mojo-platform-channel-handle=6656 /prefetch:1
"C:\Program Files (x86)\Git\bin\sh.exe" --login -i
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\PSPad editor\PSPad.exe" "build.xml"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
"C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\App\sqldeveloper4_2_0\sqldeveloper\bin\sqldeveloper64W.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=A5C3E0E5FFBEFA7A57904A4D59575CE5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=A5C3E0E5FFBEFA7A57904A4D59575CE5 --renderer-client-id=14 --mojo-platform-channel-handle=5544 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=BC5115188A059304266702B3AAD5E104 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=BC5115188A059304266702B3AAD5E104 --renderer-client-id=18 --mojo-platform-channel-handle=4472 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=3A392A37C9B9C687EBFE927FC7D8C3AC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=3A392A37C9B9C687EBFE927FC7D8C3AC --renderer-client-id=22 --mojo-platform-channel-handle=8088 /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=6B8AC8BC521D77915519667EFBC16079 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=6B8AC8BC521D77915519667EFBC16079 --renderer-client-id=28 --mojo-platform-channel-handle=8484 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=13A40E1DDB41EBA74BEA7BE8A5A0C008 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=13A40E1DDB41EBA74BEA7BE8A5A0C008 --renderer-client-id=32 --mojo-platform-channel-handle=8660 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1536,14149646838868881734,10350626243630444508,131072 --service-pipe-token=F1D7FC81DE91D40C4791ACF59127C69C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.5 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=F1D7FC81DE91D40C4791ACF59127C69C --renderer-client-id=34 --mojo-platform-channel-handle=7704 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
"C:\Users\stoupa101\Downloads\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\WINDOWS\tasks\RunDFS.job - cmd /c sc start "Dell Foundation Services"
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\Dell SupportAssistAgent AnonymousRegistration - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe AnonymousRegistration
C:\WINDOWS\system32\tasks\Dell SupportAssistAgent AutoUpdate - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe AutoUpdate
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\IntelBootstrapCCDashExe - C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe /tasktrayonly
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-1044220912-1926083053-1571816506-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\PCDDataUploadTask - "uaclauncher.exe" -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait
C:\WINDOWS\system32\tasks\PCDEventLauncherTask - "C:\Program Files\Dell\SupportAssist\sessionchecker.exe"
C:\WINDOWS\system32\tasks\PCDoctorBackgroundMonitorTask - "C:\Program Files\Dell\SupportAssist\uaclauncher.exe" -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
C:\WINDOWS\system32\tasks\RtHDVBg_PushButton - "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
C:\WINDOWS\system32\tasks\SystemToolsDailyTest - "uaclauncher.exe" -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Subsystem for Linux\AptPackageIndexUpdate - %windir%\System32\LxRun.exe /update
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - %systemroot%\system32\usoclient.exe ScanInstallWait
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunCampaignManager - %windir%\System32\UNP\UNPCampaignManager.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Dell\Command Update - "C:\Program Files (x86)\Dell\CommandUpdate\DellCommandUpdate.exe" -auto
C:\WINDOWS\system32\tasks\Dell\Dell Product Registration - C:\Program Files (x86)\Dell Product Registration\prodreg.exe /boot /LSRC=autolaunch
C:\WINDOWS\system32\tasks\Dell\Dell Product Registration Update - C:\Program Files (x86)\Dell Product Registration\prodreg.exe /updatecheck /LSRC=autolaunch
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task

=========Mozilla firefox=========

ProfilePath - C:\Users\stoupa101\AppData\Roaming\Mozilla\Firefox\Profiles\4jltx1yr.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\components\npChromeDPAgent.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


C:\Users\stoupa101\AppData\Roaming\Mozilla\Firefox\Profiles\4jltx1yr.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

C:\Users\stoupa101\AppData\Roaming\Mozilla\Firefox\Profiles\4jltx1yr.default\extensions.json
Multi-process staged rollout - extension - e10srollout@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Web Compat - extension - webcompat@mozilla.org -
Application Update Service Helper - extension - aushelper@mozilla.org -
Firefox Screenshots - extension - screenshots@mozilla.org -
Click-to-Play staged rollout - extension - clicktoplay-rollout@mozilla.org -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -
Dell Data Protection | Security Tools - extension - dpmaxz_ng@jetpack -
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -

C:\Users\stoupa101\AppData\Roaming\Mozilla\Firefox\Profiles\4jltx1yr.default\pluginreg.dat
Plugin - Shockwave Flash - 26.0.0.151 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll

=========Google Chrome=========

C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aaephdgbinagkeepamlbkhkfbiaedabm 1 QR kód 1.5
Extension aapocclcgogkmnckokdopfmhonfmgoek 0 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 0 Dokumenty Google 0.9
Extension apboafhkiegglekeafbckfjldecefkhn 1 Lucidchart Diagramy - On-line 21.2.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension beobeededemalmllhkmnkinmfembdimh 1 TV 1.0.12
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bjhnfghnbhfjhoiiaoibdhfnfpicfknh 0 Downloads 0.9
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension bnbbfjbeaefgipfjpdabmpadaacmafkj
Extension chcaflnbhnoegjedbjaamecefhglfamc 0 Star Legends 2.0.0.1
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension dcjeclnkejmbepoibfnamioojinoopln 1 AutoCAD 360 2.0
Extension dnhpdliibojhegemfjheidglijccjfmc 1 hotword helper 0.0.2.0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ejnkaeblpdcamcioiiabclakabcbjmbl 1 Box 1.2.2
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension fahmaaghhglfmonjliepjlchgpgfmobi 0 Hudba Google Play 1.374.0
Extension felcaaldnbdncclmgdcncolpebgiejap 0 Tabulky Google 1.1
Extension fgdgokchhicmaiacmgegjnppjkgogdhm 1 PicMonkey 1.7
Extension fngmhnnpilhplaeedifhccceomclgfbg 0 EditThisCookie 1.4.1
Extension gdkjifoifglkpcdffkenpinlbjgephlo 1 Hodiny 1.11
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ggkljdkflooidjlkahdnfgodflkelkai
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 0 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.15.0
Extension icmaknaampgiegkcjlimdiidlhopknpk 1 Pixlr Editor 7.0.1.2
Extension ioekoebejdcmnlefjiknokhhafglcjdl 1 Dropbox 3.2.0
Extension kejpkobjpcojlfjehgmhjgagcgapclhk
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lccekmodgklaepjeofjdjpbminllajkg
Extension lcldcllmbokpbniijpnkpgoboadbfphb 1 Stop AutoRefresh 1.2.1
Extension ljphpjlafmmdmegmfbkacafhbegjfkkn 1 Top Eleven 2.0.0.5
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgijmajocgfcbeboacabfgobmjgjcoja 0 Google Dictionary (by Google) 4.0.8
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mijlebbfndhelmdpmllgcfadlkankhok 0 Quick Note 1.6.15
Extension nbpagnldghgfoolbancepceaanlmhfmd 1 Hotword triggering 0.0.1.4
Extension ncffjdbbodifgldkcbhmiiljfcnbgjab 2 Dell Data Protection | Security Tools 1.3.0.5842
Extension nckgahadagoaajjgafhacjanaoiihapd 1 Hangouts Google 2017.420.419.1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.4
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension onlgmecjpnejhfeofkgbfgnmdlipdejb 1 Picasa 6.2.2
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pdknckljjbdpkhgmcokoahffbdinafbo
Extension pgjchkcfmigkkhedgjedmffdepgmpfil 1 Psykopaint 1.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6017.605.1.4
Homepage: http://www.google.com/
default_search_provider.search_url:
C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab]
"Path"=C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome.crx


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={E0723127-C7CC-4175-B469-FD7CDC8F3331}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E0723127-C7CC-4175-B469-FD7CDC8F3331}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=DCJB


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={E0723127-C7CC-4175-B469-FD7CDC8F3331}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{E0723127-C7CC-4175-B469-FD7CDC8F3331}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=DCJB

