﻿Logfile of random's system information tool 1.10 (written by random/random)
Run by nimrod at 2017-03-27 12:44:22
Microsoft Windows 10 Home 
System drive C: has 571 GB (61%) free of 937 GB
Total RAM: 3288 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:44:33, on 27. 3. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal

Running processes:
C:\Users\nimrod\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Users\nimrod\AppData\Local\Google\Chrome\User Data\SwReporter\17.97.3\software_reporter_tool.exe
C:\Users\nimrod\AppData\Local\Google\Chrome\User Data\SwReporter\17.97.3\software_reporter_tool.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\nimrod.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=
O1 - Hosts: 127.0.0.2 wp-dev
O1 - Hosts: 127.0.0.3 utilities
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=av
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\nimrod\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_D666053EBBCBECDDF302E5B8C0D21F88] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: Developer Tools Service (DeveloperToolsService) - Unknown owner - C:\WINDOWS\System32\DeveloperToolsSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: wampapache64 - Apache Software Foundation - c:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
O23 - Service: wampmysqld64 - Unknown owner - c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11720 bytes

======Listing Processes======




c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-b93d-bf3a641c1508 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16



C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ea237fc6-2ceb-4a70-ae95-920235471e17 -SystemEventPortName:HostProcess-ebaec6a2-e6e6-4f04-b9e6-31993da74f0a -IoCancelEventPortName:HostProcess-11346d84-9bec-4411-bc1b-000dcf473853 -NonStateChangingEventPortName:HostProcess-542a07b8-0fd3-46b4-96cd-a39d6ce70026 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b41ed6e9-8b9a-44a8-97ac-49f67c29043d -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\system32\DbxSvc.exe
"C:\Program Files (x86)\AVG\Av\avgwdsvca.exe"

C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"

C:\WINDOWS\system32\svchost.exe -k SshBrokerGroup
dashost.exe {73bb7461-dba2-4f46-a27e5485d2e10291}
C:\WINDOWS\system32\svchost.exe -k SshProxyGroup
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"c:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe" -k runservice
c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe wampmysqld64
C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe -d C:/wamp64/bin/apache/apache2.4.23

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"

atieclxx
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:3384
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.7.1.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe" -ServerName:App.AppXqx982emnayc5vbja1mrpk9zh4r774nd8.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\nimrod\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\nimrod\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\nimrod\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=56.0.2924.87 --initial-client-data=0x1c0,0x1c4,0x1c8,0x1bc,0x1cc,0x7ff9118b1160,0x7ff9118b1140,0x7ff9118b1118
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1716 --on-initialized-event-handle=584 --parent-handle=592 /prefetch:6
"C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,*PrioritySupportedRequestsDelayable<NetDelayableH2AndQuicRequests,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ScoringParamTuning/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled2/InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/NetDelayableH2AndQuicRequests/Default/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/Enabled5MinTimeoutOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SaveAsMenuText/default/SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled2/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/StrictSecureCookies/Enabled/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingLaunched/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,20,23,26,40,71 --gpu-vendor-id=0x1002 --gpu-device-id=0x9851 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=21.19.137.1 --gpu-driver-date=9-16-2016 --gpu-secondary-vendor-ids=0x1002 --gpu-secondary-device-ids=0x6664 --service-request-channel-token=213630AC804FEDB59480D72529A114E6 --mojo-platform-channel-handle=1288 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,*PrioritySupportedRequestsDelayable<NetDelayableH2AndQuicRequests,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ScoringParamTuning/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled2/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetDelayableH2AndQuicRequests/Default/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/Enabled5MinTimeoutOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SaveAsMenuText/default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled2/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingLaunched/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebFontsInterventionV2/Default/ --primordial-pipe-token=8835FC886608D9176E6E56E9FD0F207E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=8835FC886608D9176E6E56E9FD0F207E --renderer-client-id=9 --mojo-platform-channel-handle=2308 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,*PrioritySupportedRequestsDelayable<NetDelayableH2AndQuicRequests,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ScoringParamTuning/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled2/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetDelayableH2AndQuicRequests/Default/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/Enabled5MinTimeoutOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SaveAsMenuText/default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled2/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingLaunched/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebFontsInterventionV2/Default/ --primordial-pipe-token=620B934D6827088353458DF475791C2C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=620B934D6827088353458DF475791C2C --renderer-client-id=10 --mojo-platform-channel-handle=2356 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,*PrioritySupportedRequestsDelayable<NetDelayableH2AndQuicRequests,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ScoringParamTuning/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled2/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetDelayableH2AndQuicRequests/Default/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/Enabled5MinTimeoutOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SaveAsMenuText/default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled2/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingLaunched/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebFontsInterventionV2/Default/ --primordial-pipe-token=3AF3078617F0444150743A1DE52F9BA9 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=3AF3078617F0444150743A1DE52F9BA9 --renderer-client-id=4 --mojo-platform-channel-handle=3464 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,*PrioritySupportedRequestsDelayable<NetDelayableH2AndQuicRequests,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ScoringParamTuning/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled2/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetDelayableH2AndQuicRequests/Default/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/Enabled5MinTimeoutOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SaveAsMenuText/default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled2/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingLaunched/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebFontsInterventionV2/Default/ --primordial-pipe-token=AFB0AED394129EA01DD9E57674864822 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=AFB0AED394129EA01DD9E57674864822 --renderer-client-id=5 --mojo-platform-channel-handle=3600 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,*PrioritySupportedRequestsDelayable<NetDelayableH2AndQuicRequests,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ScoringParamTuning/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled2/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetDelayableH2AndQuicRequests/Default/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/Enabled5MinTimeoutOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SaveAsMenuText/default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled2/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingLaunched/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebFontsInterventionV2/Default/ --primordial-pipe-token=EE565B7390935897AD25C48F051FFAC1 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=EE565B7390935897AD25C48F051FFAC1 --renderer-client-id=6 --mojo-platform-channel-handle=3620 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,*PrioritySupportedRequestsDelayable<NetDelayableH2AndQuicRequests,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ScoringParamTuning/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled2/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetDelayableH2AndQuicRequests/Default/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/Enabled5MinTimeoutOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SaveAsMenuText/default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled2/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingLaunched/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebFontsInterventionV2/Default/ --primordial-pipe-token=E240C9FAA0F4EB9C05FE664530885458 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=E240C9FAA0F4EB9C05FE664530885458 --renderer-client-id=7 --mojo-platform-channel-handle=3640 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,*PrioritySupportedRequestsDelayable<NetDelayableH2AndQuicRequests,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ScoringParamTuning/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled2/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetDelayableH2AndQuicRequests/Default/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/Enabled5MinTimeoutOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SaveAsMenuText/default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled2/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingLaunched/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebFontsInterventionV2/Default/ --primordial-pipe-token=80208DE8EA9274F50627D2258B0F6678 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=80208DE8EA9274F50627D2258B0F6678 --renderer-client-id=8 --mojo-platform-channel-handle=3644 /prefetch:1
 /TRAYONLY
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:eda222e9-1ee6-4a25-b264-2a97319455d1 -target-handle:432 -target-shutdown-event:164 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload
"C:\Users\nimrod\AppData\Local\Google\Chrome\User Data\SwReporter\17.97.3\software_reporter_tool.exe" --session-id=7XqP2U03RpjL93QcSe2glxdkH0wBvXEeiA277s4a
"C:\Users\nimrod\AppData\Local\Google\Chrome\User Data\SwReporter\17.97.3\software_reporter_tool.exe" --crash-handler "--database=c:\users\nimrod\appdata\local\Google\Software Reporter Tool" --url=https://clients2.google.com/cr/report --annotation=plat=Win32 --annotation=prod=ChromeFoil --annotation=ver=17.97.3 --initial-client-data=0x200,0x204,0x208,0x1fc,0x20c,0x50f224,0x50f234,0x50f244
 /fmw.trayonly
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
"fontdrvhost.exe"
C:\Windows\system32\msfeedssync.exe sync
taskhostw.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\compattelrunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\devicecensus.exe
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:o12/fPihBEmdAgxs.1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe"
"C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /cr
ctfmon.exe
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,*PrioritySupportedRequestsDelayable<NetDelayableH2AndQuicRequests,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ScoringParamTuning/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/*EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Enabled2/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetDelayableH2AndQuicRequests/Default/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/Enabled5MinTimeoutOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SaveAsMenuText/default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled2/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingLaunched/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/*WebFontsInterventionV2/Default/ --primordial-pipe-token=FD8685B07532AF89F4C9674774634473 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=FD8685B07532AF89F4C9674774634473 --renderer-client-id=18 --mojo-platform-channel-handle=7304 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PersistentHistograms<PersistentHistograms,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,*PrioritySupportedRequestsDelayable<NetDelayableH2AndQuicRequests,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/ScoringParamTuning/*ClientSideDetectionModel/Model0/*DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisableFirstRunAutoImport/AutoImportDisabled/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/*EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Enabled2/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetDelayableH2AndQuicRequests/Default/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/Default/PluginPowerSaverTiny/Enabled2/*QUIC/Enabled5MinTimeoutOctober/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SaveAsMenuText/default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled2/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingLaunched/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_41/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/*WebFontsInterventionV2/Default/ --primordial-pipe-token=3EE6CBDAC266D9537CDADBE3082F3E5A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=3EE6CBDAC266D9537CDADBE3082F3E5A --renderer-client-id=19 --mojo-platform-channel-handle=4208 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe36_ Global\UsGthrCtrlFltPipeMssGthrPipe36 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 616 620 628 8192 624 
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x33c
"C:\Users\nimrod\Desktop\RSITx64.exe" 
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe  /NOUACCHECK 
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe  /c 
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe  /ua /installsource scheduler 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-12-13 229064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-20 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2017-02-23 2351920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-20 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22 857792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-12-13 163528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-31 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2017-02-23 1743664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-31 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22 755392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-21 13672304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\nimrod\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-02-17 1518304]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-03-03 9364696]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-11-30 23818360]
"GoogleChromeAutoLaunch_D666053EBBCBECDDF302E5B8C0D21F88"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-02-01 1116504]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2016-12-06 240400]
"PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-08-09 71440]
"AVG_UI"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2016-12-06 240400]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-03-21 28065728]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12 587288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.ZMBV"=zmbv.dll
"vidc.XVID"=xvidvfw.dll
"vidc.x264"=x264vfw64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.inf - open - "C:\Program Files\Notepad++\notepad++.exe" "%1"
.inf - install - 
.ini - open - "C:\Program Files\Notepad++\notepad++.exe" "%1"
.js - edit - 
.js - open - "C:\Program Files\Notepad++\notepad++.exe" "%1"

======List of files/folders created in the last 3 months======

2017-03-27 12:44:23 ----D---- C:\Program Files\trend micro
2017-03-27 12:44:22 ----D---- C:\rsit
2017-03-27 12:36:53 ----HD---- C:\OneDriveTemp
2017-03-27 12:35:28 ----D---- C:\WINDOWS\system32\ŔÄ'Z9
2017-03-26 19:29:22 ----D---- C:\WINDOWS\system32\@Ę÷˙+
2017-03-26 18:43:06 ----D---- C:\WINDOWS\system32\ĐŞ_§X
2017-03-26 11:10:07 ----D---- C:\WINDOWS\system32\€Ĺ·ńŹ
2017-03-26 10:44:24 ----D---- C:\WINDOWS\system32\đĘ78É
2017-03-26 08:43:12 ----D---- C:\WINDOWS\system32\đĹ
2017-03-25 23:50:10 ----D---- C:\WINDOWS\system32\ŔĹĎ™
2017-03-25 17:08:13 ----D---- C:\WINDOWS\system32\PËwVD
2017-03-25 17:08:13 ----D---- C:\WINDOWS\system32\°«_VD
2017-03-25 16:02:54 ----D---- C:\WINDOWS\system32\Ŕ­÷+N
2017-03-25 16:02:54 ----D---- C:\WINDOWS\system32\pĆ˙+N
2017-03-24 22:30:35 ----D---- C:\WINDOWS\system32\ Ä‡ÜÜ
2017-03-24 18:13:04 ----D---- C:\WINDOWS\system32\¸§ŘN
2017-03-24 18:13:04 ----D---- C:\WINDOWS\system32\€°ŹŘN
2017-03-24 18:13:04 ----D---- C:\WINDOWS\system32\@ÇŘN
2017-03-24 12:56:50 ----D---- C:\WINDOWS\system32\ŕÉç$Ż
2017-03-24 01:51:23 ----D---- C:\WINDOWS\system32\0Č‡š7
2017-03-23 14:03:19 ----D---- C:\WINDOWS\system32\@­ź­Â
2017-03-23 14:03:19 ----D---- C:\WINDOWS\system32\ Ĺ§­Â
2017-03-23 12:11:52 ----D---- C:\WINDOWS\system32\đĆwą
2017-03-23 03:48:22 ----D---- C:\WINDOWS\system32\ĐĹ—ó´
2017-03-22 21:46:01 ----D---- C:\WINDOWS\system32\€­wüÝ
2017-03-22 12:11:51 ----D---- C:\WINDOWS\system32\PÉńŤ
2017-03-22 02:42:25 ----D---- C:\WINDOWS\system32\ ĹR`
2017-03-21 16:55:04 ----D---- C:\WINDOWS\system32\đÇÇ…–
2017-03-21 14:05:31 ----D---- C:\WINDOWS\system32\Pşoť$
2017-03-21 14:05:31 ----D---- C:\WINDOWS\system32\pËWť$
2017-03-21 13:32:03 ----D---- C:\WINDOWS\system32\ÄG™Ĺ
2017-03-21 11:42:10 ----D---- C:\WINDOWS\system32\P®OŘ)
2017-03-21 11:42:10 ----D---- C:\WINDOWS\system32\ Ę_Ř)
2017-03-21 10:24:43 ----D---- C:\WINDOWS\system32\ ËçJt
2017-03-21 02:10:48 ----D---- C:\WINDOWS\system32\ĆOhá
2017-03-20 13:31:22 ----D---- C:\WINDOWS\system32\ŔĹgLš
2017-03-20 10:27:20 ----D---- C:\WINDOWS\system32\đÇďüb
2017-03-20 02:25:15 ----D---- C:\WINDOWS\system32\ŕČ÷Bm
2017-03-19 17:53:16 ----D---- C:\WINDOWS\system32\€˛§Şŕ
2017-03-19 17:53:15 ----D---- C:\WINDOWS\system32\PÇĎŞŕ
2017-03-19 17:53:15 ----D---- C:\WINDOWS\system32\đ¶×Şŕ
2017-03-19 17:33:46 ----D---- C:\WINDOWS\system32\@Ë˙Ś•
2017-03-19 14:24:12 ----D---- C:\WINDOWS\system32\ ÄO‹E
2017-03-19 14:11:08 ----D---- C:\WINDOWS\system32\ ĘĎź
2017-03-19 13:26:01 ----D---- C:\WINDOWS\system32\ŕÉ˙Gd
2017-03-19 13:26:01 ----D---- C:\WINDOWS\system32\­ßGd
2017-03-19 10:13:52 ----D---- C:\WINDOWS\system32\0®‡”í
2017-03-19 10:13:48 ----D---- C:\WINDOWS\system32\đČ§”í
2017-03-19 09:12:49 ----D---- C:\WINDOWS\system32\@Čß$Á
2017-03-19 09:03:03 ----D---- C:\WINDOWS\system32\ Ç`,
2017-03-18 19:45:17 ----D---- C:\WINDOWS\system32\ĐĆç&&
2017-03-18 19:45:17 ----D---- C:\WINDOWS\system32\±Ç&&
2017-03-18 16:27:38 ----D---- C:\WINDOWS\system32\ ČWĘ•
2017-03-18 13:45:30 ----D---- C:\WINDOWS\system32\ŔÇWs»
2017-03-18 13:45:30 ----D---- C:\WINDOWS\system32\€«7s»
2017-03-18 09:22:31 ----D---- C:\WINDOWS\system32\ Č×¦’
