pomaly ntb

[d.a.p]

Logfile of random's system information tool 1.16 (written by random/random)
Run by Zuzanka at 2018-05-06 12:45:17
Microsoft Windows 10 Home
System drive C: has 633 GB (67%) free of 939 GB
Total RAM: 4006 MB (45% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:45:29, on 06.05.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0371)
Boot mode: Normal

Running processes:
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Program Files\trend micro\Zuzanka_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell15.msn.com/?pc=DCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell15.msn.com/?pc=DCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Zuzanka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Zuzanka\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [XperiaCompanionAgent] "C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem20.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) WiDi Software Asset Manager (Intel(R) WiDi SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: IntelUSBoverIP - Intel - C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Product Registration - Dell - C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: Služba Xperia Companion (XperiaCompanionService) - Sony - C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13097 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p
C:\WINDOWS\system32\WLANExt.exe 2184568087536
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
c:\windows\system32\svchost.exe -k networkservice -s TermService
C:\WINDOWS\system32\ibtsiva.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Dell Customer Connect\DCCService.exe"
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Dell Update\DellUpService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Dell\Dell Product Registration\PRSvc.exe"
"C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files\Dell\DellDataVault\DellDataVault.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
C:\WINDOWS\system32\AUDIODG.EXE 0x494
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Windows\System32\TiltWheelMouse.exe"
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{7E55A26D-EF95-4A45-9F55-21E52ADF9887}
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Zuzanka\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Zuzanka\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Zuzanka\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.139 --initial-client-data=0x94,0x9c,0x1f4,0xa0,0x1f8,0x7ffd31d43218,0x7ffd31d43228,0x7ffd31d43238
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5568 --on-initialized-event-handle=648 --parent-handle=652 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1440,5188683029615230102,7215858736253361644,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=09FECBD8AA6AD9667354A3169DB7229A --mojo-platform-channel-handle=1504 --ignored=" --type=renderer " /prefetch:2
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1440,5188683029615230102,7215858736253361644,131072 --service-pipe-token=D4A3C365BEF3462A962F8F9D6C3C00A6 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D4A3C365BEF3462A962F8F9D6C3C00A6 --renderer-client-id=10 --mojo-platform-channel-handle=796 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe43_ Global\UsGthrCtrlFltPipeMssGthrPipe43 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Zuzanka\Desktop\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe -check plugin
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CLMLSvc_P2G8 - C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
C:\WINDOWS\system32\tasks\CLVDLauncher - C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe
C:\WINDOWS\system32\tasks\Dell SupportAssistAgent AutoUpdate - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe AutoUpdate
C:\WINDOWS\system32\tasks\DropboxOEM - "%ProgramFiles(x86)%\Dropbox\DropboxOEM\DropboxOEM.exe" auto
C:\WINDOWS\system32\tasks\DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\system32\tasks\DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec - "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
C:\WINDOWS\system32\tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon - "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
C:\WINDOWS\system32\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
C:\WINDOWS\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\WINDOWS\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-3884737602-604897833-831748219-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\PCDDataUploadTask - "uaclauncher.exe" -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait
C:\WINDOWS\system32\tasks\PCDEventLauncherTask - "C:\Program Files\Dell\SupportAssist\sessionchecker.exe"
C:\WINDOWS\system32\tasks\PCDoctorBackgroundMonitorTask - "C:\Program Files\Dell\SupportAssist\uaclauncher.exe" -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
C:\WINDOWS\system32\tasks\PCDoctorBackgroundMonitorTask-Retry - "C:\Program Files\Dell\SupportAssist\uaclauncher.exe" -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
C:\WINDOWS\system32\tasks\RtHDVBg_PushButton - "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
C:\WINDOWS\system32\tasks\SystemToolsDailyTest - "uaclauncher.exe" -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Recovery-Check - %SystemRoot%\System32\dsregcmd.exe /checkrecovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WaaSMedic\PerformRemediation - %systemroot%\System32\WaaSMedic.exe None
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Driver Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr - %windir%\System32\UNP\UpdateNotificationMgr.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\LoginCheck - %windir%\system32\sc.exe start pushtoinstall login