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C52FA7C-51B7-4621-9D5A-11101BA13134}]
Invincea Web Redirector - C:\Program Files (x86)\Invincea\Enterprise\X64\InvRedirHostIE64.dll [2017-03-15 849544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C52FA7C-51B7-4621-9D5A-11101BA13134}]
Invincea Web Redirector - C:\Program Files (x86)\Invincea\Enterprise\InvRedirHostIE.dll [2017-03-15 799880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-26 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-26 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2016-10-20 773760]
"CSFTrayApp"=C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe [2014-09-11 232288]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-11-24 71168]
"IntelConnectCenter"=C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16 90112]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-05-27 8474880]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-27 1403800]
"WavesSvc"=C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [2015-03-01 609200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_ADF39C3253FCD0951CADB08AD48F1E6A"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-08-11 1301848]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-03-23 3019552]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17 31280256]
"OneDrive"=C:\Users\stoupa101\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-08-22 1674960]
"Viber"=C:\Users\stoupa101\AppData\Local\Viber\Viber.exe [2017-08-03 30867536]
"uTorrent"=C:\Users\stoupa101\AppData\Roaming\uTorrent\utorrent.exe [2017-07-01 2146496]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-13 9803992]
"ownCloud"=C:\Program Files (x86)\ownCloud\owncloud.exe [2017-03-21 1990144]
"BlueStacks Agent"=C:\Program Files (x86)\Bluestacks\HD-Agent.exe [2016-08-11 978456]
"LINE"=C:\Users\stoupa101\AppData\Local\LINE\bin\LineLauncher.exe [2017-04-13 617840]
"OPENVPN-GUI"=C:\Program Files\OpenVPN\bin\openvpn-gui.exe [2017-01-31 584320]
"Spotify Web Helper"=C:\Users\stoupa101\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-08-24 1580144]
"Spotify"=C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe [2017-08-24 15866480]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2015-08-14 136992]
"VolPanel"=C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe [2010-12-08 241757]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]

C:\Users\stoupa101\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Synology Cloud Station.lnk - C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

====== List of files/folders created in the last 1 month ======

2017-08-24 16:36:26 ----D---- C:\Users\stoupa101\AppData\Roaming\Spotify
2017-08-15 14:52:29 ----D---- C:\WINDOWS\Panther
2017-08-09 16:03:46 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-08-09 16:03:46 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-08-09 16:03:46 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-08-09 16:03:46 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-08-09 16:03:46 ----A---- C:\WINDOWS\system32\tquery.dll
2017-08-09 16:03:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-08-09 16:03:45 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-08-09 16:03:45 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-08-09 16:03:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-08-09 16:03:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\msrepl40.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\msjtes40.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\msjetoledb40.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2017-08-09 16:03:43 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\mswdat10.dll
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\msjter40.dll
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-08-09 16:03:42 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-08-09 16:03:41 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-08-09 16:03:41 ----A---- C:\WINDOWS\SYSWOW64\tokenbinding.dll
2017-08-09 16:03:41 ----A---- C:\WINDOWS\SYSWOW64\sscore.dll
2017-08-09 16:03:41 ----A---- C:\WINDOWS\SYSWOW64\fdeploy.dll
2017-08-09 16:03:41 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-08-09 16:03:41 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-08-09 16:03:41 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-08-09 16:03:40 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-08-09 16:03:40 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-08-09 16:03:40 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-08-09 16:03:39 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-08-09 16:03:38 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-08-09 16:03:37 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-08-09 16:03:36 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-08-09 16:03:36 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-08-09 16:03:36 ----A---- C:\WINDOWS\system32\drivers\lxcore.sys
2017-08-09 16:03:35 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-08-09 16:03:35 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2017-08-09 16:03:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-08-09 16:03:34 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-08-09 16:03:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-08-09 16:03:32 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-08-09 16:03:31 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-08-09 16:03:31 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-08-09 16:03:30 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-08-09 16:03:30 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-08-09 16:03:29 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-08-09 16:03:29 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-08-09 16:03:29 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-09 16:03:29 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-08-09 16:03:29 ----A---- C:\WINDOWS\system32\wer.dll
2017-08-09 16:03:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-08-09 16:03:29 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-08-09 16:03:29 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2017-08-09 16:03:29 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-08-09 16:03:28 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-08-09 16:03:28 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-08-09 16:03:28 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-08-09 16:03:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-09 16:03:28 ----A---- C:\WINDOWS\system32\msIso.dll
2017-08-09 16:03:28 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-08-09 16:03:27 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 16:03:27 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-09 16:03:27 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-08-09 16:03:27 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-08-09 16:03:26 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-09 16:03:26 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-09 16:03:25 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-08-09 16:03:24 ----A---- C:\WINDOWS\system32\policymanager.dll
2017-08-09 16:03:24 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-08-09 16:03:24 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\werui.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\sscore.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\scksp.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\profsvcext.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\fdeploy.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-09 16:03:23 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-08-09 16:03:22 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-08-09 16:03:22 ----A---- C:\WINDOWS\system32\tokenbinding.dll
2017-08-09 16:03:22 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-09 16:03:22 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2017-08-09 16:03:22 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-08-09 16:03:22 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2017-08-09 16:03:22 ----A---- C:\WINDOWS\system32\dmcsps.dll
2017-08-09 16:03:22 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-09 16:03:22 ----A---- C:\WINDOWS\system32\coredpus.dll
2017-08-09 16:03:22 ----A---- C:\WINDOWS\system32\configmanager2.dll
2017-08-08 14:53:21 ----D---- C:\WINDOWS\SYSWOW64\SDA
2017-08-07 21:17:47 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-08-07 21:17:47 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2017-08-07 21:17:47 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-08-07 21:17:47 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-08-07 21:17:47 ----A---- C:\WINDOWS\SYSWOW64\IpNatHlpClient.dll
2017-08-07 21:17:47 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-08-07 21:17:47 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-08-07 21:17:47 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2017-08-07 21:17:47 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2017-08-07 21:17:47 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-08-07 21:17:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-08-07 21:17:46 ----A---- C:\WINDOWS\SYSWOW64\VsGraphicsDesktopEngine.exe
2017-08-07 21:17:46 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-08-07 21:17:46 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2017-08-07 21:17:46 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-08-07 21:17:45 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-08-07 21:17:45 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-08-07 21:17:45 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-08-07 21:17:45 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-08-07 21:17:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-08-07 21:17:44 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-08-07 21:17:44 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-08-07 21:17:44 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-08-07 21:17:44 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-08-07 21:17:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-08-07 21:17:43 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-08-07 21:17:42 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-08-07 21:17:42 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-08-07 21:17:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-07 21:17:42 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-08-07 21:17:42 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-08-07 21:17:41 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-08-07 21:17:41 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-08-07 21:17:41 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2017-08-07 21:17:40 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-08-07 21:17:39 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-08-07 21:17:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2017-08-07 21:17:38 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-08-07 21:17:38 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-08-07 21:17:38 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-08-07 21:17:38 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2017-08-07 21:17:38 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-08-07 21:17:37 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2017-08-07 21:17:37 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2017-08-07 21:17:37 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2017-08-07 21:17:37 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-08-07 21:17:37 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2017-08-07 21:17:37 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2017-08-07 21:17:37 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2017-08-07 21:17:37 ----A---- C:\WINDOWS\SYSWOW64\autofmt.exe
2017-08-07 21:17:37 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\shlwapi.dll
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\qasf.dll
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\msacm32.dll
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\cmintegrator.dll
2017-08-07 21:17:36 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2017-08-07 21:17:36 ----A---- C:\WINDOWS\system32\drivers\UcmUcsi.sys
2017-08-07 21:17:36 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2017-08-07 21:17:36 ----A---- C:\WINDOWS\system32\cmintegrator.dll
2017-08-07 21:17:35 ----A---- C:\WINDOWS\SYSWOW64\spbcd.dll
2017-08-07 21:17:35 ----A---- C:\WINDOWS\SYSWOW64\shsvcs.dll
2017-08-07 21:17:35 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2017-08-07 21:17:27 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-08-07 21:17:24 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-08-07 21:17:24 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-08-07 21:17:23 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-08-07 21:17:23 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-07 21:17:22 ----A---- C:\WINDOWS\system32\VCardParser.dll
2017-08-07 21:17:19 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-08-07 21:17:19 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-07 21:17:18 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-07 21:17:18 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-08-07 21:17:18 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2017-08-07 21:17:17 ----A---- C:\WINDOWS\system32\InputService.dll
2017-08-07 21:17:17 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-08-07 21:17:12 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-08-07 21:17:12 ----A---- C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-08-07 21:17:12 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2017-08-07 21:17:12 ----A---- C:\WINDOWS\system32\rastlsext.dll
2017-08-07 21:17:12 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-08-07 21:17:12 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-08-07 21:17:11 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-07 21:17:11 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-07 21:17:10 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-08-07 21:17:10 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-08-07 21:17:10 ----A---- C:\WINDOWS\system32\psmsrv.dll
2017-08-07 21:17:10 ----A---- C:\WINDOWS\system32\ole32.dll
2017-08-07 21:17:10 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-08-07 21:17:10 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-08-07 21:17:10 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-08-07 21:17:08 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2017-08-07 21:17:08 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-07 21:17:08 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-07 21:17:08 ----A---- C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-07 21:17:08 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-07 21:17:07 ----A---- C:\WINDOWS\SYSWOW64\bcd.dll
2017-08-07 21:17:07 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-07 21:17:07 ----A---- C:\WINDOWS\system32\services.exe
2017-08-07 21:17:07 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-07 21:17:07 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-07 21:17:07 ----A---- C:\WINDOWS\system32\hal.dll
2017-08-07 21:17:07 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-08-07 21:17:07 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-07 21:17:07 ----A---- C:\WINDOWS\system32\dxgi.dll
2017-08-07 21:17:07 ----A---- C:\WINDOWS\system32\bcd.dll
2017-08-07 21:17:06 ----A---- C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-07 21:17:06 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-07 21:17:06 ----A---- C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-07 21:17:06 ----A---- C:\WINDOWS\system32\officecsp.dll
2017-08-07 21:17:06 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-08-07 21:17:06 ----A---- C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-07 21:17:06 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-07 21:17:06 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-08-07 21:17:06 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-07 21:17:05 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-07 21:17:05 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-08-07 21:17:05 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-08-07 21:17:05 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-08-07 21:17:04 ----A---- C:\WINDOWS\system32\dwmredir.dll
2017-08-07 21:17:04 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-08-07 21:17:01 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-08-07 21:17:01 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2017-08-07 21:17:00 ----A---- C:\WINDOWS\system32\twinui.dll
2017-08-07 21:17:00 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-08-07 21:17:00 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-07 21:16:59 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-07 21:16:59 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-07 21:16:59 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-07 21:16:59 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2017-08-07 21:16:58 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-08-07 21:16:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-08-07 21:16:58 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-07 21:16:58 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-08-07 21:16:58 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-08-07 21:16:58 ----A---- C:\WINDOWS\system32\rastls.dll
2017-08-07 21:16:58 ----A---- C:\WINDOWS\system32\comdlg32.dll
2017-08-07 21:16:58 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-07 21:16:58 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-07 21:16:58 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-07 21:16:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-08-07 21:16:57 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-08-07 21:16:57 ----A---- C:\WINDOWS\system32\rasapi32.dll
2017-08-07 21:16:57 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-08-07 21:16:57 ----A---- C:\WINDOWS\system32\FrameServer.dll
2017-08-07 21:16:57 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-08-07 21:16:56 ----A---- C:\WINDOWS\system32\shell32.dll
2017-08-07 21:16:54 ----A---- C:\WINDOWS\system32\efscore.dll
2017-08-07 21:16:54 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2017-08-07 21:16:54 ----A---- C:\WINDOWS\system32\bcdedit.exe
2017-08-07 21:16:54 ----A---- C:\WINDOWS\system32\bcdboot.exe
2017-08-07 21:16:54 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-08-07 21:16:53 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-08-07 21:16:53 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-07 21:16:53 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-07 21:16:53 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-07 21:16:53 ----A---- C:\WINDOWS\system32\reseteng.dll
2017-08-07 21:16:52 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2017-08-07 21:16:52 ----A---- C:\WINDOWS\system32\wininit.exe
2017-08-07 21:16:52 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-07 21:16:52 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-07 21:16:52 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-08-07 21:16:52 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-07 21:16:52 ----A---- C:\WINDOWS\system32\lpasvc.dll
2017-08-07 21:16:52 ----A---- C:\WINDOWS\system32\autochk.exe
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\untfs.dll
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\shlwapi.dll
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\ReAgent.dll
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\ofdeploy.exe
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\msacm32.dll
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\autofmt.exe
2017-08-07 21:16:51 ----A---- C:\WINDOWS\system32\autoconv.exe
2017-08-07 21:16:50 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\spbcd.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\shsvcs.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\qasf.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\netlogon.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\dui70.dll
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2017-08-07 21:16:50 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2017-07-26 12:18:39 ----D---- C:\Users\stoupa101\AppData\Roaming\CDisplayEx
2017-07-26 12:18:25 ----AD---- C:\Program Files (x86)\CDisplayEx