2017-03-17 22:17:11 ----D---- C:\WINDOWS\system32\°Ä
2017-03-17 21:35:26 ----D---- C:\WINDOWS\system32\­O¬
2017-03-17 21:35:24 ----D---- C:\WINDOWS\system32\ŕĘw¬
2017-03-17 20:53:55 ----D---- C:\WINDOWS\system32\`ÉgźI
2017-03-17 19:52:42 ----D---- C:\WINDOWS\system32\°µż.8
2017-03-17 19:52:41 ----D---- C:\WINDOWS\system32\0Ć·.8
2017-03-17 18:09:27 ----D---- C:\WINDOWS\system32\p­ŻÓw
2017-03-17 18:09:25 ----D---- C:\WINDOWS\system32\€Ä·Ów
2017-03-17 16:52:41 ----D---- C:\WINDOWS\system32\P¬×x˙
2017-03-17 16:52:40 ----D---- C:\WINDOWS\system32\ Ëox˙
2017-03-17 13:27:04 ----D---- C:\WINDOWS\system32\pČO¦[
2017-03-17 13:27:04 ----D---- C:\WINDOWS\system32\ Á7¦[
2017-03-17 01:18:09 ----D---- C:\WINDOWS\system32\ Äź5ď
2017-03-16 13:31:22 ----D---- C:\WINDOWS\system32\€°×ĹĎ
2017-03-16 13:31:22 ----D---- C:\WINDOWS\system32\ ĆĎĹĎ
2017-03-16 11:47:48 ----D---- C:\WINDOWS\system32\PĆź(Ô
2017-03-16 01:01:55 ----D---- C:\WINDOWS\system32\pÉ˙
2017-03-15 23:26:54 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2017-03-15 23:26:48 ----A---- C:\WINDOWS\SYSWOW64\WPDShServiceObj.dll
2017-03-15 23:26:48 ----A---- C:\WINDOWS\SYSWOW64\wlanui.dll
2017-03-15 23:26:47 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2017-03-15 23:26:47 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2017-03-15 23:26:47 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2017-03-15 23:26:47 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2017-03-15 23:26:47 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2017-03-15 23:26:46 ----A---- C:\WINDOWS\SYSWOW64\tapi32.dll
2017-03-15 23:26:46 ----A---- C:\WINDOWS\SYSWOW64\msutb.dll
2017-03-15 23:26:46 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-03-15 23:26:46 ----A---- C:\WINDOWS\SYSWOW64\mscandui.dll
2017-03-15 23:26:46 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2017-03-15 23:26:45 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-03-15 23:26:45 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2017-03-15 23:26:45 ----A---- C:\WINDOWS\SYSWOW64\RADCUI.dll
2017-03-15 23:26:45 ----A---- C:\WINDOWS\SYSWOW64\msctfui.dll
2017-03-15 23:26:45 ----A---- C:\WINDOWS\SYSWOW64\msctfp.dll
2017-03-15 23:26:45 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-03-15 23:26:44 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2017-03-15 23:26:44 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2017-03-15 23:26:44 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-03-15 23:26:44 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-03-15 23:26:44 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-03-15 23:26:42 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2017-03-15 23:26:41 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2017-03-15 23:26:41 ----A---- C:\WINDOWS\SYSWOW64\PhotoScreensaver.scr
2017-03-15 23:26:40 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-03-15 23:26:40 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2017-03-15 23:26:39 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2017-03-15 23:26:37 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-03-15 23:26:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.Search.dll
2017-03-15 23:26:35 ----A---- C:\WINDOWS\SYSWOW64\mmc.exe
2017-03-15 23:26:32 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-03-15 23:26:28 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-03-15 23:26:25 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-03-15 23:26:25 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2017-03-15 23:26:24 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2017-03-15 23:26:24 ----A---- C:\WINDOWS\SYSWOW64\ddrawex.dll
2017-03-15 23:26:24 ----A---- C:\WINDOWS\SYSWOW64\ddraw.dll
2017-03-15 23:26:24 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2017-03-15 23:26:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-03-15 23:26:23 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2017-03-15 23:26:23 ----A---- C:\WINDOWS\SYSWOW64\d3d12SDKLayers.dll
2017-03-15 23:26:22 ----A---- C:\WINDOWS\SYSWOW64\VsGraphicsDesktopEngine.exe
2017-03-15 23:26:20 ----A---- C:\WINDOWS\SYSWOW64\dplaysvr.exe
2017-03-15 23:26:19 ----A---- C:\WINDOWS\SYSWOW64\msdtcuiu.dll
2017-03-15 23:26:18 ----A---- C:\WINDOWS\SYSWOW64\mtxclu.dll
2017-03-15 23:26:18 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2017-03-15 23:26:18 ----A---- C:\WINDOWS\SYSWOW64\BrowserSettingSync.dll
2017-03-15 23:26:16 ----A---- C:\WINDOWS\SYSWOW64\PCPTpm12.dll
2017-03-15 23:26:16 ----A---- C:\WINDOWS\SYSWOW64\azroleui.dll
2017-03-15 23:26:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2017-03-15 23:26:13 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-03-15 23:26:13 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2017-03-15 23:26:13 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2017-03-15 23:26:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-03-15 23:26:12 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2017-03-15 23:26:12 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-03-15 23:26:12 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2017-03-15 23:26:12 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-15 23:26:12 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2017-03-15 23:26:12 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-03-15 23:26:12 ----A---- C:\WINDOWS\SYSWOW64\mssphtb.dll
2017-03-15 23:26:12 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2017-03-15 23:26:12 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2017-03-15 23:26:11 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2017-03-15 23:26:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2017-03-15 23:26:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Ocr.dll
2017-03-15 23:26:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.FaceAnalysis.dll
2017-03-15 23:26:10 ----A---- C:\WINDOWS\SYSWOW64\XInputUap.dll
2017-03-15 23:26:10 ----A---- C:\WINDOWS\SYSWOW64\WinRtTracing.dll
2017-03-15 23:26:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 23:26:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-15 23:26:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2017-03-15 23:26:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Perception.dll
2017-03-15 23:26:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2017-03-15 23:26:08 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2017-03-15 23:26:08 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2017-03-15 23:26:07 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-03-15 23:26:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-15 23:26:07 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2017-03-15 23:26:05 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2017-03-15 23:26:05 ----A---- C:\WINDOWS\SYSWOW64\GamePanelExternalHook.dll
2017-03-15 23:26:04 ----A---- C:\WINDOWS\SYSWOW64\wsp_sr.dll
2017-03-15 23:26:04 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2017-03-15 23:26:04 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2017-03-15 23:26:04 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2017-03-15 23:26:04 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2017-03-15 23:26:03 ----A---- C:\WINDOWS\SYSWOW64\WMVSENCD.DLL
2017-03-15 23:26:03 ----A---- C:\WINDOWS\SYSWOW64\WMPDMC.exe
2017-03-15 23:26:03 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2017-03-15 23:26:03 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-03-15 23:26:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-03-15 23:26:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-03-15 23:26:02 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-03-15 23:26:02 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-03-15 23:26:01 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-03-15 23:26:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2017-03-15 23:26:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2017-03-15 23:25:59 ----A---- C:\WINDOWS\SYSWOW64\WwaApi.dll
2017-03-15 23:25:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-15 23:25:58 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-03-15 23:25:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Diagnostics.dll
2017-03-15 23:25:57 ----A---- C:\WINDOWS\SYSWOW64\WsmWmiPl.dll
2017-03-15 23:25:57 ----A---- C:\WINDOWS\SYSWOW64\wmpmde.dll
2017-03-15 23:25:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2017-03-15 23:25:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2017-03-15 23:25:57 ----A---- C:\WINDOWS\SYSWOW64\wcnwiz.dll
2017-03-15 23:25:56 ----A---- C:\WINDOWS\SYSWOW64\vssapi.dll
2017-03-15 23:25:56 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.Ngc.dll
2017-03-15 23:25:56 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2017-03-15 23:25:56 ----A---- C:\WINDOWS\SYSWOW64\Pimstore.dll
2017-03-15 23:25:56 ----A---- C:\WINDOWS\SYSWOW64\cemapi.dll
2017-03-15 23:25:55 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2017-03-15 23:25:55 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-03-15 23:25:55 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-03-15 23:25:55 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2017-03-15 23:25:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2017-03-15 23:25:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2017-03-15 23:25:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2017-03-15 23:25:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-03-15 23:25:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-15 23:25:53 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2017-03-15 23:25:53 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-03-15 23:25:53 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2017-03-15 23:25:53 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2017-03-15 23:25:53 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2017-03-15 23:25:53 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2017-03-15 23:25:53 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2017-03-15 23:25:53 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2017-03-15 23:25:52 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2017-03-15 23:25:52 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-03-15 23:25:52 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2017-03-15 23:25:51 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-03-15 23:25:51 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2017-03-15 23:25:51 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-03-15 23:25:51 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-03-15 23:25:51 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2017-03-15 23:25:51 ----A---- C:\WINDOWS\SYSWOW64\tcpipcfg.dll
2017-03-15 23:25:50 ----A---- C:\WINDOWS\SYSWOW64\netiougc.exe
2017-03-15 23:25:50 ----A---- C:\WINDOWS\SYSWOW64\netiohlp.dll
2017-03-15 23:25:50 ----A---- C:\WINDOWS\SYSWOW64\IPHLPAPI.DLL
2017-03-15 23:25:49 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2017-03-15 23:25:49 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-03-15 23:25:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.SystemManagement.dll
2017-03-15 23:25:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 23:25:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-03-15 23:25:48 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2017-03-15 23:25:48 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-03-15 23:25:46 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-03-15 23:25:46 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2017-03-15 23:25:46 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-03-15 23:25:46 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-03-15 23:25:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-15 23:25:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2017-03-15 23:25:45 ----A---- C:\WINDOWS\SYSWOW64\vaultcli.dll
2017-03-15 23:25:45 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2017-03-15 23:25:45 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-03-15 23:25:45 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2017-03-15 23:25:45 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2017-03-15 23:25:45 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2017-03-15 23:25:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-03-15 23:25:44 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2017-03-15 23:25:44 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-03-15 23:25:44 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-03-15 23:25:44 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-03-15 23:25:43 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-03-15 23:25:43 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-03-15 23:25:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 23:25:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-03-15 23:25:42 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2017-03-15 23:25:41 ----A---- C:\WINDOWS\SYSWOW64\regedit.exe
2017-03-15 23:25:41 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2017-03-15 23:25:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2017-03-15 23:25:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 23:25:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2017-03-15 23:25:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll
2017-03-15 23:25:38 ----A---- C:\WINDOWS\SYSWOW64\ProximityCommon.dll
2017-03-15 23:25:38 ----A---- C:\WINDOWS\SYSWOW64\PrintDialogs.dll
2017-03-15 23:25:37 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2017-03-15 23:25:37 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2017-03-15 23:25:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Perception.Stub.dll
2017-03-15 23:25:37 ----A---- C:\WINDOWS\SYSWOW64\PlayToReceiver.dll
2017-03-15 23:25:37 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2017-03-15 23:25:37 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2017-03-15 23:25:36 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-03-15 23:25:36 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2017-03-15 23:25:36 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2017-03-15 23:25:36 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2017-03-15 23:25:36 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2017-03-15 23:25:36 ----A---- C:\WINDOWS\SYSWOW64\findnetprinters.dll
2017-03-15 23:25:36 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2017-03-15 23:25:35 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSetup.exe
2017-03-15 23:25:35 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2017-03-15 23:25:34 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll
2017-03-15 23:25:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 23:25:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.HostName.dll
2017-03-15 23:25:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2017-03-15 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-15 23:25:29 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2017-03-15 23:25:29 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2017-03-15 23:25:29 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-03-15 23:25:29 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2017-03-15 23:25:28 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-03-15 23:25:28 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2017-03-15 23:25:28 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2017-03-15 23:25:27 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2017-03-15 23:25:27 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiver.dll
2017-03-15 23:25:27 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2017-03-15 23:25:26 ----A---- C:\WINDOWS\SYSWOW64\MFPlay.dll
2017-03-15 23:25:26 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2017-03-15 23:25:26 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-03-15 23:25:26 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-03-15 23:25:25 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-03-15 23:25:25 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-03-15 23:25:25 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2017-03-15 23:25:25 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2017-03-15 23:25:24 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-03-15 23:25:24 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-03-15 23:25:22 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2017-03-15 23:25:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2017-03-15 23:25:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2017-03-15 23:25:22 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2017-03-15 23:25:22 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2017-03-15 23:25:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2017-03-15 23:25:21 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-03-15 23:25:21 ----A---- C:\WINDOWS\SYSWOW64\MCCSEngineShared.dll
2017-03-15 23:25:21 ----A---- C:\WINDOWS\SYSWOW64\DavSyncProvider.dll
2017-03-15 23:25:21 ----A---- C:\WINDOWS\SYSWOW64\accountaccessor.dll
2017-03-15 23:25:20 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-03-15 23:25:20 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2017-03-15 23:25:20 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2017-03-15 23:25:20 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2017-03-15 23:25:20 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2017-03-15 23:25:20 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-03-15 23:25:18 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-03-15 23:25:18 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2017-03-15 23:25:18 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-03-15 23:25:18 ----A---- C:\WINDOWS\SYSWOW64\mbsmsapi.dll
2017-03-15 23:25:18 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-03-15 23:25:18 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2017-03-15 23:25:17 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-03-15 23:25:17 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2017-03-15 23:25:17 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2017-03-15 23:25:17 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2017-03-15 23:25:15 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-03-15 23:25:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2017-03-15 23:25:13 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2017-03-15 23:25:13 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-03-15 23:25:11 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-03-15 23:25:09 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2017-03-15 23:25:08 ----A---- C:\WINDOWS\SYSWOW64\mscms.dll
2017-03-15 23:25:08 ----A---- C:\WINDOWS\SYSWOW64\icm32.dll
2017-03-15 23:25:08 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-03-15 23:25:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-03-15 23:25:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2017-03-15 23:25:01 ----A---- C:\WINDOWS\SYSWOW64\imapi2fs.dll