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\Registration - %windir%\system32\sc.exe start pushtoinstall registration
C:\WINDOWS\system32\tasks\Microsoft\Windows\Printing\EduPrintProv - %windir%\system32\eduprintprov.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Chkdsk\SyspartRepair - %windir%\system32\bcdboot.exe %windir% /sysrepair
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates 2.0 - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /frequentupdate SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload
C:\WINDOWS\system32\tasks\Intel\Intel Telemetry 2 - C:\Program Files\Intel\Telemetry 2.0\lrio.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Zuzanka\AppData\Roaming\Mozilla\Firefox\Profiles\vpbieei9.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.113 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 29.0.0.113 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Zuzanka\AppData\Roaming\Mozilla\Firefox\Profiles\vpbieei9.default\addons.json
Pinned GMail - extension - gmail_panel@alejandrobrizuela.com.ar
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

C:\Users\Zuzanka\AppData\Roaming\Mozilla\Firefox\Profiles\vpbieei9.default\extensions.json
Pinned GMail - webextension - gmail_panel@alejandrobrizuela.com.ar -
Adblock Plus - webextension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -
Pocket - extension - firefox@getpocket.com -
Web Compat - extension - webcompat@mozilla.org -
Application Update Service Helper - extension - aushelper@mozilla.org -
Firefox Screenshots - extension - screenshots@mozilla.org -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Shield Recipe Client - extension - shield-recipe-client@mozilla.org -
Activity Stream - extension - activity-stream@mozilla.org -
Form Autofill - extension - formautofill@mozilla.org -
Photon onboarding - extension - onboarding@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -

C:\Users\Zuzanka\AppData\Roaming\Mozilla\Firefox\Profiles\vpbieei9.default\pluginreg.dat
Plugin - Shockwave Flash - 29.0.0.113 - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll

=========Google Chrome=========

C:\Users\Zuzanka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 0 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 0 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.6
Extension felcaaldnbdncclmgdcncolpebgiejap 0 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 2 Dokumenty Google offline 1.4
Extension hdgadgplbbdjlbjgdociahdlmbglfeen 0 Flash Control 0.2
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.7
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6618.312.0.2
Homepage:
default_search_provider.search_url:
C:\Users\Zuzanka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={893966DC-873F-441D-913E-CE8B26A106F8}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{893966DC-873F-441D-913E-CE8B26A106F8}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=DCTE


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={893966DC-873F-441D-913E-CE8B26A106F8}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{893966DC-873F-441D-913E-CE8B26A106F8}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=DCTE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-04-28 207024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-04-28 3211432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-28 149168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-04-28 2201264]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-05-04 9226752]
"RtHDVBg_MAXX6"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-05-04 1485312]
"MouseDriver"=TiltWheelMouse.exe []
"RtHDVBg_PushButton"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-05-04 1485312]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-05-04 1893312]
"WavesSvc"=C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [2017-01-26 723928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Zuzanka\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-03-20 1559200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-04-12 18334528]
"uTorrent"=C:\Users\Zuzanka\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]
"XperiaCompanionAgent"=C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2016-12-22 2088832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-05-06 12:45:17 ----D---- C:\rsit
2018-05-06 12:45:17 ----D---- C:\Program Files\trend micro
2018-04-13 11:40:58 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-04-13 11:40:58 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-04-13 11:40:58 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-04-13 11:40:58 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2018-04-13 11:40:58 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2018-04-13 11:40:58 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2018-04-13 11:40:58 ----A---- C:\WINDOWS\system32\drivers\amdppm.sys
2018-04-13 11:40:58 ----A---- C:\WINDOWS\system32\drivers\amdk8.sys
2018-04-13 11:40:58 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-04-13 11:40:57 ----A---- C:\WINDOWS\SYSWOW64\wshhyperv.dll
2018-04-13 11:40:57 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2018-04-13 11:40:57 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2018-04-13 11:40:57 ----A---- C:\WINDOWS\system32\icsvcext.dll
2018-04-13 11:40:57 ----A---- C:\WINDOWS\system32\drivers\Synth3dVsc.sys
2018-04-13 11:40:57 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2018-04-13 11:40:57 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2018-04-13 11:40:57 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2018-04-13 11:40:56 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2018-04-13 11:40:56 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2018-04-13 11:40:56 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-04-13 11:40:56 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2018-04-13 11:40:56 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2018-04-13 11:40:56 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2018-04-13 11:40:56 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2018-04-13 11:40:56 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-04-13 11:40:56 ----A---- C:\WINDOWS\system32\propsys.dll