====== List of files/folders modified in the last 1 month ======

2017-08-25 17:26:54 ----D---- C:\WINDOWS\Prefetch
2017-08-25 17:26:48 ----D---- C:\Program Files\trend micro
2017-08-25 17:26:45 ----D---- C:\Users\stoupa101\AppData\Roaming\uTorrent
2017-08-25 17:24:14 ----D---- C:\WINDOWS\system32\sru
2017-08-25 16:57:21 ----D---- C:\WINDOWS\Temp
2017-08-25 16:30:24 ----AD---- C:\WINDOWS\System32
2017-08-25 16:30:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-25 16:26:08 ----D---- C:\Users\stoupa101\AppData\Roaming\ViberPC
2017-08-25 16:24:26 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-08-25 16:21:07 ----D---- C:\NIX
2017-08-25 13:13:29 ----D---- C:\WINDOWS\system32\SleepStudy
2017-08-25 11:37:53 ----RD---- C:\WINDOWS\Microsoft.NET
2017-08-25 03:46:32 ----D---- C:\WINDOWS\AppReadiness
2017-08-24 06:38:55 ----HD---- C:\Program Files\WindowsApps
2017-08-23 19:26:54 ----D---- C:\WINDOWS\Registration
2017-08-22 13:07:51 ----D---- C:\WINDOWS\system32\Tasks
2017-08-21 19:18:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-21 19:18:32 ----AD---- C:\Program Files (x86)\Mozilla Thunderbird
2017-08-21 19:18:32 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-08-21 13:11:39 ----SHD---- C:\System Volume Information
2017-08-21 11:30:59 ----D---- C:\tmp
2017-08-21 09:01:17 ----D---- C:\WINDOWS\system32\config
2017-08-19 15:39:53 ----D---- C:\Film
2017-08-19 09:30:14 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-08-18 14:27:41 ----D---- C:\WINDOWS\LiveKernelReports
2017-08-15 18:48:05 ----D---- C:\WINDOWS\INF
2017-08-15 18:42:24 ----D---- C:\Windows
2017-08-15 16:15:12 ----D---- C:\WINDOWS\system32\CatRoot
2017-08-14 07:03:39 ----D---- C:\WINDOWS\system32\catroot2
2017-08-14 07:03:04 ----D---- C:\WINDOWS\rescache
2017-08-13 20:57:28 ----SHD---- C:\WINDOWS\Installer
2017-08-13 20:57:27 ----SHD---- C:\Config.Msi
2017-08-13 20:57:24 ----D---- C:\WINDOWS\system32\DriverStore
2017-08-13 20:57:24 ----D---- C:\WINDOWS\system32\drivers
2017-08-13 20:50:58 ----D---- C:\WINDOWS\system32\NDF
2017-08-10 12:23:06 ----D---- C:\WINDOWS\WinSxS
2017-08-10 00:08:26 ----D---- C:\WINDOWS\SysWOW64
2017-08-10 00:07:21 ----D---- C:\WINDOWS\system32\en-US
2017-08-10 00:07:21 ----D---- C:\WINDOWS\AppPatch
2017-08-09 16:06:17 ----D---- C:\WINDOWS\system32\MRT
2017-08-09 16:04:17 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-08-09 15:47:29 ----D---- C:\WINDOWS\CbsTemp
2017-08-09 12:42:19 ----RSD---- C:\WINDOWS\assembly
2017-08-08 23:04:06 ----D---- C:\WINDOWS\system32\Macromed
2017-08-08 23:04:03 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-08-08 16:40:54 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2017-08-08 16:40:54 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-08-08 16:40:54 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-08-08 16:40:54 ----D---- C:\WINDOWS\system32\WinMetadata
2017-08-08 16:40:54 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-08-08 16:40:54 ----D---- C:\WINDOWS\system32\oobe
2017-08-08 16:40:54 ----D---- C:\WINDOWS\system32\cs-CZ
2017-08-08 16:40:54 ----D---- C:\WINDOWS\ShellExperiences
2017-08-08 16:40:53 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-08-08 16:40:53 ----D---- C:\Program Files\Windows Photo Viewer
2017-08-08 16:40:53 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-08-08 16:40:51 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-08-08 15:53:52 ----RD---- C:\Program Files (x86)
2017-08-08 15:53:52 ----D---- C:\Program Files (x86)\Common Files
2017-08-08 15:53:04 ----RD---- C:\Program Files
2017-08-08 15:52:35 ----D---- C:\Program Files (x86)\WinStrom
2017-08-08 15:51:48 ----AD---- C:\Program Files (x86)\Opera
2017-08-08 15:51:35 ----D---- C:\Users\stoupa101\AppData\Roaming\Opera Software
2017-08-08 14:53:23 ----D---- C:\WINDOWS\system32\o2fj2
2017-07-31 17:15:09 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-07-26 14:43:27 ----D---- C:\MP3