2017-03-15 23:25:01 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2017-03-15 23:25:01 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-03-15 23:25:00 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-03-15 23:25:00 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-03-15 23:24:59 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2017-03-15 23:24:59 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2017-03-15 23:24:59 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2017-03-15 23:24:58 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-03-15 23:24:58 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-03-15 23:24:58 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-03-15 23:24:58 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2017-03-15 23:24:58 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2017-03-15 23:24:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-03-15 23:24:57 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-03-15 23:24:57 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2017-03-15 23:24:56 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2017-03-15 23:24:56 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-03-15 23:24:56 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2017-03-15 23:24:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-03-15 23:24:55 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-03-15 23:24:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-03-15 23:24:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFiDirect.dll
2017-03-15 23:24:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2017-03-15 23:24:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Usb.dll
2017-03-15 23:24:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Radios.dll
2017-03-15 23:24:54 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-03-15 23:24:54 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2017-03-15 23:24:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2017-03-15 23:24:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.LowLevel.dll
2017-03-15 23:24:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2017-03-15 23:24:53 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2017-03-15 23:24:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.dll
2017-03-15 23:24:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.PointOfService.dll
2017-03-15 23:24:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2017-03-15 23:24:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 23:24:52 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2017-03-15 23:24:51 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2017-03-15 23:24:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SerialCommunication.dll
2017-03-15 23:24:51 ----A---- C:\WINDOWS\SYSWOW64\CryptoWinRT.dll
2017-03-15 23:24:51 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-03-15 23:24:50 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2017-03-15 23:24:50 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2017-03-15 23:24:50 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2017-03-15 23:24:50 ----A---- C:\WINDOWS\SYSWOW64\CameraCaptureUI.dll
2017-03-15 23:24:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.AllJoyn.dll
2017-03-15 23:24:49 ----A---- C:\WINDOWS\SYSWOW64\CloudBackupSettings.dll
2017-03-15 23:24:49 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-03-15 23:24:49 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-03-15 23:24:49 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2017-03-15 23:24:49 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2017-03-15 23:24:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-15 23:24:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2017-03-15 23:24:47 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-03-15 23:24:47 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2017-03-15 23:24:46 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2017-03-15 23:24:46 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2017-03-15 23:24:46 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2017-03-15 23:24:46 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-03-15 23:24:46 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll
2017-03-15 23:24:46 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2017-03-15 23:24:46 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2017-03-15 23:24:45 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2017-03-15 23:16:02 ----A---- C:\WINDOWS\system32\tquery.dll
2017-03-15 23:16:02 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 23:16:02 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 23:16:02 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 23:16:01 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 23:16:01 ----A---- C:\WINDOWS\system32\mssvp.dll
2017-03-15 23:16:01 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-03-15 23:16:01 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-03-15 23:16:01 ----A---- C:\WINDOWS\system32\mssphtb.dll
2017-03-15 23:16:01 ----A---- C:\WINDOWS\system32\mssph.dll
2017-03-15 23:16:01 ----A---- C:\WINDOWS\system32\mssitlb.dll
2017-03-15 23:16:00 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 23:15:59 ----A---- C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 23:15:59 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 23:15:59 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-15 23:15:59 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-15 23:15:59 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 23:15:58 ----A---- C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 23:15:58 ----A---- C:\WINDOWS\system32\wlidprov.dll
2017-03-15 23:15:58 ----A---- C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 23:15:57 ----A---- C:\WINDOWS\system32\XInputUap.dll
2017-03-15 23:15:57 ----A---- C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 23:15:57 ----A---- C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 23:15:57 ----A---- C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 23:15:57 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 23:15:52 ----A---- C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 23:15:50 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 23:15:50 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 23:15:50 ----A---- C:\WINDOWS\system32\AppContracts.dll
2017-03-15 23:15:36 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-03-15 23:15:36 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-03-15 23:15:36 ----A---- C:\WINDOWS\system32\icfupgd.dll
2017-03-15 23:15:13 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 23:15:13 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 23:15:13 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2017-03-15 23:15:12 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-03-15 23:15:08 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 23:14:59 ----A---- C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-15 23:14:59 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-03-15 23:14:58 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 23:14:57 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 23:14:57 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 23:14:56 ----A---- C:\WINDOWS\system32\wwanmm.dll
2017-03-15 23:14:56 ----A---- C:\WINDOWS\system32\wwanconn.dll
2017-03-15 23:14:55 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-03-15 23:14:55 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2017-03-15 23:14:55 ----A---- C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 23:14:54 ----A---- C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 23:14:54 ----A---- C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 23:14:53 ----A---- C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 23:14:53 ----A---- C:\WINDOWS\system32\wsp_health.dll
2017-03-15 23:14:53 ----A---- C:\WINDOWS\system32\mispace.dll
2017-03-15 23:14:51 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 23:14:50 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-15 23:14:49 ----A---- C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 23:14:49 ----A---- C:\WINDOWS\system32\wlanui.dll
2017-03-15 23:14:49 ----A---- C:\WINDOWS\system32\wintrust.dll
2017-03-15 23:14:48 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-03-15 23:14:48 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 23:14:48 ----A---- C:\WINDOWS\system32\ReAgent.dll
2017-03-15 23:14:47 ----A---- C:\WINDOWS\system32\winmde.dll
2017-03-15 23:14:47 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 23:14:47 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 23:14:46 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-03-15 23:14:46 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-03-15 23:14:46 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 23:14:45 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 23:14:45 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 23:14:45 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-03-15 23:14:44 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-03-15 23:14:44 ----A---- C:\WINDOWS\system32\WwaApi.dll
2017-03-15 23:14:44 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 23:14:44 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 23:14:43 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-03-15 23:14:43 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 23:14:41 ----A---- C:\WINDOWS\system32\wups.dll
2017-03-15 23:14:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-03-15 23:14:41 ----A---- C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 23:14:40 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-03-15 23:14:40 ----A---- C:\WINDOWS\system32\wmpmde.dll
2017-03-15 23:14:40 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 23:14:40 ----A---- C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 23:14:39 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 23:14:39 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 23:14:38 ----A---- C:\WINDOWS\system32\VSSVC.exe
2017-03-15 23:14:38 ----A---- C:\WINDOWS\system32\vssapi.dll
2017-03-15 23:14:38 ----A---- C:\WINDOWS\system32\vds.exe
2017-03-15 23:14:38 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 23:14:37 ----A---- C:\WINDOWS\system32\usoapi.dll
2017-03-15 23:14:37 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 23:14:37 ----A---- C:\WINDOWS\system32\usercpl.dll
2017-03-15 23:14:37 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 23:14:37 ----A---- C:\WINDOWS\system32\Pimstore.dll
2017-03-15 23:14:37 ----A---- C:\WINDOWS\system32\DuCsps.dll
2017-03-15 23:14:37 ----A---- C:\WINDOWS\system32\cemapi.dll
2017-03-15 23:14:36 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 23:14:35 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 23:14:35 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 23:14:35 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 23:14:33 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-15 23:14:28 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 23:14:28 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 23:14:27 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 23:14:27 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-15 23:14:27 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 23:14:26 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 23:14:25 ----A---- C:\WINDOWS\system32\usocore.dll
2017-03-15 23:14:25 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-03-15 23:14:24 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-15 23:14:24 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 23:14:24 ----A---- C:\WINDOWS\system32\ubpm.dll
2017-03-15 23:14:24 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 23:14:23 ----A---- C:\WINDOWS\system32\UserDataService.dll
2017-03-15 23:14:21 ----A---- C:\WINDOWS\system32\VCardParser.dll
2017-03-15 23:14:21 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 23:14:21 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 23:14:21 ----A---- C:\WINDOWS\system32\ExSMime.dll
2017-03-15 23:14:21 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-03-15 23:14:20 ----A---- C:\WINDOWS\system32\ChatApis.dll
2017-03-15 23:14:20 ----A---- C:\WINDOWS\system32\EmailApis.dll
2017-03-15 23:14:20 ----A---- C:\WINDOWS\system32\ContactApis.dll
2017-03-15 23:14:20 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 23:14:19 ----A---- C:\WINDOWS\system32\Unistore.dll
2017-03-15 23:14:18 ----A---- C:\WINDOWS\system32\twinui.dll
2017-03-15 23:14:18 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 23:14:17 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 23:14:17 ----A---- C:\WINDOWS\system32\twinapi.dll
2017-03-15 23:14:17 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 23:14:16 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 23:14:16 ----A---- C:\WINDOWS\system32\thumbcache.dll
2017-03-15 23:14:16 ----A---- C:\WINDOWS\system32\themecpl.dll
2017-03-15 23:14:15 ----A---- C:\WINDOWS\system32\netiougc.exe
2017-03-15 23:14:15 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-03-15 23:14:14 ----A---- C:\WINDOWS\system32\netiohlp.dll
2017-03-15 23:14:14 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-03-15 23:14:14 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2017-03-15 23:14:13 ----A---- C:\WINDOWS\system32\tapi32.dll
2017-03-15 23:14:13 ----A---- C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 23:14:12 ----A---- C:\WINDOWS\system32\tabcal.exe
2017-03-15 23:14:11 ----A---- C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 23:14:11 ----A---- C:\WINDOWS\system32\mscandui.dll
2017-03-15 23:14:11 ----A---- C:\WINDOWS\system32\input.dll
2017-03-15 23:14:09 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-03-15 23:14:09 ----A---- C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 23:14:08 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 23:14:07 ----A---- C:\WINDOWS\system32\RADCUI.dll
2017-03-15 23:14:07 ----A---- C:\WINDOWS\system32\msutb.dll
2017-03-15 23:14:07 ----A---- C:\WINDOWS\system32\msctfui.dll
2017-03-15 23:14:07 ----A---- C:\WINDOWS\system32\msctf.dll
2017-03-15 23:14:06 ----A---- C:\WINDOWS\system32\systemreset.exe
2017-03-15 23:14:06 ----A---- C:\WINDOWS\system32\msctfp.dll
2017-03-15 23:14:05 ----A---- C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 23:14:05 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 23:14:05 ----A---- C:\WINDOWS\system32\reseteng.dll
2017-03-15 23:14:04 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 23:14:04 ----A---- C:\WINDOWS\system32\sud.dll
2017-03-15 23:14:03 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 23:14:03 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 23:14:03 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-03-15 23:14:02 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 23:14:01 ----A---- C:\WINDOWS\system32\storagewmi.dll
2017-03-15 23:14:01 ----A---- C:\WINDOWS\system32\stobject.dll
2017-03-15 23:14:01 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 23:13:57 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-03-15 23:13:57 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2017-03-15 23:13:56 ----A---- C:\WINDOWS\system32\scksp.dll
2017-03-15 23:13:56 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-03-15 23:13:56 ----A---- C:\WINDOWS\system32\certprop.dll
2017-03-15 23:13:56 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-03-15 23:13:55 ----A---- C:\WINDOWS\system32\shutdownux.dll
2017-03-15 23:13:55 ----A---- C:\WINDOWS\system32\shell32.dll
2017-03-15 23:13:54 ----A---- C:\WINDOWS\system32\SHCore.dll
2017-03-15 23:13:54 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 23:13:54 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 23:13:53 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 23:13:53 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 23:13:53 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 23:13:53 ----A---- C:\WINDOWS\system32\SettingSync.dll
2017-03-15 23:13:53 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 23:13:53 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 23:13:52 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 23:13:52 ----A---- C:\WINDOWS\system32\vaultcli.dll
2017-03-15 23:13:52 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 23:13:52 ----A---- C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 23:13:52 ----A---- C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 23:13:52 ----A---- C:\WINDOWS\system32\AuthHost.exe
2017-03-15 23:13:51 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 23:13:51 ----A---- C:\WINDOWS\system32\tbauth.dll
2017-03-15 23:13:51 ----A---- C:\WINDOWS\system32\schannel.dll
2017-03-15 23:13:51 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 23:13:50 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 23:13:50 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-03-15 23:13:49 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-03-15 23:13:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-03-15 23:13:48 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-03-15 23:13:48 ----A---- C:\WINDOWS\system32\sdshext.dll
2017-03-15 23:13:48 ----A---- C:\WINDOWS\system32\sdengin2.dll
2017-03-15 23:13:48 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-03-15 23:13:47 ----A---- C:\WINDOWS\system32\spaceman.exe
2017-03-15 23:13:47 ----A---- C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 23:13:47 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 23:13:46 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 23:13:46 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 23:13:46 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-15 23:13:44 ----A---- C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-15 23:13:44 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 23:13:44 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 23:13:44 ----A---- C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 23:13:44 ----A---- C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 23:13:43 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 23:13:43 ----A---- C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 23:13:43 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-03-15 23:13:42 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 23:13:42 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 23:13:42 ----A---- C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 23:13:39 ----A---- C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 23:13:38 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 23:13:38 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 23:13:37 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 23:13:37 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 23:13:37 ----A---- C:\WINDOWS\system32\RelPost.exe
2017-03-15 23:13:36 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 23:13:36 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2017-03-15 23:13:36 ----A---- C:\WINDOWS\regedit.exe
2017-03-15 23:13:35 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-03-15 23:13:35 ----A---- C:\WINDOWS\system32\rasgcw.dll
2017-03-15 23:13:35 ----A---- C:\WINDOWS\system32\mprddm.dll
2017-03-15 23:13:33 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 23:13:33 ----A---- C:\WINDOWS\system32\vpnike.dll
2017-03-15 23:13:33 ----A---- C:\WINDOWS\system32\rascustom.dll
2017-03-15 23:13:32 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-03-15 23:13:31 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 23:13:31 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 23:13:31 ----A---- C:\WINDOWS\system32\spoolsv.exe
2017-03-15 23:13:30 ----A---- C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 23:13:30 ----A---- C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 23:13:29 ----A---- C:\WINDOWS\system32\pnidui.dll
2017-03-15 23:13:29 ----A---- C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 23:13:29 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 23:13:29 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 23:13:28 ----A---- C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-15 23:13:27 ----A---- C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 23:13:27 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2017-03-15 23:13:26 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2017-03-15 23:13:25 ----A---- C:\WINDOWS\system32\wpnapps.dll