2018-04-13 11:40:56 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\winhttp.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\tzres.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\sysntfy.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\logoncli.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\keyiso.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\drivers\pcw.sys
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\dnsapi.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\ci.dll
2018-04-13 11:40:55 ----A---- C:\WINDOWS\system32\aepic.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\msvcp110_win.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\keyiso.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\system32\wkssvc.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\system32\srvsvc.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\system32\SensorService.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\system32\runexehelper.exe
2018-04-13 11:40:54 ----A---- C:\WINDOWS\system32\nrpsrv.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\system32\kerberos.dll
2018-04-13 11:40:54 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2018-04-13 11:40:54 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\wups.dll
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\wuapi.dll
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\usocore.dll
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\drivers\winhv.sys
2018-04-13 11:40:53 ----A---- C:\WINDOWS\system32\drivers\vmgencounter.sys
2018-04-13 11:40:50 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-04-13 11:40:50 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2018-04-13 11:40:50 ----A---- C:\WINDOWS\system32\RTWorkQ.dll
2018-04-13 11:40:50 ----A---- C:\WINDOWS\system32\mfksproxy.dll
2018-04-13 11:40:50 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2018-04-13 11:40:50 ----A---- C:\WINDOWS\system32\drivers\gpuenergydrv.sys
2018-04-13 11:40:50 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-04-13 11:40:50 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-04-13 11:40:50 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-04-13 11:40:50 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-04-13 11:40:48 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-04-13 11:40:48 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-04-13 11:40:48 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-04-13 11:40:48 ----A---- C:\WINDOWS\system32\dssvc.dll
2018-04-13 11:40:48 ----A---- C:\WINDOWS\system32\cdp.dll
2018-04-13 11:40:47 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2018-04-13 11:40:47 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-04-13 11:40:47 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2018-04-13 11:40:47 ----A---- C:\WINDOWS\system32\qmgr.dll
2018-04-13 11:40:47 ----A---- C:\WINDOWS\system32\InputService.dll
2018-04-13 11:40:47 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2018-04-13 11:40:47 ----A---- C:\WINDOWS\system32\FntCache.dll
2018-04-13 11:40:47 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2018-04-13 11:40:47 ----A---- C:\WINDOWS\system32\DWrite.dll
2018-04-13 11:40:47 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\rmclient.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\psmsrv.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\mscms.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\moshostcore.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\mos.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\MapsStore.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\MapRouter.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\IcsEntitlementHost.exe
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\icm32.dll
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-04-13 11:40:46 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\UserDataService.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\Unistore.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\NMAA.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\ncbservice.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\BrokerLib.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\BingMaps.dll
2018-04-13 11:40:45 ----A---- C:\WINDOWS\system32\BFE.DLL
2018-04-13 11:40:44 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-04-13 11:40:44 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2018-04-13 11:40:44 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-04-13 11:40:44 ----A---- C:\WINDOWS\system32\icfupgd.dll
2018-04-13 11:40:44 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-04-13 11:40:44 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2018-04-13 11:40:44 ----A---- C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
2018-04-13 11:40:44 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-04-13 11:40:43 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2018-04-13 11:40:41 ----A---- C:\WINDOWS\system32\httpprxm.dll
2018-04-13 11:40:41 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2018-04-13 11:40:41 ----A---- C:\WINDOWS\system32\adhsvc.dll
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\WSDMon.dll
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\tcpmon.dll
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\puiobj.dll
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\puiapi.dll
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\newdev.dll