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 CredFltL;Dell SED PBA Filter; C:\WINDOWS\system32\DRIVERS\CredFltL.sys [2014-09-11 37120]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 lxss;@%SystemRoot%\system32\drivers\lxss.sys,-100; C:\WINDOWS\system32\drivers\lxss.sys [2017-06-28 17312]
R0 PxHlpa64;PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [2013-09-03 56336]
R0 SEDFilter;Dell SED PBA Enhancement; C:\WINDOWS\system32\DRIVERS\SEDFilter.sys [2014-09-11 61184]
R1 MpKsle1ca65cc;MpKsle1ca65cc; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ED6705FE-6367-4F0C-8CD5-99ADF6B8117E}\MpKsle1ca65cc.sys [2017-08-24 44928]
R1 MpKsle22a3998;MpKsle22a3998; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ABBC683D-9627-42E2-8DA6-0AB45B648EE3}\MpKsle22a3998.sys [2017-08-25 44928]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2013-03-01 36600]
R3 ApfiltrService;@oem65.inf,%Filter.SvcDesc%;Alps Touch Pad Filter Driver for Windows x64; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2016-10-20 610640]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-07-28 105472]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-07-28 97280]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-07 130048]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 cvusbdrv;@oem6.inf,%cvusbdrv.SvcDesc%;Dell ControlVault; C:\WINDOWS\System32\Drivers\cvusbdrv.sys [2016-08-30 58464]
R3 DDDriver;DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [2017-04-11 32960]
R3 DellProf;DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [2017-04-11 32568]
R3 DellRbtn;@oem63.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2015-05-08 19440]
R3 ibtusb;@oem28.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-05-19 232936]
R3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw64e.sys [2016-09-02 50640]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2017-03-18 3485696]
R3 O2FJ2RDR;O2FJ2RDR; C:\WINDOWS\System32\drivers\O2FJ2x64.sys [2015-05-21 201240]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-08-01 180736]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 AsusVBus;AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [2016-11-03 39704]
S3 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [2016-08-11 152672]
S3 BstkDrv;BlueStacks Plus Hypervisor; \??\C:\Program Files (x86)\Bluestacks\BstkDrv.sys [2016-07-28 307768]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-07-28 982016]
S3 dg_ssudbus;@oem57.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 ew_usbccgpfilter;@oem34.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2016-11-25 18816]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 InvProtectDrv;InvProtectDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [2017-03-15 89224]
S3 InvProtectDrvNet;InvProtectDrvNet; \??\C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrvNet64.sys [2017-03-15 33928]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 ksaud;Creative USB Audio Driver; C:\WINDOWS\system32\drivers\ksaud.sys [2016-08-23 1561600]
S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2011-05-17 44480]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2017-06-28 118784]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-03-18 1735584]
S3 SboxDrv;SboxDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [2017-03-15 204424]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

Power Manager Notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [2017-01-17 86048]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-05-18 2246256]
R2 ApHidMonitorService;@oem65.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service; C:\Program Files\DellTPad\HidMonitorSvc.exe [2016-10-20 104744]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [2016-08-11 425496]
R2 CDPUserSvc_71085;Uživatelská služba platformy připojených zařízení_71085; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2016-08-30 1045736]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2016-08-30 39656]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 DDVCollectorSvcApi;Dell Data Vault Service API; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [2017-07-27 208760]
R2 DDVDataCollector;Dell Data Vault Collector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [2017-07-27 3294584]
R2 DDVRulesProcessor;Dell Data Vault Processor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [2017-07-27 217464]
R2 Dell Foundation Services;Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2017-01-11 97616]
R2 DellDigitalDelivery;Dell Digital Delivery Service; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2016-05-02 217976]
R2 DellMgmtAgent;Dell Management Agent Service; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe [2014-09-11 255328]
R2 DellMgmtLoader;Dell Security Framework Loader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe [2014-09-11 26464]
R2 DellMgmtServer;DELL Security Framework Local Server; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe [2014-09-11 33632]
R2 DpHost;Dell Data Protection Security Tools Authentication Service; C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe [2014-03-19 472912]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-02-08 640928]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-11-17 19424]
R2 ibtsiva;@oem28.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [2016-10-07 294968]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-08-14 207648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-08-14 415520]
R2 O2FLASH;O2FLASH; C:\WINDOWS\System32\drivers\o2flash.exe [2015-05-21 82096]
R2 OneSyncSvc_71085;Hostitel synchronizace_71085; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 OpenVPNServiceInteractive;OpenVPN Interactive Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2017-01-31 70272]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe -k HPZ12;"ServiceDll" = C:\Windows\system32\HPZipm12.dll
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-02-08 157088]
R2 SDIOAssist;SDIOAssist; C:\Windows\System32\SDIOAssist.exe [2014-06-18 95744]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-07-07 336320]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 PimIndexMaintenanceSvc_71085;Data kontaktů_71085; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-18 52920]
S3 BstHdAndroidSvc;BlueStacks Android Service ; C:\Program Files (x86)\Bluestacks\HD-Service.exe [2016-08-11 445976]
S3 BstHdPlusAndroidSvc;BlueStacks Plus Android Service ; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [2016-08-11 462360]
S3 dcpm-notify;Dell Command
S3 Dell.CommandPowerManager.Service;Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe [2017-03-18 21408]
S3 DellProdRegManager;Dell Product Registration Manager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [2014-10-31 278568]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_71085;Tok zařízení_71085; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 InvProtectSvc;Invincea Service; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2017-03-15 5701256]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 LxssManager;@%systemroot%\system32\lxss\LxssManager.dll,-100; %systemroot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\system32\lxss\LxssManager.dll
S3 MessagingService_71085;Služba zasílání zpráv_71085; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-08-18 175568]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-02-08 268192]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 OpenVpnService;OpenVpnService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [2016-11-25 15872]
S3 OpenVPNServiceLegacy;OpenVPN Legacy Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2017-01-31 70272]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SboxSvc;SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [2017-03-15 198792]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Na Scan vygeneroval log, ale pri dvou pokusech o Clean Win okamzite spadly na CRITICAL_PROCESS_DIED.

# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 28 13:21:29 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 08-25-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Program Files (x86)\DriverToolkit
PUP.Optional.Legacy, C:\Users\stoupa101\AppData\Local\DriverToolkit
PUP.Adware.Heuristic, C:\ProgramData\22ba3c36-173b-411e-94f6-9ad4d921c3d1
PUP.Adware.Heuristic, C:\ProgramData\4607dca3-5155-45ef-8156-d50c692c8081
PUP.Adware.Heuristic, C:\ProgramData\cb9d690b-3b5b-4e04-bb12-afa40031d029
PUP.Adware.Heuristic, C:\ProgramData\dd6fbc3d-b288-4d7d-8bd8-47bd0bfad05f


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\Software\DriverToolkit
PUP.Optional.Legacy, [Key] - HKCU\Software\DriverToolkit
PUP.Optional.InstallCore, [Key] - HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\Software\csastats
PUP.Optional.InstallCore, [Key] - HKCU\Software\csastats
PUP.Optional.ProductSetup.A, [Key] - HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\Software\PRODUCTSETUP
PUP.Optional.ProductSetup.A, [Key] - HKCU\Software\PRODUCTSETUP


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

SearchProvider found: Slunečnice - slunecnice.cz

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271


*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [3466 B] - [2016/7/12 20:38:10]
C:/AdwCleaner/AdwCleaner[S1].txt - [2353 B] - [2016/7/12 18:6:30]
C:/AdwCleaner/AdwCleaner[S2].txt - [3218 B] - [2016/7/12 18:10:7]
C:/AdwCleaner/AdwCleaner[S3].txt - [2238 B] - [2016/7/12 20:37:22]


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########

To je divné. Zkuste to znovu, ale v nouz. režimu.