2017-03-15 23:13:25 ----A---- C:\WINDOWS\system32\Wpc.dll
2017-03-15 23:13:23 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-03-15 23:13:23 ----A---- C:\WINDOWS\system32\localspl.dll
2017-03-15 23:13:22 ----A---- C:\WINDOWS\system32\wpncore.dll
2017-03-15 23:13:22 ----A---- C:\WINDOWS\system32\WpcMon.exe
2017-03-15 23:13:21 ----A---- C:\WINDOWS\system32\wpninprc.dll
2017-03-15 23:13:21 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 23:13:21 ----A---- C:\WINDOWS\system32\puiobj.dll
2017-03-15 23:13:20 ----A---- C:\WINDOWS\system32\puiapi.dll
2017-03-15 23:13:20 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 23:13:19 ----A---- C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 23:13:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 23:13:18 ----A---- C:\WINDOWS\system32\wlansvc.dll
2017-03-15 23:13:18 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-03-15 23:13:18 ----A---- C:\WINDOWS\system32\wlanapi.dll
2017-03-15 23:13:18 ----A---- C:\WINDOWS\system32\wfdprov.dll
2017-03-15 23:13:18 ----A---- C:\WINDOWS\system32\oleacc.dll
2017-03-15 23:13:17 ----A---- C:\WINDOWS\system32\ntshrui.dll
2017-03-15 23:13:17 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-03-15 23:13:15 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 23:13:14 ----A---- C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 23:13:14 ----A---- C:\WINDOWS\system32\netshell.dll
2017-03-15 23:13:13 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 23:13:13 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2017-03-15 23:13:13 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-03-15 23:13:13 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-03-15 23:13:12 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 23:13:12 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 23:13:12 ----A---- C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 23:13:08 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 23:13:08 ----A---- C:\WINDOWS\system32\msxml6.dll
2017-03-15 23:13:08 ----A---- C:\WINDOWS\system32\msxml3.dll
2017-03-15 23:13:08 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 23:13:08 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 23:13:07 ----A---- C:\WINDOWS\system32\mspaint.exe
2017-03-15 23:13:06 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 23:13:05 ----A---- C:\WINDOWS\system32\msftedit.dll
2017-03-15 23:13:04 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 23:13:04 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 23:13:04 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 23:13:02 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 23:13:02 ----A---- C:\WINDOWS\system32\MFPlay.dll
2017-03-15 23:13:01 ----A---- C:\WINDOWS\system32\mfplat.dll
2017-03-15 23:13:01 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 23:13:01 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 23:13:01 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 23:13:01 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 23:13:01 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 23:13:01 ----A---- C:\WINDOWS\system32\mfds.dll
2017-03-15 23:13:01 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-03-15 23:13:00 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-03-15 23:13:00 ----A---- C:\WINDOWS\system32\wmp.dll
2017-03-15 23:13:00 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 23:12:59 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 23:12:59 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 23:12:59 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 23:12:59 ----A---- C:\WINDOWS\system32\mfsvr.dll
2017-03-15 23:12:59 ----A---- C:\WINDOWS\system32\mf.dll
2017-03-15 23:12:59 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 23:12:58 ----A---- C:\WINDOWS\system32\moshost.dll
2017-03-15 23:12:58 ----A---- C:\WINDOWS\system32\mos.dll
2017-03-15 23:12:58 ----A---- C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 23:12:58 ----A---- C:\WINDOWS\system32\MapsStore.dll
2017-03-15 23:12:58 ----A---- C:\WINDOWS\system32\internetmail.dll
2017-03-15 23:12:58 ----A---- C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 23:12:58 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 23:12:57 ----A---- C:\WINDOWS\system32\MapRouter.dll
2017-03-15 23:12:57 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 23:12:57 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 23:12:55 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-03-15 23:12:55 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-03-15 23:12:52 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-03-15 23:12:50 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-15 23:12:50 ----A---- C:\WINDOWS\system32\FrameServer.dll
2017-03-15 23:12:49 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-03-15 23:12:48 ----A---- C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 23:12:48 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 23:12:48 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 23:12:48 ----A---- C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 23:12:48 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 23:12:46 ----A---- C:\WINDOWS\system32\mmc.exe
2017-03-15 23:12:46 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-03-15 23:12:46 ----A---- C:\WINDOWS\system32\appinfo.dll
2017-03-15 23:12:46 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 23:12:45 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 23:12:45 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 23:12:45 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-03-15 23:12:45 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-03-15 23:12:45 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-03-15 23:12:45 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-03-15 23:12:45 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 23:12:43 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-03-15 23:12:43 ----A---- C:\WINDOWS\system32\drivers\tcpipreg.sys
2017-03-15 23:12:39 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-03-15 23:12:39 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2017-03-15 23:12:39 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2017-03-15 23:12:37 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 23:12:37 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 23:12:37 ----A---- C:\WINDOWS\system32\InputService.dll
2017-03-15 23:12:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-03-15 23:12:31 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-03-15 23:12:30 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 23:12:29 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-03-15 23:12:28 ----A---- C:\WINDOWS\system32\icm32.dll
2017-03-15 23:12:26 ----A---- C:\WINDOWS\system32\wininet.dll
2017-03-15 23:12:25 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-03-15 23:12:20 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 23:12:13 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-03-15 23:12:11 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2017-03-15 23:12:10 ----A---- C:\WINDOWS\system32\hgcpl.dll
2017-03-15 23:12:10 ----A---- C:\WINDOWS\HelpPane.exe
2017-03-15 23:12:09 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 23:12:09 ----A---- C:\WINDOWS\system32\gpsvc.dll
2017-03-15 23:12:09 ----A---- C:\WINDOWS\system32\gpapi.dll
2017-03-15 23:12:08 ----A---- C:\WINDOWS\system32\Geolocation.dll
2017-03-15 23:12:08 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-03-15 23:12:08 ----A---- C:\WINDOWS\system32\gameux.dll
2017-03-15 23:12:08 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 23:12:08 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-03-15 23:12:07 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 23:12:07 ----A---- C:\WINDOWS\system32\fhcfg.dll
2017-03-15 23:12:03 ----A---- C:\WINDOWS\system32\resutils.dll
2017-03-15 23:12:03 ----A---- C:\WINDOWS\system32\clusapi.dll
2017-03-15 23:12:01 ----A---- C:\WINDOWS\system32\uReFS.dll
2017-03-15 23:11:59 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 23:11:59 ----A---- C:\WINDOWS\explorer.exe
2017-03-15 23:11:58 ----A---- C:\WINDOWS\system32\werui.dll
2017-03-15 23:11:58 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-03-15 23:11:58 ----A---- C:\WINDOWS\system32\wer.dll
2017-03-15 23:11:58 ----A---- C:\WINDOWS\system32\evr.dll
2017-03-15 23:11:58 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2017-03-15 23:11:57 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 23:11:56 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 23:11:56 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 23:11:56 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 23:11:55 ----A---- C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 23:11:55 ----A---- C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 23:11:55 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 23:11:54 ----A---- C:\WINDOWS\system32\DXP.dll
2017-03-15 23:11:53 ----A---- C:\WINDOWS\system32\dui70.dll
2017-03-15 23:11:53 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 23:11:53 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-03-15 23:11:52 ----A---- C:\WINDOWS\system32\dxgi.dll
2017-03-15 23:11:52 ----A---- C:\WINDOWS\system32\DMRServer.dll
2017-03-15 23:11:52 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 23:11:51 ----A---- C:\WINDOWS\system32\ddrawex.dll
2017-03-15 23:11:51 ----A---- C:\WINDOWS\system32\ddraw.dll
2017-03-15 23:11:51 ----A---- C:\WINDOWS\system32\d3d11.dll
2017-03-15 23:11:50 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 23:11:50 ----A---- C:\WINDOWS\system32\d3d12SDKLayers.dll
2017-03-15 23:11:49 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-03-15 23:11:49 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-03-15 23:11:48 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 23:11:47 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 23:11:47 ----A---- C:\WINDOWS\system32\quartz.dll
2017-03-15 23:11:47 ----A---- C:\WINDOWS\system32\dialclient.dll
2017-03-15 23:11:46 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 23:11:46 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 23:11:46 ----A---- C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 23:11:46 ----A---- C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 23:11:46 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2017-03-15 23:11:46 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 23:11:45 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 23:11:45 ----A---- C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 23:11:45 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 23:11:45 ----A---- C:\WINDOWS\system32\wdp.dll
2017-03-15 23:11:45 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 23:11:44 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 23:11:44 ----A---- C:\WINDOWS\system32\dcntel.dll
2017-03-15 23:11:43 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 23:11:43 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 23:11:43 ----A---- C:\WINDOWS\system32\dwmcore.dll
2017-03-15 23:11:42 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 23:11:42 ----A---- C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-03-15 23:11:42 ----A---- C:\WINDOWS\system32\uDWM.dll
2017-03-15 23:11:41 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2017-03-15 23:11:40 ----A---- C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 23:11:38 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 23:11:38 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 23:11:37 ----A---- C:\WINDOWS\system32\policymanager.dll
2017-03-15 23:11:36 ----A---- C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 23:11:35 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 23:11:34 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-03-15 23:11:34 ----A---- C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 23:11:34 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 23:11:34 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 23:11:33 ----A---- C:\WINDOWS\system32\WinTypes.dll
2017-03-15 23:11:33 ----A---- C:\WINDOWS\system32\msdtctm.dll
2017-03-15 23:11:33 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-03-15 23:11:33 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-03-15 23:11:32 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2017-03-15 23:11:32 ----A---- C:\WINDOWS\system32\combase.dll
2017-03-15 23:11:32 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 23:11:32 ----A---- C:\WINDOWS\system32\ci.dll
2017-03-15 23:11:30 ----A---- C:\WINDOWS\system32\cdp.dll
2017-03-15 23:11:29 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 23:11:29 ----A---- C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 23:11:15 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 23:11:14 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 23:11:14 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 23:11:12 ----A---- C:\WINDOWS\system32\comsvcs.dll
2017-03-15 23:11:11 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 23:11:10 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 23:11:05 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 23:11:05 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-03-15 23:11:04 ----A---- C:\WINDOWS\system32\bootux.dll
2017-03-15 23:11:03 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 23:11:02 ----A---- C:\WINDOWS\system32\wbengine.exe
2017-03-15 23:11:02 ----A---- C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 23:11:01 ----A---- C:\WINDOWS\system32\winresume.exe
2017-03-15 23:11:00 ----A---- C:\WINDOWS\system32\winload.exe
2017-03-15 23:10:51 ----A---- C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 23:10:47 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 23:10:47 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-03-15 23:10:47 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 23:10:46 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 23:10:46 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 23:10:46 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 23:10:46 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 23:10:45 ----A---- C:\WINDOWS\system32\apprepsync.dll
2017-03-15 23:10:45 ----A---- C:\WINDOWS\system32\apprepapi.dll
2017-03-15 23:10:44 ----A---- C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 23:10:39 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 23:10:37 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 23:10:37 ----A---- C:\WINDOWS\system32\invagent.dll
2017-03-15 23:10:37 ----A---- C:\WINDOWS\system32\devinv.dll
2017-03-15 23:10:37 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-03-15 23:10:36 ----A---- C:\WINDOWS\system32\authui.dll
2017-03-15 23:10:34 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 23:10:33 ----A---- C:\WINDOWS\system32\aepic.dll
2017-03-15 23:10:27 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-03-15 23:10:26 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 23:10:26 ----A---- C:\WINDOWS\system32\ShareHost.dll
2017-03-15 23:10:26 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 23:10:26 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-03-15 23:10:25 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 23:10:25 ----A---- C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-15 23:10:20 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-03-15 23:10:20 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-03-15 23:10:20 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-03-15 23:10:20 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2017-03-15 23:10:20 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2017-03-15 23:10:20 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2017-03-15 23:10:19 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 23:10:19 ----A---- C:\WINDOWS\system32\drivers\IPMIDrv.sys
2017-03-15 23:10:18 ----A---- C:\WINDOWS\system32\icsvcext.dll
2017-03-15 23:09:57 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2017-03-15 23:09:57 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2017-03-15 21:12:54 ----D---- C:\Program Files (x86)\VMware
2017-03-15 20:40:24 ----D---- C:\Users\nimrod\AppData\Roaming\VMware
2017-03-15 20:29:16 ----A---- C:\WINDOWS\system32\drivers\vmkbd.sys
2017-03-15 20:22:15 ----D---- C:\ProgramData\BlueStacksSetup
2017-03-15 20:19:09 ----D---- C:\ProgramData\Apple
2017-03-15 20:19:09 ----AD---- C:\Program Files\Bonjour
2017-03-15 20:19:09 ----AD---- C:\Program Files (x86)\Bonjour
2017-03-15 20:11:41 ----D---- C:\Users\nimrod\AppData\Roaming\Andy
2017-03-15 11:31:44 ----D---- C:\WINDOWS\system32\€ĹÇË°
2017-03-15 11:28:29 ----D---- C:\WINDOWS\system32\p¸wWV
2017-03-15 11:28:29 ----D---- C:\WINDOWS\system32\°ÄGWV
2017-03-15 11:13:33 ----D---- C:\WINDOWS\system32\đĘď)
2017-03-15 11:13:33 ----D---- C:\WINDOWS\system32\`±÷)
2017-03-14 23:39:34 ----D---- C:\WINDOWS\system32\ł
2017-03-14 19:38:16 ----D---- C:\WINDOWS\system32\€°ż˝Ł
2017-03-14 19:33:28 ----D---- C:\WINDOWS\system32\ ąç˝Ł
2017-03-14 19:33:27 ----D---- C:\WINDOWS\system32\€ĘÇ˝Ł
2017-03-14 13:34:48 ----D---- C:\WINDOWS\system32\ Ş˙0‚
2017-03-14 13:34:00 ----D---- C:\WINDOWS\system32\đĂ˙0‚
2017-03-14 11:23:44 ----D---- C:\WINDOWS\system32\pČG'J
2017-03-14 11:23:44 ----D---- C:\WINDOWS\system32\đ¸W'J
2017-03-14 11:19:03 ----D---- C:\WINDOWS\system32\Ŕ·'#®
2017-03-14 03:44:11 ----D---- C:\WINDOWS\system32\ ËŻ6‡
2017-03-14 01:39:55 ----A---- C:\WINDOWS\system32\WebManagement.exe
2017-03-14 01:39:55 ----A---- C:\WINDOWS\system32\SshSftp.exe
2017-03-14 01:39:55 ----A---- C:\WINDOWS\system32\SshSession.exe
2017-03-14 01:39:55 ----A---- C:\WINDOWS\system32\SshProxy.dll
2017-03-14 01:39:55 ----A---- C:\WINDOWS\system32\SshBroker.dll
2017-03-14 00:33:46 ----SD---- C:\WINDOWS\system32\lxss
2017-03-14 00:28:25 ----RSD---- C:\WINDOWS\system32\WindowsDevicePortal
2017-03-14 00:28:25 ----RD---- C:\WINDOWS\WebManagement
2017-03-14 00:28:06 ----A---- C:\WINDOWS\system32\DevToolsLauncher.exe
2017-03-14 00:28:06 ----A---- C:\WINDOWS\system32\DeveloperToolsSvc.exe
2017-03-14 00:28:06 ----A---- C:\WINDOWS\system32\DeveloperTools.ProxyStub.dll
2017-03-14 00:28:06 ----A---- C:\WINDOWS\system32\DeployUtil.exe
2017-03-14 00:28:05 ----A---- C:\WINDOWS\system32\debugregsvcapi.dll
2017-03-14 00:28:05 ----A---- C:\WINDOWS\system32\debugregsvc.dll
2017-03-13 17:45:22 ----D---- C:\WINDOWS\system32\P°ď‘
2017-03-13 14:18:43 ----D---- C:\WINDOWS\system32\0Ä7µm
2017-03-13 13:30:14 ----D---- C:\WINDOWS\system32\p«ź•`
2017-03-13 13:30:10 ----D---- C:\WINDOWS\system32\`ĆŻ•`
2017-03-13 12:21:42 ----D---- C:\WINDOWS\system32\P¶żŞá
2017-03-13 12:21:42 ----D---- C:\WINDOWS\system32\đĂ—Şá
2017-03-13 11:51:31 ----D---- C:\WINDOWS\system32\ŕş·Ń
2017-03-13 11:51:31 ----D---- C:\WINDOWS\system32\ÉŹŃ
2017-03-13 10:22:08 ----D---- C:\WINDOWS\system32\`Äo†
2017-03-12 22:44:55 ----D---- C:\WINDOWS\system32\p«˙ě—
2017-03-12 15:09:53 ----D---- C:\WINDOWS\system32\°·
2017-03-12 12:36:53 ----D---- C:\WINDOWS\system32\ «§,2
2017-03-12 12:31:53 ----D---- C:\WINDOWS\system32\pÄ§,2
2017-03-12 12:31:53 ----D---- C:\WINDOWS\system32\Đ¸Ç,2
2017-03-11 21:12:42 ----D---- C:\WINDOWS\system32\ Č˙áŃ
2017-03-11 19:40:34 ----D---- C:\WINDOWS\system32\`±gňĆ
2017-03-11 19:35:34 ----D---- C:\WINDOWS\system32\°ĘgňĆ
2017-03-11 19:35:34 ----D---- C:\WINDOWS\system32\`łoňĆ
2017-03-11 17:19:52 ----D---- C:\WINDOWS\system32\P˛×…[
2017-03-11 17:15:04 ----D---- C:\WINDOWS\system32\pÉĎ…[
2017-03-11 14:11:56 ----D---- C:\WINDOWS\system32\Ŕ®ź~Z
2017-03-11 13:58:50 ----D---- C:\WINDOWS\system32\ŔÉ—~Z
2017-03-11 13:58:50 ----D---- C:\WINDOWS\system32\P¸Ç~Z
2017-03-11 13:51:40 ----D---- C:\WINDOWS\system32\°şŻÄ!