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\drivers\rasacd.sys
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2018-04-13 11:40:40 ----A---- C:\WINDOWS\system32\compstui.dll
2018-04-13 11:40:39 ----A---- C:\WINDOWS\system32\usbmon.dll
2018-04-13 11:40:39 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2018-04-13 11:40:39 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-04-13 11:40:38 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2018-04-13 11:40:38 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2018-04-13 11:40:38 ----A---- C:\WINDOWS\system32\vpnike.dll
2018-04-13 11:40:38 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-04-13 11:40:38 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2018-04-13 11:40:38 ----A---- C:\WINDOWS\system32\systemreset.exe
2018-04-13 11:40:38 ----A---- C:\WINDOWS\system32\shell32.dll
2018-04-13 11:40:38 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2018-04-13 11:40:38 ----A---- C:\WINDOWS\system32\reseteng.dll
2018-04-13 11:40:38 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-04-13 11:40:38 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\WinSCard.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\twinui.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\taskcomp.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\scksp.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\ninput.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\drivers\beep.sys
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\certprop.dll
2018-04-13 11:40:37 ----A---- C:\WINDOWS\system32\basecsp.dll
2018-04-13 11:40:36 ----A---- C:\WINDOWS\system32\wudriver.dll
2018-04-13 11:40:36 ----A---- C:\WINDOWS\system32\wmiprop.dll
2018-04-13 11:40:36 ----A---- C:\WINDOWS\system32\VSSVC.exe
2018-04-13 11:40:36 ----A---- C:\WINDOWS\system32\SessEnv.dll
2018-04-13 11:40:36 ----A---- C:\WINDOWS\system32\drivers\bam.sys
2018-04-13 11:40:36 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-04-13 11:40:35 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-04-13 11:40:35 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-04-13 11:40:33 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2018-04-13 11:40:33 ----A---- C:\WINDOWS\system32\wow64.dll
2018-04-13 11:40:33 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-04-13 11:40:33 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-04-13 11:40:33 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-04-13 11:40:32 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-04-13 11:40:32 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-04-13 11:40:32 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-04-13 11:40:32 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2018-04-13 11:40:32 ----A---- C:\WINDOWS\system32\invagent.dll
2018-04-13 11:40:32 ----A---- C:\WINDOWS\system32\devinv.dll
2018-04-13 11:40:32 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-04-13 11:40:31 ----A---- C:\WINDOWS\system32\StartTileData.dll
2018-04-13 11:40:29 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-04-13 11:40:29 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\winresume.exe
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\ole32.dll
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\appidtel.exe
2018-04-13 11:40:28 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-04-13 11:40:27 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\sspicli.dll
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\nsisvc.dll
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\NetDriverInstall.dll
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\hal.dll
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\drivers\nsiproxy.sys
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2018-04-13 11:40:27 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-04-13 11:40:26 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2018-04-13 11:40:26 ----A---- C:\WINDOWS\system32\winload.exe
2018-04-13 11:40:26 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-04-13 11:40:26 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-04-13 11:40:26 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2018-04-13 11:40:26 ----A---- C:\WINDOWS\system32\drivers\null.sys
2018-04-13 11:40:26 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-04-13 11:40:26 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2018-04-13 11:40:26 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2018-04-13 11:40:26 ----A---- C:\WINDOWS\system32\drivers\fs_rec.sys
2018-04-13 11:40:26 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\usermgr.dll
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\TtlsExt.dll
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\t2embed.dll
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\gpsvc.dll
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\gpapi.dll
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\fdWNet.dll
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\fdPnp.dll
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-04-13 11:40:25 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\wininet.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\msrating.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\msIso.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\jsproxy.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\hlink.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\efssvc.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\efslsaext.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\drivers\lltdio.sys
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\appinfo.dll
2018-04-13 11:40:24 ----A---- C:\WINDOWS\system32\actxprxy.dll
2018-04-13 11:40:23 ----A---- C:\WINDOWS\system32\wifitask.exe