V nouzovem rezimu se to povedlo.

# AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 29 06:13:00 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\DriverToolkit
Deleted: C:\Users\stoupa101\AppData\Local\DriverToolkit
Deleted: C:\ProgramData\22ba3c36-173b-411e-94f6-9ad4d921c3d1
Deleted: C:\ProgramData\4607dca3-5155-45ef-8156-d50c692c8081
Deleted: C:\ProgramData\cb9d690b-3b5b-4e04-bb12-afa40031d029
Deleted: C:\ProgramData\dd6fbc3d-b288-4d7d-8bd8-47bd0bfad05f


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\Software\DriverToolkit
Deleted: [Key] - HKCU\Software\DriverToolkit
Deleted: [Key] - HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: Slunečnice - slunecnice.cz


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [3466 B] - [2016/7/12 20:38:10]
C:/AdwCleaner/AdwCleaner[S1].txt - [2353 B] - [2016/7/12 18:6:30]
C:/AdwCleaner/AdwCleaner[S2].txt - [3218 B] - [2016/7/12 18:10:7]
C:/AdwCleaner/AdwCleaner[S3].txt - [2238 B] - [2016/7/12 20:37:22]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 ( v normálním režimu).

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by stoupa101 (administrator) on JAGUAR (29-08-2017 21:52:12)
Running from C:\Users\stoupa101\Desktop
Loaded Profiles: stoupa101 (Available Profiles: stoupa101)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
() C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(BayHubTech/O2Micro ) C:\Windows\System32\SDIOAssist.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe
(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpCardEngine.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Viber Media S.à r.l.) C:\Users\stoupa101\AppData\Local\Viber\Viber.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel® Corporation) C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
(BitTorrent Inc.) C:\Users\stoupa101\AppData\Roaming\uTorrent\utorrent.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Spotify Ltd) C:\Users\stoupa101\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(BitTorrent Inc.) C:\Users\stoupa101\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(BitTorrent Inc.) C:\Users\stoupa101\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(ALTAP) C:\Program Files\Altap Salamander\salamand.exe
(ALTAP) C:\Program Files\Altap Salamander\utils\salmon.exe
(Spotify Ltd) C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe
(Oracle) C:\App\sqldeveloper4_2_0\sqldeveloper\bin\sqldeveloper64W.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sparx Systems Pty Ltd) C:\Program Files (x86)\Sparx Systems\EA\EA.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1706.2231.0_x64__8wekyb3d8bbwe\Time.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Irfan Skiljan) C:\Program Files (x86)\IrfanView\i_view32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [773760 2016-10-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [CSFTrayApp] => C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe [232288 2014-09-11] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323040 2015-11-17] (Intel Corporation)
HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [609200 2015-03-01] (Waves Audio Ltd.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-08-14] (Intel Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [GoogleChromeAutoLaunch_ADF39C3253FCD0951CADB08AD48F1E6A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1301848 2017-08-23] (Google Inc.)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-23] (Valve Corporation)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [Viber] => C:\Users\stoupa101\AppData\Local\Viber\Viber.exe [30896208 2017-08-22] (Viber Media S.à r.l.)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [uTorrent] => C:\Users\stoupa101\AppData\Roaming\uTorrent\utorrent.exe [2146496 2017-07-01] (BitTorrent Inc.)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1990144 2017-03-21] (ownCloud)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [978456 2016-08-11] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [LINE] => C:\Users\stoupa101\AppData\Local\LINE\bin\LineLauncher.exe [617840 2017-04-13] (LINE Corporation)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [584320 2017-01-31] ()
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [Spotify Web Helper] => C:\Users\stoupa101\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-24] (Spotify Ltd)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\Run: [Spotify] => C:\Users\stoupa101\AppData\Roaming\Spotify\Spotify.exe [15866480 2017-08-24] (Spotify Ltd)
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\RunOnce: [Uninstall 17.3.6963.0807\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stoupa101\AppData\Local\Microsoft\OneDrive\17.3.6963.0807\amd64"
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\...\RunOnce: [Uninstall 17.3.6963.0807] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stoupa101\AppData\Local\Microsoft\OneDrive\17.3.6963.0807"
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\stoupa101\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2015-01-27]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{252f3261-7469-4b62-88d0-78c4b8dda1a2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3cc28684-cf6d-4a33-97c3-e69fa7125ad6}: [DhcpNameServer] 192.168.10.1 81.19.47.242
Tcpip\..\Interfaces\{f4be8427-d92e-496e-ac1c-beec55ecf05f}: [DhcpNameServer] 192.168.10.1