2017-03-11 12:14:52 ----D---- C:\WINDOWS\system32\ŕşgaş
2017-03-11 12:14:52 ----D---- C:\WINDOWS\system32\ĐÉ_aş
2017-03-11 01:17:46 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2017-03-11 01:17:46 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2017-03-11 01:17:46 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2017-03-11 01:17:46 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2017-03-10 21:24:15 ----D---- C:\WINDOWS\system32\đ®Ż7
2017-03-10 21:19:13 ----D---- C:\WINDOWS\system32\PÉ·7
2017-03-10 21:19:13 ----D---- C:\WINDOWS\system32\€µ×7
2017-03-10 11:46:52 ----D---- C:\WINDOWS\system32\pŻ·ŕŠ
2017-03-10 11:46:52 ----D---- C:\WINDOWS\system32\0ĘÇŕŠ
2017-03-10 10:07:38 ----D---- C:\WINDOWS\system32\PÉ·]ů
2017-03-10 00:55:36 ----D---- C:\WINDOWS\system32\0Çç3ý
2017-03-09 18:18:27 ----D---- C:\WINDOWS\system32\ĐĆ—â®
2017-03-09 17:20:51 ----D---- C:\WINDOWS\Minidump
2017-03-09 11:56:56 ----D---- C:\WINDOWS\system32\đÇ·‚Ľ
2017-03-09 01:03:04 ----D---- C:\WINDOWS\system32\ĘW®Ą
2017-03-08 22:43:47 ----D---- C:\WINDOWS\system32\@É˙Ô›
2017-03-08 16:49:53 ----D---- C:\WINDOWS\system32\Đ¬ç´É
2017-03-08 16:49:52 ----D---- C:\WINDOWS\system32\ ĆĎ´É
2017-03-08 14:42:20 ----D---- C:\WINDOWS\system32\đČß·đ
2017-03-08 14:07:55 ----D---- C:\WINDOWS\system32\­7`2
2017-03-08 13:27:54 ----D---- C:\WINDOWS\system32\ŕĆ7`2
2017-03-08 13:27:54 ----D---- C:\WINDOWS\system32\ ±'`2
2017-03-08 11:48:10 ----D---- C:\WINDOWS\system32\ŔĹ'µµ
2017-03-08 10:20:28 ----D---- C:\WINDOWS\system32\@Çź©
2017-03-07 16:55:05 ----D---- C:\WINDOWS\system32\ŕłĎŔ’
2017-03-07 16:55:05 ----D---- C:\WINDOWS\system32\ÄżŔ’
2017-03-07 16:02:37 ----D---- C:\WINDOWS\system32\ ¸żń-
2017-03-07 15:14:04 ----D---- C:\WINDOWS\system32\@ĆoeT
2017-03-07 15:14:04 ----D---- C:\WINDOWS\system32\@±geT
2017-03-07 11:46:28 ----D---- C:\WINDOWS\system32\˛ßÂĽ
2017-03-07 11:46:27 ----D---- C:\WINDOWS\system32\€ČďÂĽ
2017-03-07 10:46:31 ----D---- C:\WINDOWS\system32\ĐĹ˙b’
2017-03-07 10:25:44 ----D---- C:\WINDOWS\system32\€É_¸3
2017-03-07 10:25:44 ----D---- C:\WINDOWS\system32\`ą‡¸3
2017-03-07 09:43:09 ----D---- C:\WINDOWS\system32\ŔČ˙űJ
2017-03-07 09:43:09 ----D---- C:\WINDOWS\system32\Ŕ®ďűJ
2017-03-07 09:13:12 ----D---- C:\WINDOWS\system32\pČ§Ő~
2017-03-06 20:57:51 ----D---- C:\WINDOWS\Panther
2017-03-06 20:13:56 ----A---- C:\WINDOWS\SYSWOW64\RapidFireServer.dll
2017-03-06 20:13:56 ----A---- C:\WINDOWS\SYSWOW64\Rapidfire.dll
2017-03-06 20:13:56 ----A---- C:\WINDOWS\system32\RapidFireServer64.dll
2017-03-06 20:13:56 ----A---- C:\WINDOWS\system32\Rapidfire64.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\SYSWOW64\GameManager32.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\system32\mantle64.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\system32\GameManager64.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\system32\dgtrayicon.exe
2017-03-06 20:13:54 ----A---- C:\WINDOWS\system32\detoured.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\system32\coinst_16.60.dll
2017-03-06 20:13:54 ----A---- C:\WINDOWS\system32\clinfo.exe
2017-03-06 20:13:54 ----A---- C:\WINDOWS\system32\atisamu64.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2017-03-06 20:13:52 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\system32\atimuixx.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\system32\atimpc64.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\system32\atig6txx.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2017-03-06 20:13:52 ----A---- C:\WINDOWS\system32\atieclxx.exe
2017-03-06 20:13:52 ----A---- C:\WINDOWS\system32\atieah64.exe
2017-03-06 20:13:52 ----A---- C:\WINDOWS\system32\atidxx64.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\system32\atidemgy.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\system32\aticfx64.dll
2017-03-06 20:13:52 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2017-03-06 20:13:50 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\SYSWOW64\amfrt32.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\SYSWOW64\amdvlk32.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\system32\OpenCL.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\system32\ati2erec.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\system32\amfrt64.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\system32\amdxc64.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\system32\amdvlk64.dll
2017-03-06 20:13:50 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2017-03-06 20:13:48 ----A---- C:\WINDOWS\SYSWOW64\amdmcl32.dll
2017-03-06 20:13:48 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll
2017-03-06 20:13:48 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2017-03-06 20:13:48 ----A---- C:\WINDOWS\system32\amdmcl64.dll
2017-03-06 20:13:48 ----A---- C:\WINDOWS\system32\amdlvr64.dll
2017-03-06 20:13:46 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2017-03-06 20:13:46 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2017-03-06 20:13:46 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2017-03-06 20:13:46 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2017-03-06 20:13:46 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2017-03-06 20:13:46 ----A---- C:\WINDOWS\system32\amdave64.dll
2017-03-06 14:17:46 ----D---- C:\WINDOWS\system32\p°ďtŘ
2017-03-06 14:17:44 ----D---- C:\WINDOWS\system32\PČ×tŘ
2017-03-06 13:31:46 ----D---- C:\WINDOWS\system32\p¬‡fF
2017-03-06 13:31:46 ----D---- C:\WINDOWS\system32\Đ¸·fF
2017-03-06 13:11:29 ----D---- C:\WINDOWS\system32\Ŕ¶w!A
2017-03-06 13:11:29 ----D---- C:\WINDOWS\system32\đĹ_!A
2017-03-06 12:11:03 ----D---- C:\WINDOWS\system32\P¶GlÖ
2017-03-06 12:11:03 ----D---- C:\WINDOWS\system32\°Ĺ7lÖ
2017-03-06 11:48:31 ----D---- C:\WINDOWS\system32\P˛—ˇy
2017-03-06 11:48:31 ----D---- C:\WINDOWS\system32\Äżˇy
2017-03-06 00:17:05 ----D---- C:\WINDOWS\system32\ ÄŹf˝
2017-03-05 20:42:14 ----D---- C:\WINDOWS\system32\°±—b#
2017-03-05 20:37:12 ----D---- C:\WINDOWS\system32\0Ćżb#
2017-03-05 20:37:12 ----D---- C:\WINDOWS\system32\°¶Çb#
2017-03-05 20:00:47 ----D---- C:\WINDOWS\system32\PËçqr
2017-03-05 20:00:47 ----D---- C:\WINDOWS\system32\ Şßqr
2017-03-05 17:42:29 ----D---- C:\WINDOWS\system32\pÄG
2017-03-05 15:45:15 ----D---- C:\WINDOWS\system32\«'Ý¤
2017-03-05 15:11:37 ----A---- C:\WINDOWS\system32\drivers\dtliteusbbus.sys
2017-03-05 15:06:03 ----A---- C:\WINDOWS\system32\drivers\dtlitescsibus.sys
2017-03-05 15:05:50 ----D---- C:\Users\nimrod\AppData\Roaming\DAEMON Tools Lite
2017-03-05 15:05:41 ----D---- C:\Program Files\DAEMON Tools Lite
2017-03-05 15:04:56 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-03-05 14:54:39 ----D---- C:\WINDOWS\system32\€Ć'ëň
2017-03-05 13:01:26 ----D---- C:\WINDOWS\system32\p±‡r¬
2017-03-05 12:56:23 ----D---- C:\WINDOWS\system32\ŔĘ‡r¬
2017-03-05 12:56:23 ----D---- C:\WINDOWS\system32\Đ¶Źr¬
2017-03-05 10:36:29 ----D---- C:\WINDOWS\system32\ŕĆ7vť
2017-03-05 10:36:29 ----D---- C:\WINDOWS\system32\ ¸gvť
2017-03-05 09:53:29 ----D---- C:\WINDOWS\system32\ ¬waz
2017-03-05 09:48:28 ----D---- C:\WINDOWS\system32\ŕµ—az
2017-03-05 09:48:28 ----D---- C:\WINDOWS\system32\đĹwaz
2017-03-05 09:04:09 ----D---- C:\WINDOWS\system32\°Ę§Kž
2017-03-04 22:31:15 ----D---- C:\WINDOWS\system32\ŕĘoiŢ
2017-03-04 22:10:30 ----D---- C:\WINDOWS\system32\ ˛żž=
2017-03-04 13:21:42 ----D---- C:\WINDOWS\system32\Ŕ¬·ÉÎ
2017-03-04 13:21:42 ----D---- C:\WINDOWS\system32\@ËżÉÎ
2017-03-04 13:20:19 ----D---- C:\WINDOWS\system32\PŻWwë
2017-03-04 13:15:28 ----D---- C:\WINDOWS\system32\@ČOwë
2017-03-03 19:52:04 ----AD---- C:\Program Files\OpenShot Video Editor
2017-03-03 18:05:19 ----D---- C:\WINDOWS\system32\ĐĹ·’
2017-03-03 16:14:46 ----D---- C:\WINDOWS\system32\ŕŻç8m
2017-03-03 16:14:44 ----D---- C:\WINDOWS\system32\@Ë×8m
2017-03-03 11:46:21 ----D---- C:\WINDOWS\system32\°®Źüô
2017-03-03 11:46:21 ----D---- C:\WINDOWS\system32\€¸żüô
2017-03-03 11:23:34 ----D---- C:\WINDOWS\system32\Ŕł7 4
2017-03-03 11:17:37 ----D---- C:\WINDOWS\system32\ŕł7ëi
2017-03-03 10:34:04 ----D---- C:\WINDOWS\system32\ĐĹ_ľ
2017-03-03 10:34:04 ----D---- C:\WINDOWS\system32\°µŹľ
2017-03-03 00:51:33 ----D---- C:\WINDOWS\system32\ĹżŇß
2017-03-03 00:04:00 ----D---- C:\WINDOWS\system32\PÇ
2017-03-03 00:04:00 ----D---- C:\WINDOWS\system32\pąO+˙
2017-03-02 23:28:46 ----AD---- C:\Program Files\PuTTY
2017-03-02 18:39:14 ----D---- C:\WINDOWS\system32\0ŻŹ[Ż
2017-03-02 18:39:13 ----D---- C:\WINDOWS\system32\pÉź[Ż
2017-03-02 17:56:30 ----D---- C:\WINDOWS\system32\đ¸źE¦
2017-03-02 17:56:30 ----D---- C:\WINDOWS\system32\€Ę—E¦
2017-03-02 17:53:12 ----D---- C:\WINDOWS\system32\PµżgZ
2017-03-02 17:53:12 ----D---- C:\WINDOWS\system32\ĐÉ§gZ
2017-03-02 17:38:31 ----D---- C:\WINDOWS\system32\ŔąßÎ
2017-03-02 17:38:31 ----D---- C:\WINDOWS\system32\đÇŻÎ
2017-03-02 17:33:14 ----D---- C:\WINDOWS\system32\p·Źx‹
2017-03-02 17:33:14 ----D---- C:\WINDOWS\system32\0Ä_x‹
2017-03-02 17:01:28 ----D---- C:\WINDOWS\system32\°ÄżŃ0
2017-03-02 17:01:28 ----D---- C:\WINDOWS\system32\€µçŃ0
2017-03-02 16:58:17 ----D---- C:\WINDOWS\system32\`Ż
2017-03-02 16:58:14 ----D---- C:\WINDOWS\system32\pÄG5Ú
2017-03-02 16:27:57 ----D---- C:\WINDOWS\system32\`ąçJ=
2017-03-02 16:27:57 ----D---- C:\WINDOWS\system32\ ĘĎJ=
2017-03-02 16:17:47 ----D---- C:\WINDOWS\system32\ŕ¶7şY
2017-03-02 16:11:50 ----D---- C:\WINDOWS\system32\pÉ7¤
2017-03-02 16:11:50 ----D---- C:\WINDOWS\system32\şW¤
2017-03-02 15:56:04 ----D---- C:\WINDOWS\system32\PČ7vź
2017-03-02 15:56:04 ----D---- C:\WINDOWS\system32\ µWvź
2017-03-02 15:31:45 ----D---- C:\WINDOWS\system32\pµo‰đ
2017-03-02 15:31:45 ----D---- C:\WINDOWS\system32\ĐËW‰đ
2017-03-02 15:24:15 ----D---- C:\WINDOWS\system32\pË÷öQ
2017-03-02 15:24:15 ----D---- C:\WINDOWS\system32\ ¶'÷Q
2017-03-02 12:14:35 ----D---- C:\WINDOWS\system32\ĐÉ'ÇÇ
2017-03-02 12:14:35 ----D---- C:\WINDOWS\system32\ ·OÇÇ
2017-03-01 21:59:42 ----D---- C:\WINDOWS\system32\`ČĚŇ
2017-03-01 21:59:42 ----D---- C:\WINDOWS\system32\`¸ŹĚŇ
2017-03-01 17:03:54 ----D---- C:\WINDOWS\system32\Ŕ­ů
2017-03-01 17:03:54 ----D---- C:\WINDOWS\system32\ Ĺoů
2017-03-01 14:08:25 ----D---- C:\WINDOWS\system32\pµĎr™
2017-03-01 14:08:25 ----D---- C:\WINDOWS\system32\Ëźr™
2017-03-01 13:28:31 ----D---- C:\WINDOWS\system32\ĐË×gż
2017-03-01 12:01:59 ----D---- C:\WINDOWS\system32\ ­'eÓ
2017-03-01 11:46:32 ----D---- C:\WINDOWS\system32\@ČďąT
2017-03-01 11:44:22 ----D---- C:\WINDOWS\system32\đÉo‡
2017-03-01 11:02:27 ----D---- C:\WINDOWS\system32\Đµ7ZĘ
2017-03-01 10:57:16 ----D---- C:\WINDOWS\system32\P¶Ź(c
2017-03-01 10:57:16 ----D---- C:\WINDOWS\system32\Ä(c
2017-03-01 10:53:41 ----D---- C:\WINDOWS\system32\Ë˙mĎ
2017-03-01 10:53:41 ----D---- C:\WINDOWS\system32\ ·'nĎ
2017-03-01 10:35:30 ----D---- C:\WINDOWS\system32\ĘW5…
2017-03-01 10:35:30 ----D---- C:\WINDOWS\system32\€ą_5…
2017-03-01 10:32:13 ----D---- C:\WINDOWS\system32\€Ĺ÷µb
2017-03-01 00:06:23 ----D---- C:\WINDOWS\system32\đĆgÎĂ
2017-02-28 15:14:40 ----D---- C:\WINDOWS\system32\Ŕ±÷ü¶
2017-02-28 15:09:47 ----D---- C:\WINDOWS\system32\Đ¸˙ü¶
2017-02-28 13:00:42 ----D---- C:\WINDOWS\system32\`­'±ä