2018-04-13 11:40:23 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2018-04-13 11:40:23 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2018-04-13 11:40:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-04-13 11:40:23 ----A---- C:\WINDOWS\system32\SettingSync.dll
2018-04-13 11:40:23 ----A---- C:\WINDOWS\system32\drivers\irda.sys
2018-04-13 11:40:23 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2018-04-13 11:40:23 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2018-04-13 11:40:22 ----A---- C:\WINDOWS\system32\wscsvc.dll
2018-04-13 11:40:22 ----A---- C:\WINDOWS\system32\wscapi.dll
2018-04-13 11:40:22 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-04-13 11:40:22 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2018-04-13 11:40:22 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2018-04-13 11:40:22 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2018-04-13 11:40:22 ----A---- C:\WINDOWS\system32\davclnt.dll
2018-04-13 11:40:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2018-04-13 11:40:21 ----A---- C:\WINDOWS\system32\WebClnt.dll
2018-04-13 11:40:21 ----A---- C:\WINDOWS\system32\TtlsCfg.dll
2018-04-13 11:40:21 ----A---- C:\WINDOWS\system32\TtlsAuth.dll
2018-04-13 11:40:21 ----A---- C:\WINDOWS\system32\spoolsv.exe
2018-04-13 11:40:21 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2018-04-13 11:40:21 ----A---- C:\WINDOWS\system32\printfilterpipelineprxy.dll
2018-04-13 11:40:21 ----A---- C:\WINDOWS\system32\NaturalAuth.dll
2018-04-13 11:40:21 ----A---- C:\WINDOWS\system32\localspl.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\wwapi.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\wwansvc.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\wlgpclnt.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\wlansvc.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\wlansec.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\wlanapi.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\wfdprov.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\dot3svc.dll
2018-04-13 11:40:20 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-04-13 11:40:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-04-13 11:40:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2018-04-13 11:40:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-04-13 11:40:19 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2018-04-13 11:40:19 ----A---- C:\WINDOWS\SYSWOW64\RTWorkQ.dll
2018-04-13 11:40:19 ----A---- C:\WINDOWS\SYSWOW64\PimIndexMaintenanceClient.dll
2018-04-13 11:40:19 ----A---- C:\WINDOWS\SYSWOW64\mfksproxy.dll
2018-04-13 11:40:19 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-04-13 11:40:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-04-13 11:40:18 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-04-13 11:40:18 ----A---- C:\WINDOWS\SYSWOW64\mscms.dll
2018-04-13 11:40:18 ----A---- C:\WINDOWS\SYSWOW64\MapRouter.dll
2018-04-13 11:40:18 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2018-04-13 11:40:18 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2018-04-13 11:40:18 ----A---- C:\WINDOWS\SYSWOW64\icm32.dll
2018-04-13 11:40:18 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2018-04-13 11:40:18 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-04-13 11:40:17 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2018-04-13 11:40:17 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2018-04-13 11:40:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2018-04-13 11:40:16 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-04-13 11:40:16 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2018-04-13 11:40:16 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-04-13 11:40:16 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2018-04-13 11:40:16 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2018-04-13 11:40:16 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2018-04-13 11:40:16 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2018-04-13 11:40:16 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\perfhost.exe
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\fdWNet.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\fdPnp.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-04-13 11:40:15 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\wmiprop.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\compstui.dll
2018-04-13 11:40:14 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2018-04-13 11:40:13 ----A---- C:\WINDOWS\SYSWOW64\wsnmp32.dll
2018-04-13 11:40:13 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2018-04-13 11:40:13 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-04-13 11:40:11 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-04-13 11:40:09 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2018-04-13 11:40:09 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2018-04-13 11:40:09 ----A---- C:\WINDOWS\SYSWOW64\ninput.dll
2018-04-13 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\wwapi.dll
2018-04-13 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2018-04-13 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\TtlsCfg.dll
2018-04-13 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\taskcomp.dll
2018-04-13 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2018-04-13 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\SettingMonitor.dll
2018-04-13 11:40:07 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2018-04-13 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\wlgpclnt.dll
2018-04-13 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2018-04-13 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-04-13 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2018-04-13 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\BrowserSettingSync.dll