Internet Explorer:
==================
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-1044220912-1926083053-1571816506-1001 -> DefaultScope {E0723127-C7CC-4175-B469-FD7CDC8F3331} URL =
SearchScopes: HKU\S-1-5-21-1044220912-1926083053-1571816506-1001 -> {E0723127-C7CC-4175-B469-FD7CDC8F3331} URL =
BHO: Invincea Web Redirector -> {1C52FA7C-51B7-4621-9D5A-11101BA13134} -> C:\Program Files (x86)\Invincea\Enterprise\X64\InvRedirHostIE64.dll [2017-03-15] (Invincea, Inc.)
BHO-x32: Invincea Web Redirector -> {1C52FA7C-51B7-4621-9D5A-11101BA13134} -> C:\Program Files (x86)\Invincea\Enterprise\InvRedirHostIE.dll [2017-03-15] (Invincea, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-26] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: 4jltx1yr.default
FF ProfilePath: C:\Users\stoupa101\AppData\Roaming\TomTom\HOME\Profiles\qh8s841m.default [2015-08-11]
FF Extension: (Emulator) - C:\Users\stoupa101\AppData\Roaming\TomTom\HOME\Profiles\qh8s841m.default\Extensions\Navcore.9.510.1234792@tomtom.com [2015-08-11] [not signed]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\stoupa101\AppData\Roaming\Mozilla\Firefox\Profiles\4jltx1yr.default [2017-08-29]
FF Extension: (Adblock Plus) - C:\Users\stoupa101\AppData\Roaming\Mozilla\Firefox\Profiles\4jltx1yr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-08-18]
FF Extension: (Firefox Screenshots) - C:\Users\stoupa101\AppData\Roaming\Mozilla\Firefox\Profiles\4jltx1yr.default\features\{d6508acc-9122-49b6-91d5-f271beb9ddd4}\screenshots@mozilla.org.xpi [2017-08-29]
FF Extension: (Invincea Web Redirector) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\webredirector@invincea.com [2016-11-19] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome
FF Extension: (Dell Data Protection
Security Tools) - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome [2014-12-30] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-03-17] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-1044220912-1926083053-1571816506-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\stoupa101\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-21] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default [2017-08-29]
CHR Extension: (QR kód) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2014-12-30]
CHR Extension: (Prezentace Google) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Dokumenty Google) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Lucidchart Diagramy - On-line) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2017-02-26]
CHR Extension: (Disk Google) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (TV) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-12-30]
CHR Extension: (Downloads) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhnfghnbhfjhoiiaoibdhfnfpicfknh [2014-12-30]
CHR Extension: (YouTube) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Star Legends) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\chcaflnbhnoegjedbjaamecefhglfamc [2016-10-12]
CHR Extension: (Vyhledávání Google) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (AutoCAD 360) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjeclnkejmbepoibfnamioojinoopln [2014-12-30]
CHR Extension: (Box) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-05-03]
CHR Extension: (Hudba Google Play) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2017-08-21]
CHR Extension: (Tabulky Google) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (PicMonkey) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2016-06-08]
CHR Extension: (EditThisCookie) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-02-06]
CHR Extension: (Hodiny) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-12-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-08]
CHR Extension: (AdBlock) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-15]
CHR Extension: (Pixlr Editor) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2015-10-09]
CHR Extension: (Dropbox) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-07-07]
CHR Extension: (Stop AutoRefresh) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcldcllmbokpbniijpnkpgoboadbfphb [2014-12-30]
CHR Extension: (Top Eleven) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn [2014-12-30]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2017-07-24]
CHR Extension: (Quick Note) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2015-05-15]
CHR Extension: (Hangouts Google) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-05-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Picasa) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-12-30]
CHR Extension: (Psykopaint) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-03-19]
CHR Extension: (Gmail) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
CHR Profile: C:\Users\stoupa101\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-07-04]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Dell\Dell Data Protection\Security Tools Authentication\Bin\BrowserExt\dpchrome.crx [2014-03-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-10-20] (Alps Electric Co., Ltd.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-08-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-08-11] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-08-11] (BlueStack Systems, Inc.)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [86048 2017-01-17] (Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe [255328 2014-09-11] (Dell Inc.)
R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe [26464 2014-09-11] ()
R2 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe [33632 2014-09-11] (Dell, Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DpHost; C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe [472912 2014-03-19] (DigitalPersona, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19424 2015-11-17] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [356336 2016-10-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [5701256 2017-03-15] (Invincea, Inc.)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-14] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] ()
R2 O2FLASH; C:\WINDOWS\System32\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International)
S3 OpenVpnService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [70272 2017-01-31] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [70272 2017-01-31] (The OpenVPN Project)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [299776 2015-05-27] (Realtek Semiconductor)
S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [198792 2017-03-15] (Invincea, Inc.)
R2 SDIOAssist; C:\Windows\System32\SDIOAssist.exe [95744 2014-06-18] (BayHubTech/O2Micro ) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
S2 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-08-04] (Dell Inc.)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 wampapache64; c:\wamp\bin\apache\apache2.4.18\bin\httpd.exe [29696 2015-12-09] (Apache Software Foundation) [File not signed]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.29\bin\mysqld.exe [13077504 2016-01-15] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation)
S3 Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe /Processid:{60984029-F9C4-4CEF-B1A1-81A10575059A}
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2016-11-03] (Windows (R) Win 7 DDK provider)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-08-11] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [307768 2016-07-28] (Bluestack System Inc. )
R0 CredFltL; C:\WINDOWS\System32\DRIVERS\CredFltL.sys [37120 2014-09-11] ()
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [547840 2015-09-12] (Intel Corporation)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [232936 2017-05-19] (Intel Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTDVHD64.sys [2540800 2015-05-27] (Realtek Semiconductor Corp.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [89224 2017-03-15] (Invincea, Inc.)
S3 InvProtectDrvNet; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrvNet64.sys [33928 2017-03-15] (Invincea, Inc.)
S3 ksaud; C:\WINDOWS\system32\drivers\ksaud.sys [1561600 2016-08-23] (Creative Technology Ltd.)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R1 MpKsl088f5598; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F3393453-A8C2-47FE-88D6-D88BADB607B7}\MpKsl088f5598.sys [44928 2017-08-29] (Microsoft Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 O2FJ2RDR; C:\WINDOWS\System32\drivers\O2FJ2x64.sys [201240 2015-05-21] (BayHubTech/O2Micro )
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [204424 2017-03-15] (Invincea, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R0 SEDFilter; C:\WINDOWS\System32\DRIVERS\SEDFilter.sys [61184 2014-09-11] (Dell Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [146512 2015-07-02] (STMicroelectronics)
R3 wbfcvusbdrv; C:\WINDOWS\System32\Drivers\wbfcvusbdrv.sys [20064 2016-08-30] (Broadcom Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-05-23] (BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-29 21:49 - 2017-08-29 21:49 - 000112640 _____ (forum.viry.cz) C:\Users\stoupa101\Downloads\Nepotvrzeno 431157.crdownload
2017-08-29 21:47 - 2017-08-29 21:47 - 002395648 _____ (Farbar) C:\Users\stoupa101\Desktop\FRST64.exe
2017-08-29 08:18 - 2017-08-29 08:18 - 000000000 ____D C:\Users\stoupa101\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-08-28 15:23 - 2017-08-29 08:18 - 000000000 ____D C:\Users\stoupa101\AppData\LocalLow\uTorrent
2017-08-28 15:22 - 2017-08-28 15:22 - 000376828 _____ C:\WINDOWS\Minidump\082817-4890-01.dmp
2017-08-28 15:18 - 2017-08-28 15:22 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-28 15:18 - 2017-08-28 15:18 - 000381180 _____ C:\WINDOWS\Minidump\082817-5015-01.dmp
2017-08-28 15:14 - 2017-08-28 15:14 - 008185288 _____ (Malwarebytes) C:\Users\stoupa101\Desktop\adwcleaner_7.0.1.0.exe
2017-08-27 14:47 - 2017-08-27 14:48 - 000000000 ____D C:\Users\stoupa101\AppData\Local\Viber
2017-08-25 17:23 - 2017-08-25 17:24 - 001329152 _____ C:\Users\stoupa101\Downloads\RSITx64.exe
2017-08-24 16:38 - 2017-08-29 16:08 - 000000000 ____D C:\Users\stoupa101\AppData\Local\Spotify
2017-08-24 16:38 - 2017-08-24 16:38 - 000001910 _____ C:\Users\stoupa101\Desktop\Spotify.lnk
2017-08-24 16:38 - 2017-08-24 16:38 - 000001896 _____ C:\Users\stoupa101\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-08-24 16:36 - 2017-08-29 20:45 - 000000000 ____D C:\Users\stoupa101\AppData\Roaming\Spotify
2017-08-24 14:34 - 2017-08-24 14:34 - 000022631 _____ C:\Users\stoupa101\Downloads\změna_čerpání.pdf
2017-08-24 11:59 - 2017-08-24 11:59 - 000676560 _____ (Spotify Ltd) C:\Users\stoupa101\Downloads\SpotifySetup.exe
2017-08-17 12:05 - 2017-08-17 12:05 - 000002669 _____ C:\Users\stoupa101\Downloads\detail_stavu_čerpání (4).csv
2017-08-17 12:04 - 2017-08-17 12:04 - 000001145 _____ C:\Users\stoupa101\Downloads\report_čerpání_rozpočtu.csv
2017-08-17 12:03 - 2017-08-17 12:03 - 000005372 _____ C:\Users\stoupa101\Downloads\detail_stavu_čerpání.htm
2017-08-17 12:03 - 2017-08-17 12:03 - 000005372 _____ C:\Users\stoupa101\Downloads\detail_stavu_čerpání (1).htm
2017-08-17 12:02 - 2017-08-17 12:02 - 000002669 _____ C:\Users\stoupa101\Downloads\detail_stavu_čerpání (3).csv
2017-08-17 12:01 - 2017-08-17 12:01 - 000008409 _____ C:\Users\stoupa101\Downloads\detail_stavu_čerpání (2).csv
2017-08-17 11:53 - 2017-08-17 11:53 - 000002669 _____ C:\Users\stoupa101\Downloads\detail_stavu_čerpání (1).csv
2017-08-17 11:43 - 2017-08-17 11:43 - 000002669 _____ C:\Users\stoupa101\Downloads\detail_stavu_čerpání.csv
2017-08-15 14:52 - 2017-08-15 14:52 - 000000000 ____D C:\WINDOWS\Panther
2017-08-14 14:50 - 2017-08-14 14:51 - 000055298 _____ C:\Users\stoupa101\Downloads\test.json
2017-08-09 16:03 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-09 16:03 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-09 16:03 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-09 16:03 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-09 16:03 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-09 16:03 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-09 16:03 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-09 16:03 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-09 16:03 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-09 16:03 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-09 16:03 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-09 16:03 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-09 16:03 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-09 16:03 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-09 16:03 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-09 16:03 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-09 16:03 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-09 16:03 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-09 16:03 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-09 16:03 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-09 16:03 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-09 16:03 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-09 16:03 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-09 16:03 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-09 16:03 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-09 16:03 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-09 16:03 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-09 16:03 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-09 16:03 - 2017-08-01 04:25 - 000865696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxcore.sys
2017-08-09 16:03 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-09 16:03 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-09 16:03 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-09 16:03 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-09 16:03 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-09 16:03 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-09 16:03 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-09 16:03 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-09 16:03 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-09 16:03 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-09 16:03 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-09 16:03 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-09 16:03 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-09 16:03 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-09 16:03 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-09 16:03 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-09 16:03 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-09 16:03 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-09 16:03 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-09 16:03 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-09 16:03 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-09 16:03 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-09 16:03 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-09 16:03 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-09 16:03 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-09 16:03 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-09 16:03 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-09 16:03 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-09 16:03 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-09 16:03 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-09 16:03 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-09 16:03 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-09 16:03 - 2017-08-01 03:41 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2017-08-09 16:03 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-09 16:03 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-09 16:03 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-09 16:03 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-09 16:03 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-09 16:03 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-09 16:03 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-09 16:03 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-09 16:03 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-09 16:03 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-09 16:03 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-09 16:03 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-09 16:03 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-09 16:03 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-09 16:03 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-09 16:03 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-09 16:03 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-09 16:03 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-09 16:03 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-09 16:03 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-09 16:03 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-09 16:03 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-09 16:03 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-09 16:03 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-09 16:03 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-09 16:03 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-09 16:03 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-09 16:03 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-09 16:03 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-09 16:03 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-09 16:03 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-09 16:03 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-09 16:03 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-09 16:03 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-09 16:03 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-09 16:03 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-08 14:59 - 2017-08-08 15:00 - 016145928 _____ (Intel(R) Corporation) C:\Users\stoupa101\Downloads\BT_19.71.0_64_Win10.exe
2017-08-08 14:53 - 2017-08-08 14:53 - 000000000 ____D C:\WINDOWS\SysWOW64\SDA
2017-08-08 13:07 - 2017-08-08 13:07 - 000000085 _____ C:\Users\stoupa101\.gitconfig
2017-08-08 13:06 - 2017-08-08 15:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseGit
2017-08-08 13:06 - 2017-08-08 13:06 - 004124672 _____ C:\Users\stoupa101\Downloads\TortoiseGit-LanguagePack-2.5.0.0-64bit-cs.msi
2017-08-08 13:04 - 2017-08-08 13:05 - 017412096 _____ C:\Users\stoupa101\Downloads\TortoiseGit-2.5.0.0-64bit.msi