2017-02-28 11:45:42 ----D---- C:\WINDOWS\system32\°Ć'±ä
2017-02-28 11:36:34 ----D---- C:\WINDOWS\system32\ĐÄwěś
2017-02-28 11:36:34 ----D---- C:\WINDOWS\system32\Đµěś
2017-02-28 11:16:39 ----D---- C:\WINDOWS\system32\ŔĘ'„×
2017-02-28 11:04:36 ----D---- C:\WINDOWS\system32\Ŕş'ĘŽ
2017-02-28 10:58:43 ----D---- C:\WINDOWS\system32\@Ëo
2017-02-28 10:56:26 ----D---- C:\WINDOWS\system32\pČGÉÜ
2017-02-28 10:56:26 ----D---- C:\WINDOWS\system32\đ¸oÉÜ
2017-02-28 03:08:12 ----D---- C:\WINDOWS\system32\ĐČç x
2017-02-27 22:23:12 ----D---- C:\WINDOWS\system32\đ°oŞ
2017-02-27 22:18:15 ----D---- C:\WINDOWS\system32\P¶—Ş
2017-02-27 22:18:15 ----D---- C:\WINDOWS\system32\ ÇgŞ
2017-02-27 20:25:45 ----D---- C:\WINDOWS\system32\p®wr^
2017-02-27 17:50:43 ----D---- C:\WINDOWS\system32\0Ç‡r^
2017-02-27 13:31:05 ----D---- C:\WINDOWS\system32\Đ±ďíb
2017-02-27 13:31:05 ----D---- C:\WINDOWS\system32\ Ęßíb
2017-02-27 11:03:27 ----D---- C:\WINDOWS\system32\đĂ·Ů
2017-02-27 11:03:27 ----D---- C:\WINDOWS\system32\¶żŮ
2017-02-27 10:50:56 ----D---- C:\WINDOWS\system32\ŕ¶ďîs
2017-02-27 10:50:56 ----D---- C:\WINDOWS\system32\ĐĹçîs
2017-02-27 09:36:00 ----D---- C:\WINDOWS\system32\ŔČ_úŔ
2017-02-27 09:36:00 ----D---- C:\WINDOWS\system32\ °GúŔ
2017-02-26 17:52:47 ----D---- C:\WINDOWS\system32\P¸‡bŽ
2017-02-26 17:52:46 ----D---- C:\WINDOWS\system32\ŕĆ_bŽ
2017-02-26 00:03:44 ----D---- C:\WINDOWS\system32\pÉż˝Đ
2017-02-25 19:05:03 ----D---- C:\WINDOWS\system32\PÉŹôZ
2017-02-25 19:05:03 ----D---- C:\WINDOWS\system32\đ¬‡ôZ
2017-02-25 14:39:13 ----D---- C:\WINDOWS\system32\±ďę—
2017-02-25 14:39:13 ----D---- C:\WINDOWS\system32\ Ćçę—
2017-02-25 12:59:50 ----D---- C:\WINDOWS\system32\pŻ_6Ô
2017-02-25 12:54:53 ----D---- C:\WINDOWS\system32\Đ·‡6Ô
2017-02-25 12:54:53 ----D---- C:\WINDOWS\system32\€Çg6Ô
2017-02-24 20:37:12 ----D---- C:\WINDOWS\system32\ĐŞ÷[Ă
2017-02-24 20:24:10 ----D---- C:\WINDOWS\system32\ Ä÷[Ă
2017-02-24 20:20:29 ----D---- C:\WINDOWS\system32\ŕ¶ÇÝ·
2017-02-24 20:20:28 ----D---- C:\WINDOWS\system32\`Ç—Ý·
2017-02-24 13:28:18 ----D---- C:\WINDOWS\system32\±˙Ťł
2017-02-24 11:41:43 ----D---- C:\WINDOWS\system32\ŕÉŹSí
2017-02-24 11:41:43 ----D---- C:\WINDOWS\system32\€şźSí
2017-02-24 11:30:51 ----D---- C:\WINDOWS\system32\0ĘŹĺś
2017-02-24 11:30:51 ----D---- C:\WINDOWS\system32\`´Żĺś
2017-02-24 11:05:25 ----D---- C:\WINDOWS\system32\0Ćę®
2017-02-24 11:05:25 ----D---- C:\WINDOWS\system32\`´Źę®
2017-02-24 10:50:23 ----D---- C:\WINDOWS\system32\Đş_Ó‡
2017-02-24 10:44:08 ----D---- C:\WINDOWS\system32\ĐĹw±°
2017-02-24 10:44:08 ----D---- C:\WINDOWS\system32\·§±°
2017-02-24 10:39:58 ----D---- C:\WINDOWS\system32\@łç ¶
2017-02-24 10:35:32 ----D---- C:\WINDOWS\system32\ł_ŃT
2017-02-24 10:23:13 ----D---- C:\WINDOWS\system32\Çżňđ
2017-02-23 18:47:58 ----D---- C:\WINDOWS\system32\0ÉĎ3Q
2017-02-23 18:19:08 ----D---- C:\WINDOWS\system32\@Čwňď
2017-02-23 18:19:08 ----D---- C:\WINDOWS\system32\ ±Çňď
2017-02-23 17:15:24 ----D---- C:\WINDOWS\system32\ şŹZ3
2017-02-23 17:15:23 ----D---- C:\WINDOWS\system32\€Ä‡Z3
2017-02-23 16:58:21 ----D---- C:\WINDOWS\system32\ ·'#Í
2017-02-23 13:34:29 ----D---- C:\WINDOWS\system32\P¬ç&Ť
2017-02-23 13:34:29 ----D---- C:\WINDOWS\system32\€Ç÷&Ť
2017-02-23 13:25:42 ----D---- C:\WINDOWS\system32\łgŘ}
2017-02-23 11:53:02 ----D---- C:\WINDOWS\system32\ ÇO•Ť
2017-02-23 04:17:58 ----D---- C:\WINDOWS\system32\ ÉwVÖ
2017-02-22 20:39:56 ----D---- C:\WINDOWS\system32\pÄ˙…ż
2017-02-22 20:39:56 ----D---- C:\WINDOWS\system32\Pµ'†ż
2017-02-22 20:09:41 ----D---- C:\WINDOWS\system32\đ®
2017-02-22 18:46:06 ----D---- C:\WINDOWS\system32\đ®Oś·
2017-02-22 18:46:06 ----D---- C:\WINDOWS\system32\ ÄWś·
2017-02-22 17:57:36 ----D---- C:\WINDOWS\system32\ĆoT;
2017-02-22 17:43:14 ----D---- C:\WINDOWS\system32\ŔĘŻ6K
2017-02-22 17:43:14 ----D---- C:\WINDOWS\system32\¶ß6K
2017-02-22 17:36:51 ----D---- C:\WINDOWS\system32\ĐÉW÷Ř
2017-02-22 17:33:12 ----D---- C:\WINDOWS\system32\đµG—a
2017-02-22 17:30:13 ----D---- C:\WINDOWS\system32\@¸'~•
2017-02-22 17:30:13 ----D---- C:\WINDOWS\system32\ Ę÷}•
2017-02-22 14:36:54 ----D---- C:\WINDOWS\system32\ Ëż˛Ň
2017-02-22 13:34:46 ----D---- C:\WINDOWS\system32\đĂ'µó
2017-02-22 03:02:40 ----D---- C:\WINDOWS\system32\Ć—˝ń
2017-02-22 00:21:40 ----D---- C:\WINDOWS\system32\P±Ouz
2017-02-22 00:16:45 ----D---- C:\WINDOWS\system32\ŔËguz
2017-02-22 00:16:45 ----D---- C:\WINDOWS\system32\€łuz
2017-02-21 13:38:23 ----D---- C:\WINDOWS\system32\0¶çS
2017-02-21 13:37:22 ----D---- C:\WINDOWS\system32\0°OS
2017-02-21 13:37:19 ----D---- C:\WINDOWS\system32\@ÇWS
2017-02-21 12:36:11 ----D---- C:\Users\nimrod\AppData\Roaming\NetBeans
2017-02-21 12:29:13 ----D---- C:\WINDOWS\system32\ŕÇ§aŁ
2017-02-20 22:33:37 ----D---- C:\Program Files\Apache Software Foundation
2017-02-20 22:24:03 ----AD---- C:\Program Files\NetBeans 8.2
2017-02-20 21:38:02 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-02-20 21:34:39 ----D---- C:\Program Files\Java
2017-02-20 10:19:49 ----D---- C:\WINDOWS\system32\@Ĺ·ÜĘ
2017-02-20 03:04:01 ----D---- C:\WINDOWS\system32\°ĆßĹ‡
2017-02-20 01:37:41 ----D---- C:\OPENPUFF
2017-02-19 17:49:57 ----D---- C:\WINDOWS\system32\ Ż'(7
2017-02-19 17:49:54 ----D---- C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ru˛vű
2017-02-19 12:55:15 ----D---- C:\WINDOWS\system32\P±_wý
2017-02-19 12:52:36 ----D---- C:\WINDOWS\system32\€¶wý
2017-02-19 12:52:35 ----D---- C:\WINDOWS\system32\ Ę_wý
2017-02-19 12:40:05 ----D---- C:\AMD
2017-02-18 22:04:07 ----D---- C:\WINDOWS\system32\°ĆŹ{­
2017-02-18 21:38:39 ----D---- C:\WINDOWS\system32\đÉo
2017-02-18 20:55:54 ----D---- C:\WINDOWS\system32\Đ­ŻŮ=
2017-02-18 20:42:51 ----D---- C:\WINDOWS\system32\€ą×Ů=
2017-02-18 20:42:51 ----D---- C:\WINDOWS\system32\ ÇŻŮ=
2017-02-18 20:37:00 ----D---- C:\WINDOWS\system32\pËGDŕ
2017-02-18 20:37:00 ----D---- C:\WINDOWS\system32\€ąWDŕ
2017-02-18 20:27:58 ----D---- C:\WINDOWS\system32\0Ę—ÉZ
2017-02-18 13:42:38 ----D---- C:\WINDOWS\system32\ŔÄÇ$ĺ
2017-02-18 12:55:13 ----D---- C:\WINDOWS\system32\°ÉÇĎ±
2017-02-18 12:55:13 ----D---- C:\WINDOWS\system32\@°§Ď±
2017-02-18 12:49:46 ----D---- C:\WINDOWS\system32\ŔÉ˙źž
2017-02-18 12:49:46 ----D---- C:\WINDOWS\system32\€¸' ž
2017-02-18 12:39:05 ----D---- C:\WINDOWS\system32\0Čg‚(
2017-02-18 12:39:05 ----D---- C:\WINDOWS\system32\ ¸‡‚(
2017-02-18 11:55:18 ----D---- C:\WINDOWS\system32\ŕÉçsô
2017-02-18 11:55:18 ----D---- C:\WINDOWS\system32\ŕ°×sô
2017-02-18 11:52:21 ----D---- C:\WINDOWS\system32\PĘ‡QŮ
2017-02-18 07:45:54 ----D---- C:\WINDOWS\system32\Ę'Ă›
2017-02-18 07:32:24 ----D---- C:\WINDOWS\system32\ ČOË›
2017-02-18 00:00:43 ----D---- C:\WINDOWS\system32\płź§)
2017-02-18 00:00:43 ----D---- C:\WINDOWS\system32\`Ę§)
2017-02-17 17:19:28 ----D---- C:\WINDOWS\system32\Ĺ‡â]
2017-02-17 15:41:31 ----D---- C:\WINDOWS\system32\ŕşď§!
2017-02-17 15:41:30 ----D---- C:\WINDOWS\system32\`Ĺç§!
2017-02-17 15:10:21 ----D---- C:\WINDOWS\system32\pşď ˙
2017-02-17 15:10:21 ----D---- C:\WINDOWS\system32\`Äç ˙
2017-02-17 14:16:09 ----D---- C:\WINDOWS\system32\`¬Ç@Ő
2017-02-17 14:11:08 ----D---- C:\WINDOWS\system32\°ĆĎ@Ő
2017-02-17 14:11:08 ----D---- C:\WINDOWS\system32\°¶÷@Ő
2017-02-17 11:49:30 ----D---- C:\WINDOWS\system32\ŕłOź+
2017-02-17 11:49:30 ----D---- C:\WINDOWS\system32\°Č'ź+
2017-02-17 10:56:52 ----D---- C:\WINDOWS\system32\µŹt™
2017-02-17 10:56:52 ----D---- C:\WINDOWS\system32\@Ćot™
2017-02-17 08:22:13 ----D---- C:\WINDOWS\system32\`Ćg’C
2017-02-17 07:40:36 ----D---- C:\WINDOWS\system32\ ±OĎ­
2017-02-17 07:27:33 ----D---- C:\WINDOWS\system32\É_Ď­
2017-02-17 06:55:28 ----D---- C:\WINDOWS\system32\Đ«o¤g
2017-02-17 06:55:28 ----D---- C:\WINDOWS\system32\@É¤g
2017-02-17 06:52:38 ----D---- C:\WINDOWS\system32\ ËßŽ«
2017-02-16 20:55:25 ----D---- C:\WINDOWS\system32\`ÇÇúč
2017-02-16 20:37:24 ----D---- C:\WINDOWS\system32\ ĆÇ»!
2017-02-16 20:23:09 ----D---- C:\WINDOWS\system32\ŔĹ‡ľÎ
2017-02-16 07:41:32 ----D---- C:\WINDOWS\system32\ ®˙łá
2017-02-16 07:28:31 ----D---- C:\WINDOWS\system32\Ę'´á
2017-02-16 07:28:31 ----D---- C:\WINDOWS\system32\`ş
2017-02-16 06:51:06 ----D---- C:\WINDOWS\system32\ŕł÷˛X
2017-02-16 06:36:12 ----D---- C:\WINDOWS\system32\đĘo•˘
2017-02-16 06:36:12 ----D---- C:\WINDOWS\system32\`ł—•˘
2017-02-16 06:31:02 ----D---- C:\WINDOWS\system32\pČźˇ]
2017-02-15 15:38:51 ----D---- C:\WINDOWS\system32\Ŕ­ßß
2017-02-15 15:38:50 ----D---- C:\WINDOWS\system32\ Ę÷ß
2017-02-15 03:14:12 ----D---- C:\WINDOWS\system32\ŕÇ÷ěL
2017-02-14 19:45:44 ----D---- C:\WINDOWS\system32\ŔÉ‡ÎÝ
2017-02-14 19:45:44 ----D---- C:\WINDOWS\system32\şźÎÝ
2017-02-14 15:15:09 ----D---- C:\WINDOWS\system32\€¬źý$
2017-02-14 15:14:27 ----D---- C:\WINDOWS\system32\ĐĹźý$
2017-02-14 15:14:27 ----D---- C:\WINDOWS\system32\đ´·ý$
2017-02-14 14:36:09 ----D---- C:\WINDOWS\system32\PČ˙]7
2017-02-13 19:07:16 ----D---- C:\WINDOWS\system32\@¶'Ů
2017-02-13 17:53:03 ----D---- C:\WINDOWS\system32\€«7¨Ú
2017-02-13 17:48:03 ----D---- C:\WINDOWS\system32\ŕł_¨Ú
2017-02-13 17:22:33 ----D---- C:\WINDOWS\system32\`ĘGĺă
2017-02-13 02:21:50 ----D---- C:\WINDOWS\system32\0ÄÇuŽ
2017-02-12 20:09:47 ----D---- C:\WINDOWS\system32\0Ć×;ŕ
2017-02-12 20:09:47 ----D---- C:\WINDOWS\system32\ ®Ď;ŕ
2017-02-12 19:03:46 ----D---- C:\Users\nimrod\AppData\Roaming\Blender Foundation
2017-02-12 18:49:32 ----D---- C:\Program Files\Blender Foundation
2017-02-12 13:54:11 ----D---- C:\WINDOWS\system32\`¸ßó`
2017-02-12 13:54:10 ----D---- C:\WINDOWS\system32\`ĆŻó`
2017-02-11 20:15:28 ----D---- C:\WINDOWS\system32\°ÇoĎG
2017-02-11 13:56:10 ----D---- C:\WINDOWS\system32\đ«Ď–
2017-02-11 13:31:50 ----D---- C:\WINDOWS\system32\ ĆÇÔŰ
2017-02-11 03:31:00 ----D---- C:\WINDOWS\system32\@Čßśk
2017-02-10 16:53:44 ----D---- C:\WINDOWS\system32\PČGČí
2017-02-10 16:53:44 ----D---- C:\WINDOWS\system32\ °'Čí
2017-02-10 02:15:58 ----D---- C:\WINDOWS\system32\PĆ
2017-02-09 23:04:08 ----D---- C:\WINDOWS\system32\É§Î
2017-02-09 23:04:08 ----D---- C:\WINDOWS\system32\°Ş‡Î
2017-02-09 02:55:22 ----D---- C:\WINDOWS\system32\ ÇĎá‹
2017-02-08 20:51:55 ----D---- C:\WINDOWS\system32\€­7ÍK
2017-02-08 20:46:54 ----D---- C:\WINDOWS\system32\ĐĆ7ÍK
2017-02-08 12:55:49 ----D---- C:\WINDOWS\system32\ĐŻ·
2017-02-08 12:53:24 ----D---- C:\WINDOWS\system32\ ąß
2017-02-08 12:53:23 ----D---- C:\WINDOWS\system32\ É·
2017-02-08 02:09:57 ----D---- C:\WINDOWS\system32\ĐËG…Š
2017-02-07 18:29:40 ----D---- C:\WINDOWS\system32\ ¸'¬r
2017-02-07 16:54:37 ----D---- C:\WINDOWS\system32\˙˙˙˙˙˙˙˙ruiŕű
2017-02-06 23:02:46 ----D---- C:\WINDOWS\system32\PČ÷
2017-02-05 23:00:19 ----D---- C:\WINDOWS\system32\€Ëďž-
2017-02-05 20:53:58 ----D---- C:\WINDOWS\system32\ŕÇ˙”Ű
2017-02-05 15:11:46 ----D---- C:\WINDOWS\system32\°Č_=E
2017-02-05 02:47:39 ----D---- C:\WINDOWS\system32\`ËŻ!÷
2017-02-04 20:59:24 ----D---- C:\Program Files (x86)\CUE Sheet Generator
2017-02-04 18:44:26 ----D---- C:\WINDOWS\system32\0·gŇf
2017-02-04 14:53:25 ----D---- C:\WINDOWS\system32\¬żŢ˝
2017-02-04 14:48:25 ----D---- C:\WINDOWS\system32\ŕĹżŢ˝
2017-02-04 14:48:25 ----D---- C:\WINDOWS\system32\ ´ÇŢ˝
2017-02-04 00:28:41 ----D---- C:\WINDOWS\system32\°Ë·›!