2018-04-13 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-04-13 11:40:06 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-04-13 11:40:05 ----A---- C:\WINDOWS\system32\drivers\vms3cap.sys
2018-04-13 11:40:05 ----A---- C:\WINDOWS\system32\drivers\VMBusHID.sys
2018-04-13 11:40:05 ----A---- C:\WINDOWS\system32\drivers\HyperVideo.sys
2018-04-13 11:40:05 ----A---- C:\WINDOWS\system32\drivers\hyperkbd.sys
2018-04-13 11:40:03 ----A---- C:\WINDOWS\system32\occache.dll
2018-04-13 11:40:03 ----A---- C:\WINDOWS\system32\licmgr10.dll
2018-04-13 11:40:03 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2018-04-13 11:40:03 ----A---- C:\WINDOWS\system32\iesetup.dll
2018-04-13 11:40:03 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-04-13 11:40:03 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2018-04-13 11:40:02 ----A---- C:\WINDOWS\system32\url.dll
2018-04-13 11:40:02 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2018-04-13 11:40:02 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2018-04-13 11:40:02 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-04-13 11:40:02 ----A---- C:\WINDOWS\system32\inseng.dll
2018-04-13 11:40:02 ----A---- C:\WINDOWS\system32\iesysprep.dll
2018-04-13 11:40:02 ----A---- C:\WINDOWS\system32\iernonce.dll
2018-04-13 11:40:02 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-04-13 11:40:02 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\wextract.exe
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\webcheck.dll
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\pngfilt.dll
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\iexpress.exe
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-04-13 11:40:01 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-04-13 11:40:00 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2018-04-13 11:39:59 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-04-13 11:39:59 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-04-13 11:39:58 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-04-13 11:39:58 ----A---- C:\WINDOWS\system32\imgutil.dll
2018-04-13 11:39:58 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-04-13 11:39:58 ----A---- C:\WINDOWS\system32\iepeers.dll
2018-04-13 11:39:58 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-04-13 11:39:58 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-04-13 11:39:58 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-04-13 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2018-04-13 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2018-04-13 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2018-04-13 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-04-13 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2018-04-13 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-04-13 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2018-04-13 11:39:57 ----A---- C:\WINDOWS\system32\mshta.exe
2018-04-13 11:39:57 ----A---- C:\WINDOWS\system32\jscript.dll
2018-04-13 11:39:57 ----A---- C:\WINDOWS\system32\ieui.dll
2018-04-13 11:39:56 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2018-04-13 11:39:56 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2018-04-13 11:39:56 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2018-04-13 11:39:56 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2018-04-13 11:39:56 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2018-04-13 11:39:56 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2018-04-13 11:39:56 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2018-04-13 11:39:56 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2018-04-13 11:39:56 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2018-04-13 11:39:56 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-04-13 11:39:55 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2018-04-13 11:39:55 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2018-04-13 11:39:55 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2018-04-13 11:39:55 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-04-13 11:39:55 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-04-13 11:39:55 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2018-04-13 11:39:54 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-04-13 11:39:54 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2018-04-13 11:39:54 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-04-13 11:39:53 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-04-13 11:39:52 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-04-13 11:39:52 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-04-13 11:39:52 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-04-13 11:39:52 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-04-13 11:39:52 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-04-13 11:39:52 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-04-13 11:39:51 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-04-13 11:39:51 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2018-04-13 11:39:51 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-04-13 11:39:50 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\WcnEapPeerProxy.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\WcnEapAuthProxy.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\wcncsvc.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\WcnApi.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\sensrsvc.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\racpldlg.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\p2psvc.dll
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\msra.exe
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\drivers\rdpbus.sys
2018-04-13 11:39:49 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\vmictimeprovider.dll
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\offreg.dll