2017-08-07 21:17 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-07 21:17 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-07 21:17 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-07 21:17 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-07 21:17 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-07 21:17 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-07 21:17 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-07 21:17 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-07 21:17 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-07 21:17 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-07 21:17 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-07 21:17 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-07 21:17 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-07 21:17 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-07 21:17 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-07 21:17 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-07 21:17 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-07 21:17 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-07 21:17 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-07 21:17 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-07 21:17 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-07 21:17 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-07 21:17 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-07 21:17 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-07 21:17 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-07 21:17 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-07 21:17 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-07 21:17 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-07 21:17 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-07 21:17 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-07 21:17 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-07 21:17 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-07 21:17 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-07 21:17 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-07 21:17 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-07 21:17 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-07 21:17 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-07 21:17 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-07 21:17 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-07 21:17 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-07 21:17 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-07 21:17 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-07 21:17 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-07 21:17 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-07 21:17 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-07 21:17 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-07 21:17 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-07 21:17 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-07 21:17 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-07 21:17 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-07 21:17 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-07 21:17 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-07 21:17 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-07 21:17 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-07 21:17 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-07 21:17 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-07 21:17 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-07 21:17 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-07 21:17 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-07 21:17 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-07 21:17 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-07 21:17 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-07 21:17 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-07 21:17 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-07 21:17 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-07 21:17 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-07 21:17 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-07 21:17 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-07 21:17 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-07 21:17 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-07 21:17 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-07 21:17 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-07 21:17 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-07 21:17 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-07 21:17 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-07 21:17 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-07 21:17 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-07 21:17 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-07 21:17 - 2017-07-28 06:18 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-08-07 21:17 - 2017-07-28 06:18 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-08-07 21:17 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-07 21:17 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-07 21:17 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-07 21:17 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-07 21:17 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-07 21:17 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-07 21:17 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-07 21:17 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-07 21:17 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-07 21:17 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-07 21:17 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-07 21:17 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-07 21:17 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-07 21:17 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-07 21:17 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-07 21:17 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-07 21:17 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-07 21:17 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-07 21:17 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-07 21:17 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-07 21:17 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-07 21:17 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-07 21:17 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-07 21:17 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-07 21:17 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-07 21:17 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-07 21:17 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-07 21:17 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-07 21:17 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-07 21:17 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-07 21:17 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-07 21:17 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-07 21:17 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-07 21:17 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-07 21:17 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-07 21:17 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-07 21:17 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-07 21:17 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-07 21:17 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-07 21:17 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-07 21:17 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-07 21:17 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-07 21:17 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-07 21:17 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-07 21:17 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-07 21:17 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-07 21:17 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-07 21:17 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-07 21:17 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-07 21:17 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-07 21:17 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-07 21:16 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-07 21:16 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-07 21:16 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-07 21:16 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-07 21:16 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-07 21:16 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-07 21:16 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-07 21:16 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-07 21:16 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-07 21:16 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-07 21:16 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-07 21:16 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-07 21:16 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-07 21:16 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-07 21:16 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-07 21:16 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-07 21:16 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-07 21:16 - 2017-07-28 06:25 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2017-08-07 21:16 - 2017-07-28 06:25 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-08-07 21:16 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-07 21:16 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-07 21:16 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-07 21:16 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-07 21:16 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-07 21:16 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-07 21:16 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-07 21:16 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-07 21:16 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-07 21:16 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-07 21:16 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-07 21:16 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-07 21:16 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-07 21:16 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-07 21:16 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-07 21:16 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-07 21:16 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-07 21:16 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-07 21:16 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-07 21:16 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-07 21:16 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-07 21:16 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-07 21:16 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-07 21:16 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-07 21:16 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-07 21:16 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-07 21:16 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-07 21:16 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-07 21:16 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-07 21:16 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-07 21:16 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-07 21:16 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-07 21:16 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-07 21:16 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-07 21:16 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-07 21:16 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-07 21:16 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-07 21:16 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-07 21:16 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-07 21:16 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-07 21:16 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-07 21:16 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-07 21:16 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-07 21:16 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-07 21:16 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-07 21:16 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-07 21:16 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-04 09:40 - 2017-08-04 09:40 - 000009258 _____ C:\Users\stoupa101\Downloads\VPNBook.com-OpenVPN-Euro1.zip
2017-08-04 09:36 - 2017-08-04 09:36 - 005974344 _____ (eVenture Limited ) C:\Users\stoupa101\Downloads\Hide.me-Setup-1.2.14.exe
2017-08-04 09:30 - 2017-08-04 09:31 - 029903688 _____ (TunnelBear) C:\Users\stoupa101\Downloads\TunnelBear-Installer.exe
2017-08-03 09:38 - 2017-08-03 09:38 - 016873885 _____ C:\Users\stoupa101\Downloads\f1300001.sql
2017-08-02 13:51 - 2017-08-02 13:51 - 000009317 _____ C:\Users\stoupa101\Downloads\f1300001_page_1300.sql
2017-08-02 13:50 - 2017-08-02 13:50 - 000009338 _____ C:\Users\stoupa101\Downloads\f1300001_page_1800.sql
2017-08-02 13:48 - 2017-08-02 13:48 - 000009016 _____ C:\Users\stoupa101\Downloads\f1300001_page_1.sql
2017-08-02 13:48 - 2017-08-02 13:48 - 000002010 _____ C:\Users\stoupa101\Downloads\f1300001_page_1500.sql
2017-08-02 13:27 - 2017-08-02 13:27 - 000021289 _____ C:\Users\stoupa101\Downloads\virtualizace-servery-2017.odg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-29 21:52 - 2016-07-14 09:08 - 000034360 _____ C:\Users\stoupa101\Desktop\FRST.txt
2017-08-29 21:52 - 2016-07-14 09:06 - 000000000 ____D C:\FRST
2017-08-29 21:50 - 2015-09-17 12:34 - 000000000 ____D C:\Users\stoupa101\AppData\Roaming\uTorrent
2017-08-29 21:35 - 2017-06-28 07:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-29 19:41 - 2016-11-22 21:36 - 000000000 ____D C:\Users\stoupa101\AppData\LocalLow\Mozilla
2017-08-29 19:41 - 2016-11-19 18:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-29 19:41 - 2014-12-30 15:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-29 19:05 - 2015-08-26 14:36 - 000000000 ____D C:\Users\stoupa101\Documents\ViberDownloads
2017-08-29 18:20 - 2014-12-30 15:33 - 000131072 ___SH C:\CredSED.dat
2017-08-29 17:14 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-29 17:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-29 16:54 - 2016-07-31 21:15 - 000000000 ____D C:\Users\stoupa101\Downloads\_WATCH
2017-08-29 16:54 - 2016-03-07 10:35 - 000000000 ____D C:\Users\stoupa101\Downloads\_RDY
2017-08-29 13:08 - 2017-07-18 18:44 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1044220912-1926083053-1571816506-1001
2017-08-29 13:08 - 2015-07-29 13:21 - 000002443 _____ C:\Users\stoupa101\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-29 13:08 - 2014-12-30 09:01 - 000000000 __RDO C:\Users\stoupa101\OneDrive
2017-08-29 12:13 - 2014-12-31 15:38 - 000000600 _____ C:\Users\stoupa101\AppData\Roaming\winscp.rnd
2017-08-29 11:37 - 2014-12-31 09:18 - 000000000 ____D C:\NIX
2017-08-29 11:18 - 2015-08-10 22:43 - 000000728 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-08-29 10:39 - 2016-10-03 17:08 - 000000000 ____D C:\Users\stoupa101\Downloads\_RDY(no_tit)
2017-08-29 08:31 - 2017-06-28 07:51 - 003329058 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-29 08:31 - 2017-03-20 06:43 - 001517446 _____ C:\WINDOWS\system32\perfh005.dat
2017-08-29 08:31 - 2017-03-20 06:43 - 000392306 _____ C:\WINDOWS\system32\perfc005.dat
2017-08-29 08:18 - 2017-06-28 07:50 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-08-29 08:18 - 2015-08-26 14:36 - 000000000 ____D C:\Users\stoupa101\AppData\Roaming\ViberPC
2017-08-29 08:18 - 2015-01-29 13:20 - 000000000 __SHD C:\Users\stoupa101\IntelGraphicsProfiles
2017-08-29 08:17 - 2017-06-28 07:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-29 08:13 - 2017-03-18 13:40 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-08-29 08:12 - 2016-07-12 20:05 - 000000000 ____D C:\AdwCleaner
2017-08-29 08:11 - 2017-06-28 07:50 - 000349560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-29 08:11 - 2016-07-12 22:36 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-08-29 08:11 - 2014-12-31 12:16 - 000000000 ____D C:\Users\stoupa101\AppData\Local\TSVNCache
2017-08-29 08:03 - 2017-06-28 07:51 - 000000000 ____D C:\Users\stoupa101
2017-08-28 22:58 - 2014-12-30 15:13 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-28 15:18 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-28 09:28 - 2014-12-30 21:46 - 000000000 ____D C:\Data
2017-08-27 16:07 - 2016-10-26 21:55 - 000006656 _____ C:\Users\stoupa101\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-27 11:49 - 2016-08-11 12:59 - 000000000 __SHD C:\Users\stoupa101\AppData\Local\lxss
2017-08-25 22:46 - 2016-06-14 13:58 - 000000000 ____D C:\Users\stoupa101\Downloads\_JINE TITULKY
2017-08-25 17:26 - 2016-07-11 17:39 - 000000000 ____D C:\Program Files\trend micro
2017-08-23 19:26 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Registration
2017-08-23 08:18 - 2017-07-18 20:14 - 000000000 ____D C:\Users\stoupa101\AppData\Local\ElevatedDiagnostics
2017-08-21 19:18 - 2016-11-22 14:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-08-21 13:45 - 2016-05-02 08:45 - 000000000 ____D C:\Users\stoupa101\Downloads\_STAHNOUT ZNOVU
2017-08-21 11:30 - 2015-12-29 22:58 - 000000000 ____D C:\tmp
2017-08-19 15:39 - 2014-12-30 15:26 - 000000000 ____D C:\Film
2017-08-19 09:30 - 2014-12-30 15:18 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-15 18:48 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-14 07:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-13 20:52 - 2017-06-28 07:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\Dell
2017-08-13 20:50 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-09 16:07 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-09 16:06 - 2014-12-31 17:53 - 000004149 _____ C:\Users\stoupa101\.bash_history
2017-08-09 16:06 - 2014-12-31 09:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 16:04 - 2014-12-31 09:43 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-08 23:04 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-08 23:04 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-08 16:42 - 2014-12-30 08:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-08 16:40 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-08 16:40 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-08 16:40 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-08 16:40 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-08 16:40 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-08 16:40 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-08 16:40 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-08 16:40 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-08 16:30 - 2015-07-23 09:51 - 000007678 _____ C:\Users\stoupa101\AppData\Local\Resmon.ResmonCfg
2017-08-08 15:52 - 2017-06-29 17:18 - 000000000 ____D C:\Users\stoupa101\AppData\Local\Facebook
2017-08-08 15:52 - 2015-11-09 10:10 - 000000000 ____D C:\Program Files (x86)\WinStrom
2017-08-08 15:51 - 2016-09-02 11:33 - 000000000 ____D C:\Users\stoupa101\AppData\Roaming\Opera Software
2017-08-08 15:51 - 2016-09-02 11:33 - 000000000 ____D C:\Users\stoupa101\AppData\Local\Opera Software
2017-08-08 15:51 - 2016-09-02 11:32 - 000000000 ____D C:\Program Files (x86)\Opera
2017-08-08 14:53 - 2017-01-21 17:11 - 000000000 ____D C:\WINDOWS\system32\o2fj2
2017-08-02 14:12 - 2017-07-26 12:18 - 000000000 ____D C:\Users\stoupa101\AppData\Roaming\CDisplayEx
2017-08-01 09:13 - 2017-05-23 12:54 - 000000000 ____D C:\Users\stoupa101\AppData\Local\Nox
2017-08-01 08:20 - 2017-05-23 12:56 - 000000000 ____D C:\Users\stoupa101\vmlogs
2017-08-01 08:20 - 2017-05-23 12:54 - 000000000 ____D C:\Users\stoupa101\.BigNox
2017-08-01 08:20 - 2017-03-14 19:51 - 000000000 ____D C:\Users\stoupa101\.android
2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-12-31 15:38 - 2017-08-29 12:13 - 000000600 _____ () C:\Users\stoupa101\AppData\Roaming\winscp.rnd
2016-10-26 21:55 - 2017-08-27 16:07 - 000006656 _____ () C:\Users\stoupa101\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-30 16:58 - 2016-11-28 19:55 - 000000600 _____ () C:\Users\stoupa101\AppData\Local\PUTTY.RND
2015-07-23 09:51 - 2017-08-08 16:30 - 000007678 _____ () C:\Users\stoupa101\AppData\Local\Resmon.ResmonCfg
2015-12-17 07:41 - 2009-11-17 16:54 - 000002844 _____ () C:\ProgramData\CfSB1240.ini
2015-12-17 07:41 - 2013-03-26 13:54 - 000002844 _____ () C:\ProgramData\CfSB1240A.ini