2017-02-03 17:24:18 ----D---- C:\WINDOWS\system32\ĐĘ'zJ
2017-02-02 16:41:44 ----D---- C:\WINDOWS\system32\p°‡©ü
2017-02-02 02:32:31 ----D---- C:\WINDOWS\system32\PĹ'S
2017-02-01 19:15:58 ----D---- C:\WINDOWS\system32\`¬×Ěě
2017-02-01 19:11:00 ----D---- C:\WINDOWS\system32\°Ĺ×Ěě
2017-02-01 19:11:00 ----D---- C:\WINDOWS\system32\ ą÷Ěě
2017-02-01 18:49:56 ----D---- C:\Users\nimrod\AppData\Roaming\java
2017-02-01 15:00:20 ----D---- C:\WINDOWS\system32\đ®Wwň
2017-02-01 15:00:20 ----D---- C:\WINDOWS\system32\Ĺ_wň
2017-02-01 12:54:01 ----D---- C:\WINDOWS\system32\`Ë—ýč
2017-02-01 01:47:36 ----D---- C:\WINDOWS\system32\ŔË×`,
2017-01-31 16:47:31 ----D---- C:\Users\nimrod\AppData\Roaming\Sun
2017-01-31 16:46:55 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2017-01-31 16:46:21 ----D---- C:\ProgramData\Oracle
2017-01-31 16:24:42 ----D---- C:\Users\nimrod\AppData\Roaming\.minecraft
2017-01-31 14:21:14 ----D---- C:\WINDOWS\system32\`Ćź#×
2017-01-30 19:31:41 ----D---- C:\WINDOWS\system32\`¶Ou
2017-01-30 17:17:17 ----D---- C:\WINDOWS\system32\°Ä7rś
2017-01-28 14:46:03 ----D---- C:\WINDOWS\system32\ŔČO,Ú
2017-01-28 14:46:03 ----D---- C:\WINDOWS\system32\p°W,Ú
2017-01-28 14:29:53 ----D---- C:\WINDOWS\system32\pÄÚÂ
2017-01-28 01:15:27 ----D---- C:\WINDOWS\system32\ĐÉĎ……
2017-01-27 14:32:03 ----D---- C:\WINDOWS\system32\ŕĆ·7˙
2017-01-27 14:32:03 ----D---- C:\WINDOWS\system32\0®Ç7˙
2017-01-27 14:15:11 ----D---- C:\WINDOWS\system32\ Čwqn
2017-01-26 22:50:41 ----D---- C:\WINDOWS\system32\0®‡M]
2017-01-26 22:45:43 ----D---- C:\WINDOWS\system32\°´·M]
2017-01-26 15:02:50 ----D---- C:\Users\nimrod\AppData\Roaming\GHISLER
2017-01-26 15:02:50 ----D---- C:\totalcmd
2017-01-26 14:49:29 ----D---- C:\WINDOWS\system32\°­WM2
2017-01-26 14:44:30 ----D---- C:\WINDOWS\system32\pÉOM2
2017-01-26 14:44:30 ----D---- C:\WINDOWS\system32\€şM2
2017-01-26 01:30:04 ----D---- C:\WINDOWS\system32\ ĘoÎ·
2017-01-25 22:34:45 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2017-01-25 22:34:45 ----A---- C:\WINDOWS\system32\poqexec.exe
2017-01-25 18:53:46 ----D---- C:\WINDOWS\system32\p·W~Š
2017-01-25 18:53:45 ----D---- C:\WINDOWS\system32\đĘG~Š
2017-01-25 13:24:45 ----D---- C:\WINDOWS\system32\p­§ăµ
2017-01-25 13:22:51 ----D---- C:\WINDOWS\system32\Ŕą×ăµ
2017-01-25 12:59:23 ----D---- C:\WINDOWS\system32\ŕĘ—hm
2017-01-25 00:29:56 ----D---- C:\Users\nimrod\AppData\Roaming\JetBrains
2017-01-24 12:41:42 ----D---- C:\WINDOWS\system32\Ćwśg
2017-01-24 01:39:15 ----D---- C:\WINDOWS\system32\@ÇŻť­
2017-01-23 21:10:26 ----D---- C:\WINDOWS\system32\ ČĎńU
2017-01-23 00:39:41 ----D---- C:\WINDOWS\system32\ ÉżQă
2017-01-22 20:11:45 ----D---- C:\WINDOWS\system32\€µŹVň
2017-01-22 20:11:45 ----D---- C:\WINDOWS\system32\`ĘwVň
2017-01-22 13:14:29 ----D---- C:\WINDOWS\system32\đ·
2017-01-21 23:24:35 ----D---- C:\WINDOWS\system32\ŔČ
2017-01-21 14:25:45 ----D---- C:\WINDOWS\system32\`ĘÇ5Ń
2017-01-19 13:39:55 ----D---- C:\WINDOWS\system32\pÇÇnX
2017-01-19 03:03:44 ----D---- C:\WINDOWS\system32\€ĆĎ!‚
2017-01-18 23:52:34 ----D---- C:\Program Files (x86)\Steam
2017-01-18 22:38:39 ----D---- C:\WINDOWS\system32\ ĘŻă[
2017-01-18 22:27:50 ----D---- C:\WINDOWS\system32\`ËCÜ
2017-01-18 22:13:32 ----D---- C:\WINDOWS\system32\ĐşO˛Ó
2017-01-18 22:13:31 ----D---- C:\WINDOWS\system32\ŔËG˛Ó
2017-01-18 17:01:23 ----D---- C:\WINDOWS\system32\ĐŞ
2017-01-18 16:56:20 ----D---- C:\WINDOWS\system32\ Ä
2017-01-18 15:53:02 ----D---- C:\WINDOWS\system32\ĐĆ÷c
2017-01-17 14:34:42 ----D---- C:\WINDOWS\system32\pČgh¦
2017-01-17 02:13:31 ----D---- C:\WINDOWS\system32\@Ëço1
2017-01-16 17:19:59 ----D---- C:\Users\nimrod\AppData\Roaming\vlc
2017-01-16 16:45:18 ----D---- C:\WINDOWS\system32\`Ć'Úx
2017-01-16 13:51:21 ----D---- C:\WINDOWS\system32\Đ°7Ęe
2017-01-15 21:20:24 ----D---- C:\WINDOWS\system32\P¬Ż•S
2017-01-15 21:15:24 ----D---- C:\WINDOWS\system32\Đ·o•S
2017-01-15 21:15:24 ----D---- C:\WINDOWS\system32\°Ç'•S
2017-01-14 22:22:26 ----D---- C:\WINDOWS\system32\P¶Ď·J
2017-01-14 22:22:25 ----D---- C:\WINDOWS\system32\ĐĘ§·J
2017-01-14 20:33:08 ----A---- C:\WINDOWS\SYSWOW64\budfrogs.scr
2017-01-14 20:20:08 ----D---- C:\Users\nimrod\AppData\Roaming\IcoFX
2017-01-14 20:17:22 ----D---- C:\Program Files (x86)\AniFX 1.0
2017-01-14 20:17:13 ----D---- C:\Program Files (x86)\IcoFX 1.6
2017-01-14 18:32:01 ----D---- C:\WINDOWS\system32\ ±˙0–
2017-01-14 18:26:58 ----D---- C:\WINDOWS\system32\PÇ71–
2017-01-14 16:56:48 ----D---- C:\WINDOWS\system32\p˛OÝŢ
2017-01-14 16:56:48 ----D---- C:\WINDOWS\system32\`ĘgÝŢ
2017-01-14 15:22:29 ----D---- C:\Users\nimrod\AppData\Roaming\GitHub
2017-01-14 13:03:45 ----D---- C:\WINDOWS\system32\đşźöc
2017-01-14 13:03:45 ----D---- C:\WINDOWS\system32\ĐÉoöc
2017-01-14 12:13:08 ----D---- C:\WINDOWS\system32\€Ş‡!
2017-01-14 12:08:11 ----D---- C:\WINDOWS\system32\€ł
2017-01-14 12:08:10 ----D---- C:\WINDOWS\system32\0Ç˙†!
2017-01-13 15:16:22 ----D---- C:\WINDOWS\system32\°®ß.µ
2017-01-13 15:16:22 ----D---- C:\WINDOWS\system32\`Ë˙.µ
2017-01-13 13:41:43 ----D---- C:\WINDOWS\system32\0Ä;ć
2017-01-12 13:44:35 ----D---- C:\WINDOWS\system32\@Č‡×c
2017-01-12 00:58:42 ----D---- C:\WINDOWS\system32\ĐÉ
2017-01-11 22:20:34 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-01-11 22:20:34 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-01-11 22:20:34 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-01-11 22:20:34 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-01-11 22:20:31 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-01-11 22:20:26 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-01-11 22:20:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2017-01-11 22:20:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2017-01-11 22:20:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 22:20:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2017-01-11 22:20:25 ----A---- C:\WINDOWS\system32\D3D12.dll
2017-01-11 22:20:24 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-01-11 22:20:24 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-01-11 22:20:24 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-01-11 22:20:22 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-01-11 22:20:21 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2017-01-11 22:20:16 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-01-11 22:20:16 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-01-11 22:20:16 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-01-11 22:20:15 ----A---- C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 22:20:14 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2017-01-11 22:20:14 ----A---- C:\WINDOWS\system32\wow64.dll
2017-01-11 22:20:14 ----A---- C:\WINDOWS\system32\WinSCard.dll
2017-01-11 22:20:14 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-01-11 22:20:13 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2017-01-11 22:20:13 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 22:20:12 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2017-01-11 22:19:37 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 22:19:37 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 22:19:36 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-01-11 22:19:35 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2017-01-11 22:19:34 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2017-01-11 22:19:34 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-01-11 22:19:33 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 22:19:32 ----A---- C:\WINDOWS\system32\win32k.sys
2017-01-11 22:19:31 ----A---- C:\WINDOWS\system32\SRH.dll
2017-01-11 22:19:30 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 22:19:29 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-01-11 22:19:29 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-01-11 22:19:29 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-01-11 22:19:29 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 22:19:29 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-01-11 22:19:29 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 22:19:29 ----A---- C:\WINDOWS\system32\aclui.dll
2017-01-11 22:19:28 ----A---- C:\WINDOWS\system32\ClipUp.exe
2017-01-11 22:19:27 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 22:19:27 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 22:19:27 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 22:19:26 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 22:19:25 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 22:19:25 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 22:19:24 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 22:19:24 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-01-11 22:19:23 ----A---- C:\WINDOWS\system32\cloudAP.dll
2017-01-11 22:19:22 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 22:19:22 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 22:19:20 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-01-11 22:19:20 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-01-11 22:18:57 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-01-11 22:18:55 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 22:18:54 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-01-11 22:18:52 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-01-11 22:18:52 ----A---- C:\WINDOWS\SYSWOW64\DXCpl.exe
2017-01-11 22:18:52 ----A---- C:\WINDOWS\system32\DXCpl.exe
2017-01-11 22:18:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 22:18:51 ----A---- C:\WINDOWS\system32\provengine.dll
2017-01-11 22:18:50 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2017-01-11 22:18:50 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 22:18:50 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 22:18:50 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 17:02:27 ----D---- C:\WINDOWS\system32\Đ±
2017-01-11 14:26:49 ----D---- C:\WINDOWS\system32\ĐĆŹűe
2017-01-11 14:26:49 ----D---- C:\WINDOWS\system32\đ«Wűe
2017-01-11 13:15:12 ----D---- C:\WINDOWS\system32\ĐĆGâÄ
2017-01-10 15:46:18 ----D---- C:\WINDOWS\system32\p±ÇÝÇ
2017-01-10 15:31:20 ----D---- C:\WINDOWS\system32\đ·'Ýx
2017-01-10 13:29:57 ----D---- C:\WINDOWS\system32\ «7ź©
2017-01-10 13:13:47 ----D---- C:\WINDOWS\system32\ĐşöÎ
2017-01-10 11:04:24 ----D---- C:\WINDOWS\system32\pÉżY
2017-01-10 11:04:24 ----D---- C:\WINDOWS\system32\đŞ§Y
2017-01-09 15:25:25 ----D---- C:\WINDOWS\system32\PÄ—ŰŃ
2017-01-09 15:25:25 ----D---- C:\WINDOWS\system32\ ´ĎŰŃ
2017-01-09 13:32:22 ----D---- C:\WINDOWS\system32\@Żç'A
2017-01-09 08:08:43 ----D---- C:\WINDOWS\system32\ŕÇ7˛ü
2017-01-08 22:50:11 ----D---- C:\WINDOWS\system32\0ĘWcT
2017-01-08 18:03:58 ----D---- C:\WINDOWS\system32\ şGŽň
2017-01-08 17:46:37 ----A---- C:\WINDOWS\SYSWOW64\rlls.dll
2017-01-08 17:46:37 ----A---- C:\WINDOWS\system32\rlls64.dll
2017-01-08 17:02:03 ----D---- C:\Users\nimrod\AppData\Roaming\Free Media Converter
2017-01-08 16:34:18 ----D---- C:\WINDOWS\system32\ĐŻ'4¦
2017-01-08 16:29:20 ----D---- C:\WINDOWS\system32\ŔÇ74¦
2017-01-08 16:29:20 ----D---- C:\WINDOWS\system32\pµ_4¦
2017-01-08 13:20:23 ----D---- C:\WINDOWS\system32\€¬WĄ
2017-01-08 11:53:40 ----D---- C:\WINDOWS\system32\@®'Qa
2017-01-08 11:08:45 ----D---- C:\WINDOWS\system32\`Ĺçt™
2017-01-07 16:12:46 ----D---- C:\WINDOWS\system32\đĹÇMä
2017-01-07 16:12:46 ----D---- C:\WINDOWS\system32\@®ßMä
2017-01-07 15:34:48 ----D---- C:\WINDOWS\system32\ ¬_Eó
2017-01-07 15:34:47 ----D---- C:\WINDOWS\system32\ŔÇwEó
2017-01-07 13:18:25 ----D---- C:\WINDOWS\system32\0®÷+T
2017-01-07 08:53:55 ----D---- C:\WINDOWS\system32\@®·dř
2017-01-07 08:53:54 ----D---- C:\WINDOWS\system32\ ĘŻdř
2017-01-07 00:48:54 ----D---- C:\WINDOWS\system32\pĆwXă
2017-01-07 00:09:10 ----D---- C:\WINDOWS\system32\PĆĎwµ
2017-01-07 00:09:10 ----D---- C:\WINDOWS\system32\ ¬·wµ
2017-01-06 14:15:43 ----D---- C:\WINDOWS\system32\ ®Ç
2017-01-06 14:15:41 ----D---- C:\WINDOWS\system32\ŕÉż
2017-01-06 14:03:17 ----D---- C:\WINDOWS\system32\P¬_rë
2017-01-06 12:57:55 ----D---- C:\WINDOWS\system32\ŕĆçOM
2017-01-06 00:09:33 ----D---- C:\WINDOWS\system32\0ÇOí
2017-01-04 20:33:37 ----D---- C:\WINDOWS\system32\@°'Ú•
2017-01-04 18:47:56 ----D---- C:\WINDOWS\system32\ĐË
2017-01-04 16:55:43 ----D---- C:\WINDOWS\system32\ĐŻG#Ó
2017-01-04 16:55:43 ----D---- C:\WINDOWS\system32\`Ë
2017-01-04 16:02:19 ----D---- C:\WINDOWS\system32\ ° I
2017-01-04 14:57:08 ----D---- C:\WINDOWS\system32\@±w„&
2017-01-04 14:57:07 ----D---- C:\WINDOWS\system32\€ÇŹ„&
2017-01-02 08:09:16 ----D---- C:\WINDOWS\system32\@Čgő…
2017-01-01 21:09:04 ----D---- C:\WINDOWS\system32\°Ç_
2017-01-01 16:31:38 ----D---- C:\WINDOWS\system32\ĐČos`
2017-01-01 14:45:21 ----D---- C:\WINDOWS\system32\P«'u
2017-01-01 14:40:20 ----D---- C:\WINDOWS\system32\Đ·_u
2017-01-01 14:40:19 ----D---- C:\WINDOWS\system32\pË
2017-01-01 14:01:30 ----D---- C:\WINDOWS\system32\ŔşO l
2017-01-01 14:01:30 ----D---- C:\WINDOWS\system32\@Č' l
2017-01-01 12:55:18 ----D---- C:\WINDOWS\system32\ŕ®'7'
2016-12-31 21:12:23 ----D---- C:\WINDOWS\system32\0ĆgĎŞ
2016-12-31 15:02:56 ----D---- C:\WINDOWS\system32\`®Ż¤G
2016-12-31 10:17:41 ----D---- C:\WINDOWS\system32\0Ĺ'¤¶
2016-12-31 10:17:41 ----D---- C:\WINDOWS\system32\`«
2016-12-31 09:51:03 ----D---- C:\WINDOWS\system32\`ĆWŤl
2016-12-30 23:33:10 ----D---- C:\WINDOWS\system32\Ęźů~
2016-12-30 13:32:53 ----D---- C:\WINDOWS\system32\Ŕ¶
2016-12-30 12:24:47 ----D---- C:\WINDOWS\system32\đ·G’