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\icsvc.dll
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\vpci.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\vmstorfl.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\vmgid.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\storvsc.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2018-04-13 11:39:48 ----A---- C:\WINDOWS\system32\drivers\dmvsc.sys
2018-04-13 11:39:47 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2018-04-13 11:39:47 ----A---- C:\WINDOWS\system32\wshhyperv.dll
2018-04-13 11:39:47 ----A---- C:\WINDOWS\system32\drivers\winhvr.sys
2018-04-13 11:39:47 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2018-04-13 11:39:47 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-04-13 11:39:47 ----A---- C:\WINDOWS\system32\drivers\vdrvroot.sys
2018-04-13 11:39:47 ----A---- C:\WINDOWS\system32\drivers\storqosflt.sys
2018-04-13 11:39:47 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-04-13 11:39:47 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2018-04-13 11:39:46 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\wc_storage.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\virtdisk.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\vertdll.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\SyncController.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\skci.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\SDFHost.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\msvcp110_win.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\LsaIso.exe
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\IumSdk.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\iumdll.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\iumbase.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\hvhostsvc.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\drivers\wcnfs.sys
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\convertvhd.exe
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\container.dll
2018-04-13 11:39:46 ----A---- C:\WINDOWS\system32\APHostService.dll
2018-04-13 11:39:45 ----A---- C:\WINDOWS\system32\rdpserverbase.dll

====== List of files/folders modified in the last 1 month ======

2018-05-06 12:45:24 ----D---- C:\WINDOWS\Prefetch
2018-05-06 12:45:17 ----RD---- C:\Program Files
2018-05-06 12:44:00 ----D---- C:\WINDOWS\Temp
2018-05-06 12:40:07 ----D---- C:\Windows
2018-05-06 12:39:33 ----D---- C:\WINDOWS\system32\sru
2018-05-06 12:38:54 ----D---- C:\WINDOWS\System32
2018-05-06 12:38:54 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-05-06 11:42:06 ----D---- C:\ProgramData\NVIDIA
2018-05-06 11:03:06 ----D---- C:\WINDOWS\INF
2018-05-06 11:03:04 ----D---- C:\WINDOWS\debug
2018-05-06 11:03:03 ----D---- C:\WINDOWS\LiveKernelReports
2018-05-06 11:02:47 ----SHD---- C:\System Volume Information
2018-05-06 10:57:49 ----D---- C:\WINDOWS\system32\Tasks
2018-05-06 10:54:48 ----HD---- C:\Program Files\WindowsApps
2018-05-06 10:53:58 ----D---- C:\WINDOWS\AppReadiness
2018-05-06 10:52:51 ----D---- C:\WINDOWS\DeliveryOptimization
2018-05-06 10:49:49 ----SHD---- C:\WINDOWS\Installer
2018-05-06 10:49:48 ----SHD---- C:\Config.Msi
2018-05-06 10:49:47 ----D---- C:\Program Files\Dell
2018-05-06 10:49:29 ----D---- C:\ProgramData\Package Cache
2018-05-03 21:37:50 ----D---- C:\WINDOWS\system32\SleepStudy
2018-05-03 21:20:34 ----D---- C:\WINDOWS\system32\config
2018-05-03 20:15:56 ----D---- C:\WINDOWS\system32\DriverStore
2018-05-03 11:55:51 ----D---- C:\WINDOWS\WinSxS
2018-05-03 11:23:00 ----D---- C:\WINDOWS\system32\catroot2
2018-05-03 11:22:19 ----D---- C:\WINDOWS\Logs
2018-05-03 10:30:53 ----RD---- C:\WINDOWS\Microsoft.NET
2018-04-28 10:12:52 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-04-28 10:12:30 ----D---- C:\Program Files (x86)\Common Files
2018-04-28 10:10:58 ----AD---- C:\Program Files (x86)\Microsoft Office
2018-04-28 09:56:32 ----D---- C:\WINDOWS\system32\drivers\wd
2018-04-22 14:58:18 ----D---- C:\Users\Zuzanka\AppData\Roaming\vlc
2018-04-22 10:59:38 ----D---- C:\WINDOWS\rescache
2018-04-22 10:56:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-04-22 10:56:43 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-04-14 10:27:42 ----D---- C:\WINDOWS\system32\NDF
2018-04-13 14:02:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-13 13:55:56 ----D---- C:\WINDOWS\system32\drivers
2018-04-13 12:31:39 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-04-13 12:31:39 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-04-13 12:31:34 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-04-13 12:31:34 ----D---- C:\WINDOWS\SysWOW64
2018-04-13 12:31:31 ----D---- C:\WINDOWS\system32\migration
2018-04-13 12:31:30 ----SD---- C:\WINDOWS\system32\F12
2018-04-13 12:31:30 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-04-13 12:31:30 ----D---- C:\WINDOWS\system32\cs-CZ
2018-04-13 12:31:30 ----D---- C:\WINDOWS\system32\Boot
2018-04-13 12:31:30 ----D---- C:\WINDOWS\system32\appraiser
2018-04-13 12:31:22 ----D---- C:\WINDOWS\ShellExperiences
2018-04-13 12:31:22 ----D---- C:\WINDOWS\apppatch
2018-04-13 12:31:21 ----D---- C:\Program Files\internet explorer
2018-04-13 12:31:21 ----D---- C:\Program Files (x86)\Internet Explorer
2018-04-13 12:31:14 ----D---- C:\WINDOWS\system32\CodeIntegrity
2018-04-13 11:44:59 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-04-10 20:19:08 ----D---- C:\WINDOWS\CbsTemp
2018-04-10 19:24:21 ----D---- C:\WINDOWS\system32\MRT
2018-04-10 19:24:13 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-10 19:23:53 ----AC---- C:\WINDOWS\system32\MRT.exe

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-07-25 1455552]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-03-30 59808]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