Some files in TEMP:
====================
2012-09-21 07:49 - 2011-05-19 23:57 - 000086016 _____ () C:\Users\stoupa101\AppData\Local\Temp\CPU-V.dll
2017-08-08 13:06 - 2017-08-08 13:06 - 000123056 _____ (https://tortoisegit.org/) C:\Users\stoupa101\AppData\Local\Temp\REx2545.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-29 08:51

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
GroupPolicy: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1044220912-1926083053-1571816506-1001 -> DefaultScope {E0723127-C7CC-4175-B469-FD7CDC8F3331} URL =
SearchScopes: HKU\S-1-5-21-1044220912-1926083053-1571816506-1001 -> {E0723127-C7CC-4175-B469-FD7CDC8F3331} URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\stoupa101\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\stoupa101\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by stoupa101 (29-08-2017 22:59:09) Run:2
Running from C:\Users\stoupa101\Desktop
Loaded Profiles: stoupa101 (Available Profiles: stoupa101)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
GroupPolicy: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1044220912-1926083053-1571816506-1001 -> DefaultScope {E0723127-C7CC-4175-B469-FD7CDC8F3331} URL =
SearchScopes: HKU\S-1-5-21-1044220912-1926083053-1571816506-1001 -> {E0723127-C7CC-4175-B469-FD7CDC8F3331} URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\stoupa101\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\stoupa101\AppData\Local\Temp

EmptyTemp:
End
*****************

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1044220912-1926083053-1571816506-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E0723127-C7CC-4175-B469-FD7CDC8F3331} => key removed successfully
HKLM\Software\Classes\CLSID\{E0723127-C7CC-4175-B469-FD7CDC8F3331} => key not found.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\stoupa101\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\stoupa101\AppData\Local\Temp" folder move:

Could not move "C:\Users\stoupa101\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12945563 B
Java, Flash, Steam htmlcache => 234833840 B
Windows/system/drivers => 17975331 B
Edge => 200161 B
Chrome => 314546779 B
Firefox => 59158677 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 155042 B
stoupa101 => 223210388 B

RecycleBin => 0 B
EmptyTemp: => 830.6 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-08-2017 23:00:49)

C:\Users\stoupa101\AppData\Local\Temp => moved successfully

==== End of Fixlog 23:00:49 ====

Smazáno, log by již měl být OK.

Dekuji.

Nemáte zač!