2016-12-30 08:39:49 ----D---- C:\WINDOWS\system32\ŕ®żéŮ
2016-12-30 08:28:44 ----D---- C:\WINDOWS\system32\PĘĎéŮ
2016-12-30 08:28:44 ----D---- C:\WINDOWS\system32\ ą˙éŮ
2016-12-29 18:41:30 ----D---- C:\WINDOWS\system32\pµß=Č
2016-12-29 18:41:30 ----D---- C:\WINDOWS\system32\ĹŻ=Č
2016-12-29 13:42:39 ----D---- C:\WINDOWS\system32\°ŻWĄ
2016-12-29 13:42:39 ----D---- C:\WINDOWS\system32\`ÇgĄ
2016-12-29 11:44:50 ----D---- C:\WINDOWS\system32\ŔÄ'pí
2016-12-29 11:44:50 ----D---- C:\WINDOWS\system32\`´_pí
2016-12-29 11:26:31 ----D---- C:\WINDOWS\system32\ŕĆŻďĎ
2016-12-29 08:07:32 ----D---- C:\WINDOWS\system32\@Ë×ąô
2016-12-29 07:56:43 ----D---- C:\WINDOWS\system32\Ŕ´żNa
2016-12-29 07:18:55 ----D---- C:\WINDOWS\system32\°¸O,[
2016-12-29 07:18:54 ----D---- C:\WINDOWS\system32\`Ę
2016-12-29 06:55:09 ----D---- C:\WINDOWS\system32\ĐĘ˙N}
2016-12-29 06:51:59 ----D---- C:\WINDOWS\system32\€Ĺďh0
2016-12-28 21:14:01 ----D---- C:\WINDOWS\system32\PĘo˝ř
2016-12-28 19:06:36 ----D---- C:\WINDOWS\system32\0±
2016-12-28 17:52:57 ----D---- C:\WINDOWS\system32\đµĎ±„
2016-12-28 17:52:57 ----D---- C:\WINDOWS\system32\°ĹŻ±„
2016-12-28 13:18:13 ----D---- C:\WINDOWS\system32\ŔË—Xű
2016-12-28 13:18:13 ----D---- C:\WINDOWS\system32\@°§Xű
2016-12-28 10:33:15 ----D---- C:\WINDOWS\system32\€«ÇÓ{
2016-12-28 10:28:13 ----D---- C:\WINDOWS\system32\đÉĎÓ{
2016-12-28 10:28:13 ----D---- C:\WINDOWS\system32\€ą˙Ó{
2016-12-28 08:24:34 ----D---- C:\WINDOWS\system32\pŻWđí
2016-12-28 08:24:34 ----D---- C:\WINDOWS\system32\`ĆOđí
2016-12-28 06:52:21 ----D---- C:\WINDOWS\system32\ŔĹ§•ţ

======List of files/folders modified in the last 3 months======

2017-03-27 12:44:23 ----RD---- C:\Program Files
2017-03-27 12:44:21 ----D---- C:\WINDOWS\Temp
2017-03-27 12:44:20 ----D---- C:\WINDOWS\Prefetch
2017-03-27 12:39:46 ----D---- C:\ProgramData\MFAData
2017-03-27 12:38:22 ----D---- C:\WINDOWS\system32\sru
2017-03-27 12:35:28 ----D---- C:\WINDOWS\System32
2017-03-26 19:29:40 ----D---- C:\WINDOWS\system32\SleepStudy
2017-03-26 17:25:38 ----D---- C:\Users\nimrod\AppData\Roaming\inkscape
2017-03-26 13:04:44 ----D---- C:\WINDOWS\AppReadiness
2017-03-26 11:34:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-26 11:26:14 ----D---- C:\Windows
2017-03-26 10:54:00 ----D---- C:\WINDOWS\system32\NDF
2017-03-26 09:32:17 ----HD---- C:\Program Files\WindowsApps
2017-03-26 09:11:24 ----D---- C:\WINDOWS\system32\config
2017-03-26 09:11:08 ----RD---- C:\WINDOWS\Microsoft.NET
2017-03-24 20:26:27 ----D---- C:\Program Files (x86)\Dropbox
2017-03-24 20:24:46 ----D---- C:\WINDOWS\system32\drivers
2017-03-22 21:30:14 ----SHD---- C:\System Volume Information
2017-03-22 21:03:45 ----D---- C:\Users\nimrod\AppData\Roaming\Audacity
2017-03-21 14:33:37 ----SHD---- C:\WINDOWS\Installer
2017-03-19 14:09:22 ----D---- C:\WINDOWS\INF
2017-03-19 12:56:11 ----D---- C:\WINDOWS\rescache
2017-03-19 09:56:10 ----D---- C:\WINDOWS\debug
2017-03-19 09:13:14 ----D---- C:\WINDOWS\system32\catroot2
2017-03-18 18:09:41 ----D---- C:\Users\nimrod\AppData\Roaming\uTorrent
2017-03-17 21:50:56 ----D---- C:\WINDOWS\system32\DriverStore
2017-03-17 21:50:52 ----D---- C:\WINDOWS\WinSxS
2017-03-17 21:03:05 ----RD---- C:\WINDOWS\assembly
2017-03-17 19:40:10 ----RD---- C:\Program Files (x86)
2017-03-17 17:07:26 ----D---- C:\WINDOWS\CbsTemp
2017-03-17 17:07:19 ----D---- C:\WINDOWS\system32\appraiser
2017-03-17 10:17:29 ----AD---- C:\Program Files\Microsoft Silverlight
2017-03-17 10:17:28 ----AD---- C:\Program Files (x86)\Microsoft Silverlight
2017-03-17 10:13:06 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-CS
2017-03-17 10:13:06 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-03-17 10:13:06 ----D---- C:\WINDOWS\SYSWOW64\migration
2017-03-17 10:13:05 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-03-17 10:13:05 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-03-17 10:13:05 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-03-17 10:13:05 ----D---- C:\WINDOWS\SysWOW64
2017-03-17 10:12:21 ----D---- C:\WINDOWS\system32\wbem
2017-03-17 10:12:21 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-03-17 10:12:21 ----D---- C:\WINDOWS\system32\setup
2017-03-17 10:12:20 ----D---- C:\WINDOWS\system32\oobe
2017-03-17 10:12:19 ----D---- C:\WINDOWS\system32\migration
2017-03-17 10:12:18 ----SD---- C:\WINDOWS\system32\F12
2017-03-17 10:12:18 ----D---- C:\WINDOWS\system32\en-US
2017-03-17 10:12:18 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2017-03-17 10:12:17 ----D---- C:\WINDOWS\system32\cs-CZ
2017-03-17 10:12:17 ----D---- C:\WINDOWS\system32\Boot
2017-03-17 10:11:17 ----D---- C:\WINDOWS\ShellExperiences
2017-03-17 10:11:12 ----RD---- C:\WINDOWS\PrintDialog
2017-03-17 10:11:07 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-03-17 10:11:06 ----D---- C:\WINDOWS\bcastdvr
2017-03-17 10:11:05 ----D---- C:\WINDOWS\AppPatch
2017-03-17 10:11:04 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-03-17 10:11:01 ----D---- C:\Program Files (x86)\Windows Mail
2017-03-17 10:11:00 ----D---- C:\Program Files (x86)\Windows Defender
2017-03-17 10:11:00 ----D---- C:\Program Files (x86)\Internet Explorer
2017-03-17 10:10:59 ----D---- C:\Program Files\Windows Photo Viewer
2017-03-17 10:10:58 ----RD---- C:\Program Files\Windows Defender
2017-03-17 10:10:58 ----D---- C:\Program Files\Windows Mail
2017-03-17 10:10:57 ----D---- C:\Program Files\Internet Explorer
2017-03-16 22:37:03 ----D---- C:\ProgramData\Microsoft Help
2017-03-16 22:14:53 ----D---- C:\WINDOWS\system32\MRT
2017-03-16 21:57:58 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-03-15 20:50:48 ----HD---- C:\ProgramData
2017-03-15 20:50:19 ----D---- C:\Program Files\Common Files
2017-03-15 20:50:19 ----D---- C:\Program Files (x86)\Common Files
2017-03-15 20:50:10 ----DC---- C:\WINDOWS\system32\DRVSTORE
2017-03-15 20:26:29 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2017-03-15 20:11:41 ----RD---- C:\Users
2017-03-15 10:24:25 ----D---- C:\WINDOWS\system32\WDI
2017-03-14 00:31:57 ----A---- C:\WINDOWS\system32\LxRun.exe
2017-03-14 00:31:55 ----A---- C:\WINDOWS\system32\bash.exe
2017-03-10 07:17:56 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-03-08 14:49:42 ----D---- C:\WINDOWS\system32\Tasks
2017-03-08 14:43:19 ----D---- C:\WINDOWS\system32\CatRoot
2017-03-08 14:38:25 ----AD---- C:\Program Files\AMD
2017-03-08 14:29:38 ----D---- C:\Program Files (x86)\VulkanRT
2017-03-08 11:50:47 ----D---- C:\WINDOWS\Tasks
2017-03-06 20:13:50 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2017-03-04 09:09:22 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2017-03-02 18:36:53 ----D---- C:\Games
2017-03-01 11:49:48 ----D---- C:\WINDOWS\system32\@Ĺ
2017-02-24 10:35:32 ----D---- C:\WINDOWS\system32\đĘ
2017-02-21 10:29:16 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2017-02-19 11:46:03 ----D---- C:\GameDev
2017-02-06 00:20:44 ----D---- C:\WINDOWS\SoftwareDistribution
2017-02-04 15:02:59 ----D---- C:\Users\nimrod\AppData\Roaming\avidemux
2017-01-31 16:46:15 ----D---- C:\Program Files (x86)\Java
2017-01-28 00:50:12 ----D---- C:\Program Files (x86)\Google
2017-01-26 12:51:03 ----SD---- C:\Users\nimrod\AppData\Roaming\Microsoft
2017-01-25 00:02:17 ----D---- C:\Program Files\Android
2017-01-24 23:33:03 ----D---- C:\ProgramData\Package Cache
2017-01-24 23:29:15 ----AD---- C:\Program Files (x86)\MSBuild
2017-01-16 21:42:25 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-01-16 21:42:17 ----D---- C:\WINDOWS\Provisioning
2017-01-16 17:18:41 ----D---- C:\Program Files\VideoLAN
2017-01-12 00:51:08 ----A---- C:\WINDOWS\win.ini
2016-12-29 16:06:03 ----D---- C:\Users\nimrod\AppData\Roaming\Notepad++
2016-12-29 16:06:02 ----D---- C:\Program Files\Notepad++

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem45.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2017-03-06 87576]
R0 amdpsp;@oem32.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [2016-08-23 254864]
R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2016-10-05 267008]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2016-09-26 254208]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2016-06-01 52992]
R0 Avguniva;AVG Universal Driver; C:\WINDOWS\system32\DRIVERS\avguniva.sys [2016-06-20 77056]
R0 BTATH_BUS;@oem15.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 lxss;@%SystemRoot%\system32\drivers\lxss.sys,-100; C:\WINDOWS\system32\drivers\lxss.sys [2017-03-14 15712]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2016-05-13 163072]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2017-02-20 313088]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2016-11-30 298240]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2016-08-04 313096]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0311795.inf_amd64_24774320b803c7ec\atikmdag.sys [2017-03-06 32703000]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0311795.inf_amd64_24774320b803c7ec\atikmpag.sys [2017-03-06 525848]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2016-07-16 4233728]
R3 AtiHDAudioService;@oem43.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-12-08 101376]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-30 84992]
R3 dtlitescsibus;@oem41.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-03-05 30264]
R3 dtliteusbbus;@oem42.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-03-05 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-03-25 3903320]
R3 LMDriver;@oem18.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 RadioShim;@oem18.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 rt640x64;@oem13.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-22 886528]
R3 RTSPER;@oem9.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-24 761600]
R3 SensorsSimulatorDriver;@oem26.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [2016-07-16 216064]
R3 SynRMIHID;@oem6.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [2014-02-19 42224]
S0 amdkmafd;@oem27.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2016-08-18 49448]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2016-01-07 21632]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 amdkmcsp;@oem32.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [2016-08-23 100752]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dbx;dbx; C:\WINDOWS\system32\DRIVERS\dbx.sys []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-30 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-12-02 192216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 scvad_simple;@oem34.inf,%scvad_simple.SvcDesc%;SplitCam Virtual Microphone (WDM); C:\WINDOWS\system32\drivers\SplitCamAudio.sys [2016-08-02 23552]
S3 splitcam_hd_driver;@oem33.inf,%splitcam_hd_driver.DeviceDesc%;SplitCam Virtual Video Driver; C:\WINDOWS\system32\DRIVERS\splitcam_hd_driver.sys [2016-08-02 37600]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2016-12-01 25608]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-03-06 299544]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [2017-02-22 5334432]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-12-06 1146128]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [2017-02-22 729048]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CDPUserSvc_cd922c;CDPUserSvc_cd922c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2017-03-11 46408]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2015-02-05 22744]
R2 OneSyncSvc_cd922c;Hostitel synchronizace_cd922c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2016-04-30 131776]
R2 tbaseprovisioning;tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [2016-08-23 51224]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 SshBroker;@%SystemRoot%\system32\SshBroker.dll,-3; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 SshProxy;@%SystemRoot%\system32\SshProxy.dll,-3; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-17 143144]
S2 debugregsvc;debugregsvc; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2017-02-22 1002552]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-17 143144]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DeveloperToolsService;Developer Tools Service; C:\WINDOWS\System32\DeveloperToolsSvc.exe [2016-07-15 104448]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [2014-02-20 142336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-23 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 LxssManager;@%systemroot%\system32\lxss\LxssManager.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_cd922c;Služba zasílání zpráv_cd922c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc_cd922c;Data kontaktů_cd922c; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-04 1312768]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-01-19 1464096]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-08-22 119808]
S4 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2016-07-14 2267352]
S4 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-06-12 2573032]
S4 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-12-22 349728]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2015-12-22 209952]
S4 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-06-10 466664]
S4 PlaysService;Plays.tv Update Service; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-08-09 32528]
S4 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2014-06-26 458984]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------