R3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 DDDriver;DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [2016-01-05 32464]
R3 DellProf;DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [2016-01-05 24240]
R3 DellRbtn;@oem10.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2015-05-08 19440]
R3 ibtusb;@oem20.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-11-11 230144]
R3 NETwNb64;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 8.1 64 Bit; C:\WINDOWS\System32\drivers\Netwbw02.sys [2017-04-13 3517696]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_98841ac9dbf724c3\nvlddmkm.sys [2017-10-03 15627888]
R3 nvvad_WaveExtensible;@oem77.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-05-04 48064]
R3 nvvhci;@oem49.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-05-04 57792]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
R3 rt640x64;@oem99.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-05-29 886528]
R3 RTSUER;@oem74.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-05-14 402960]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-03-13 1015296]
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2017-01-05 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\WINDOWS\System32\drivers\ggsomc.sys [2017-01-05 30424]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-03-30 73120]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [2018-03-30 28160]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iaLPSS_GPIO;Intel(R) Serial IO GPIO Driver; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [2015-06-15 46856]
S3 iaLPSS_SPI;Intel(R) Serial IO SPI Driver; C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys [2015-06-15 113416]
S3 iaLPSS_UART2;Intel(R) Serial IO UART Driver v2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [2015-06-15 155400]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-03-30 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2018-03-30 192512]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-05-04 30144]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-09-29 1849752]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 CDPUserSvc_5d732c5;Uživatelská služba platformy připojených zařízení_5d732c5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-04-23 8566440]
R2 Dell Customer Connect;Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [2016-12-21 130936]
R2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-06-23 2572024]
R2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-06-23 202488]
R2 DellUpdate;Dell Update Service; C:\Program Files (x86)\Dell Update\DellUpService.exe [2018-03-27 237016]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2017-03-21 640928]
R2 ibtsiva;@oem20.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 IntelUSBoverIP;IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [2015-07-06 396992]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-07-11 223520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-07-11 415520]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-06-29 462784]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-05-04 449984]
R2 OneSyncSvc_5d732c5;Hostitel synchronizace_5d732c5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 Product Registration;Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [2017-04-06 47144]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2017-03-21 157600]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2014-04-14 253776]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-03-01 519152]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-12-12 43648]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\InstallService.dll
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
S2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2015-06-23 238320]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; %SystemRoot%\system32\svchost.exe -k appmodel -p;"ServiceDll" = %SystemRoot%\system32\CapabilityAccessManager.dll
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_5d732c5;Tok zařízení_5d732c5; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k diagnostics;"ServiceDll" = %systemroot%\system32\DiagSvc.dll
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k GraphicsPerfSvcGroup;"ServiceDll" = %SystemRoot%\System32\GraphicsPerfSvc.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) WiDi SAM;Intel(R) WiDi Software Asset Manager; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-16 19088]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_5d732c5;Služba zasílání zpráv_5d732c5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-04-22 194512]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2017-03-21 268704]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-04 495040]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-04 495040]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-04-23 211632]
S3 PimIndexMaintenanceSvc_5d732c5;Data kontaktů_5d732c5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; %SystemRoot%\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = %SystemRoot%\System32\PrintWorkflowService.dll
S3 PrintWorkflowUserSvc_5d732c5;PrintWorkflow_5d732c5; C:\WINDOWS\system32\svchost.exe -k PrintWorkflow;"ServiceDll" =
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\PushToInstall.dll
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\SharedRealitySvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-03-30 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[d.a.p]

# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-02.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-06-2018
# Duration: 00:00:37
# OS: Windows 10 Home
# Scanned: 40818
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[Rudy]

Toto je OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .