Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Objevil se mi Místní Disk F:

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
pepan55
Návštěvník
Návštěvník
Příspěvky: 1
Registrován: 24 kvě 2018 16:25

Objevil se mi Místní Disk F:

#1 Příspěvek od pepan55 »

Dobrý den,

z ničeho nic se mi objevil Místní Disk F: na který mi stále vybíhají upozornění, že je téměř plný. Jakmile ho ale otevřu, nic tam není a ani netuším o jaký disk se jedná. Mám jen 1 systémové SSD a druhý disk HDD na programy. Tento disk má velikost 449MB. Přemýšlel jsem, že by to mohlo souviset s nedávnou instalací Daemon Tools Lite. Děkuji předem za pomoc!

Logfile of random's system information tool 1.16 (written by random/random)
Run by admin at 2018-05-24 17:48:34
Microsoft Windows 10 Pro
System drive C: has 36 GB (16%) free of 228 GB
Total RAM: 16331 MB (69% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:48:37, on 24.05.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe
C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
C:\Program Files (x86)\GalaxyClient\GOG Galaxy Notifications Renderer.exe
C:\Users\admin\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Users\admin\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Users\admin\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Users\admin\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Program Files\trend micro\admin_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [OneDrive] "C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service: Razer Synapse Service - Unknown owner - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Razer Central Service (RzActionSvc) - Razer Inc. - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH Authentication Agent (ssh-agent) - Unknown owner - C:\WINDOWS\System32\OpenSSH\ssh-agent.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 11036 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe"
"C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe"
"C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\admin\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x10de --gpu-device-id=0x1b80 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --lang=en-US --log-file="C:\Users\admin\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --service-request-channel-token=C8B28CD112A035092D0905F43F7CFB2E --mojo-platform-channel-handle=1900 /prefetch:2
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-browser-side-navigation --no-sandbox --disable-gpu-compositing --service-pipe-token=4C0B5D903E536E5C23F8E08D6E825B1F --lang=en-US --lang=en-US --log-file="C:\Users\admin\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=4C0B5D903E536E5C23F8E08D6E825B1F --renderer-client-id=2 --mojo-platform-channel-handle=1940 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe"
C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
"C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe" /Client
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan-6268 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe"
"C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe" /runWithoutUpdating
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --disable-databases --primordial-pipe-token=1D86310185803DD24467DC7B7FACB156 --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\admin\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 10.0.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/4.3.0.256" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=1D86310185803DD24467DC7B7FACB156 --renderer-client-id=2 --mojo-platform-channel-handle=3000 /prefetch:1
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --disable-databases --primordial-pipe-token=821B8B562F9273F4ED6B89991B5E76FA --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\admin\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 10.0.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/4.3.0.256" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=821B8B562F9273F4ED6B89991B5E76FA --renderer-client-id=3 --mojo-platform-channel-handle=3532 /prefetch:1
"C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\ProgramData\GOG.com\Galaxy\logs\cef.log" --log-severity=info --gpu-vendor-id=0x10de --gpu-device-id=0x1b80 --gpu-driver-vendor=NVIDIA --gpu-driver-version=24.21.13.9764 --gpu-driver-date=5-7-2018 --lang=en-US --log-file="C:\ProgramData\GOG.com\Galaxy\logs\cef.log" --log-severity=info --service-request-channel-token=179813D385CC1E5932942C4F1E3779D7 --mojo-platform-channel-handle=2216 /prefetch:2
"C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe" --type=renderer --enable-smooth-scrolling --js-flags=--expose-gc --no-sandbox --service-pipe-token=BE1A490B1FB039657AFFE4377256EA5E --lang=en-US --lang=en-US --log-file="C:\ProgramData\GOG.com\Galaxy\logs\cef.log" --log-severity=info --disable-spell-checking --uncaught-exception-stack-size=999 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=BE1A490B1FB039657AFFE4377256EA5E --renderer-client-id=3 --mojo-platform-channel-handle=2656 /prefetch:1
"C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe" --type=renderer --enable-smooth-scrolling --js-flags=--expose-gc --no-sandbox --service-pipe-token=9BE64C070FE04F19E7FDB734E2F4C41A --lang=en-US --lang=en-US --log-file="C:\ProgramData\GOG.com\Galaxy\logs\cef.log" --log-severity=info --disable-spell-checking --uncaught-exception-stack-size=999 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=9BE64C070FE04F19E7FDB734E2F4C41A --renderer-client-id=4 --mojo-platform-channel-handle=2928 /prefetch:1
"C:\Program Files (x86)\GalaxyClient\GOG Galaxy Notifications Renderer.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.181 --initial-client-data=0x1d4,0x1d8,0x1dc,0x1d0,0x1e0,0x7ff9c6f03218,0x7ff9c6f03228,0x7ff9c6f03238
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=9204 --on-initialized-event-handle=656 --parent-handle=660 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=690B8D468B2948A9BCF2ADBD8ED6698C --mojo-platform-channel-handle=1464 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --service-pipe-token=F977A0334D29FE3B7DA0A81EE19933E8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=F977A0334D29FE3B7DA0A81EE19933E8 --renderer-client-id=7 --mojo-platform-channel-handle=5316 /prefetch:1
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21705.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21705.0_x64__8wekyb3d8bbwe\HxAccounts.exe" -ServerName:microsoft.windowslive.manageaccounts.AppXdbf3yp5apt3t7q877db3gnz5zqpf71zj.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --lang=cs --service-sandbox-type=utility --service-request-channel-token=C02306CB834F6D621C5DBD45639BA137 --mojo-platform-channel-handle=3916 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --service-pipe-token=29E26B372C649E76D8F5063BCB0B5261 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=29E26B372C649E76D8F5063BCB0B5261 --renderer-client-id=15 --mojo-platform-channel-handle=6176 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --service-pipe-token=3155E5A29F5C725FBE2B047C7E3CAC56 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=3155E5A29F5C725FBE2B047C7E3CAC56 --renderer-client-id=17 --mojo-platform-channel-handle=8324 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Users\admin\AppData\Local\Discord\app-0.0.301\Discord.exe"
"C:\Users\admin\AppData\Local\Discord\app-0.0.301\Discord.exe" --type=gpu-process --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,20,23,40,71 --gpu-vendor-id=0x10de --gpu-device-id=0x1b80 --gpu-driver-vendor=NVIDIA --gpu-driver-version=24.21.13.9764 --gpu-driver-date=5-7-2018 --service-request-channel-token=7268E4F9731E5512C65FD8FAAD6F74AE --mojo-platform-channel-handle=1576 /prefetch:2
"C:\Users\admin\AppData\Local\Discord\app-0.0.301\Discord.exe" --type=renderer --no-sandbox --primordial-pipe-token=1386B5D861B2F2C63A9E850C4DED0DBE --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\admin\AppData\Local\Discord\app-0.0.301\resources\app.asar" --node-integration=false --preload="C:\Users\admin\AppData\Roaming\discord\0.0.301\modules\discord_desktop_core\core.asar\app\mainScreenPreload.js" --background-color=#2f3136 --enable-blink-features=EnumerateDevices,AudioOutputDevices --hidden-page --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=1386B5D861B2F2C63A9E850C4DED0DBE --renderer-client-id=6 --mojo-platform-channel-handle=2560 /prefetch:1
C:\Users\admin\AppData\Local\Discord\app-0.0.301\Discord.exe --overlay-host
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --service-pipe-token=7BC21DC36121E064A882F118D51C388E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=7BC21DC36121E064A882F118D51C388E --renderer-client-id=31 --mojo-platform-channel-handle=4568 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --service-pipe-token=603D4D63D2336597BDEB0937B53A764B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=603D4D63D2336597BDEB0937B53A764B --renderer-client-id=33 --mojo-platform-channel-handle=9156 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --service-pipe-token=A506EE212294FAA303C5846A1ED09DF3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=A506EE212294FAA303C5846A1ED09DF3 --renderer-client-id=35 --mojo-platform-channel-handle=4872 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --service-pipe-token=E5A82769DD8004EE2C55FD9A798834DE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=E5A82769DD8004EE2C55FD9A798834DE --renderer-client-id=41 --mojo-platform-channel-handle=9040 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --disable-databases --service-pipe-token=47ECED05F3736602C4391B18D9040D2D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=47ECED05F3736602C4391B18D9040D2D --renderer-client-id=45 --mojo-platform-channel-handle=6868 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --disable-databases --service-pipe-token=A2C20E1D0DECEF0563A2EE1C48D9C960 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=A2C20E1D0DECEF0563A2EE1C48D9C960 --renderer-client-id=46 --mojo-platform-channel-handle=8532 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,16441073795620217879,13424564253683726226,131072 --disable-databases --service-pipe-token=3E96F54BB481D78AA57D4776F229A134 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=3E96F54BB481D78AA57D4776F229A134 --renderer-client-id=47 --mojo-platform-channel-handle=10316 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\admin\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe"
C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x57c
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe69_ Global\UsGthrCtrlFltPipeMssGthrPipe69 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 748 752 760 8192 756
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\admin\Desktop\RSITx64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-3975742799-1696775196-4226165202-1001.job - C:\Users\admin\AppData\Local\GoToMeeting\8794\g2mupdate.exe
C:\WINDOWS\tasks\G2MUploadTask-S-1-5-21-3975742799-1696775196-4226165202-1001.job - C:\Users\admin\AppData\Local\GoToMeeting\8794\g2mupload.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-DESKTOP-759MUK2-admin - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\AdobeGCInvoker-1.0-DESKTOP-759MUK2-admin - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
C:\WINDOWS\system32\tasks\G2MUpdateTask-S-1-5-21-3975742799-1696775196-4226165202-1001 - C:\Users\admin\AppData\Local\GoToMeeting\8794\g2mupdate.exe
C:\WINDOWS\system32\tasks\G2MUploadTask-S-1-5-21-3975742799-1696775196-4226165202-1001 - C:\Users\admin\AppData\Local\GoToMeeting\8794\g2mupload.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
C:\WINDOWS\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\WINDOWS\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-3975742799-1696775196-4226165202-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{BD773BEB-B659-4C96-9E96-FF10A2DBBF5A} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Recovery-Check - %SystemRoot%\System32\dsregcmd.exe /checkrecovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr - %windir%\System32\UNP\UpdateNotificationMgr.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\HeadsetButtonPress - %windir%\system32\speech_onecore\common\SpeechRuntime.exe StartedFromTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Setup\Notifier - %windir%\system32\Notifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\LoginCheck - %windir%\system32\sc.exe start pushtoinstall login
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\Registration - %windir%\system32\sc.exe start pushtoinstall registration
C:\WINDOWS\system32\tasks\Microsoft\Windows\Printing\EduPrintProv - %windir%\system32\eduprintprov.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\HelloFace\FODCleanupTask - %WinDir%\System32\WinBioPlugIns\FaceFodUninstaller.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\DirectX\DXGIAdapterCache - %windir%\system32\dxgiadaptercache.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Chkdsk\SyspartRepair - %windir%\system32\bcdboot.exe %windir% /sysrepair
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Google Chrome=========

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.7
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6618.312.0.2
Homepage:
default_search_provider.search_url:
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-02-10 9198592]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05 315880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-05-01 1624224]
"GalaxyClient"=C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [2018-05-05 6448712]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2018-05-19 3200800]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-09-20 2407008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-05-24 17:48:34 ----D---- C:\rsit
2018-05-24 17:48:34 ----D---- C:\Program Files\trend micro
2018-05-21 18:45:51 ----D---- C:\Users\admin\AppData\Roaming\Vectr
2018-05-21 17:40:21 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2018-05-21 17:38:16 ----D---- C:\Program Files\Common Files\Adobe
2018-05-21 17:38:12 ----D---- C:\Program Files\Adobe
2018-05-21 17:36:39 ----D---- C:\Program Files (x86)\Adobe
2018-05-21 17:36:38 ----D---- C:\ProgramData\Adobe
2018-05-21 17:27:24 ----D---- C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
2018-05-21 17:27:01 ----D---- C:\ProgramData\DAEMON Tools Lite
2018-05-20 23:28:17 ----D---- C:\Windows.old
2018-05-20 23:26:55 ----AS---- C:\WINDOWS\bootstat.dat
2018-05-20 23:26:35 ----D---- C:\WINDOWS\system32\Microsoft
2018-05-20 23:26:35 ----D---- C:\WINDOWS\ServiceProfiles
2018-05-20 23:25:32 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-05-20 23:25:32 ----A---- C:\WINDOWS\system32\wmp.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\MixedReality.Broker.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\jscript.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-05-20 23:25:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\credssp.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\wuapi.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\winload.exe
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\wininet.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\WerFault.exe
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\wer.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\tzres.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\TSpkg.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\tquery.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\shell32.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\rpcss.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\rdpnano.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\oleaut32.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\msxml3.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\mstscax.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\msi.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\itss.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\credssp.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\comsvcs.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\cdp.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\AppVClient.exe
2018-05-20 23:25:30 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-05-20 23:24:14 ----D---- C:\WINDOWS\SYSWOW64\drivers\en-GB
2018-05-20 23:24:14 ----D---- C:\WINDOWS\system32\drivers\en-GB
2018-05-20 23:24:14 ----D---- C:\WINDOWS\en-GB
2018-05-20 23:22:32 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2018-05-20 23:22:31 ----D---- C:\Program Files\Reference Assemblies
2018-05-20 23:22:31 ----D---- C:\Program Files\MSBuild
2018-05-20 23:22:31 ----D---- C:\Program Files (x86)\Reference Assemblies
2018-05-20 23:22:31 ----D---- C:\Program Files (x86)\MSBuild
2018-05-20 23:22:27 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2018-05-20 23:22:27 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2018-05-20 23:22:27 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-05-20 23:22:27 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2018-05-20 23:22:27 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-05-20 23:22:27 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-05-20 23:22:15 ----A---- C:\WINDOWS\SYSWOW64\XPSSHHDR.dll
2018-05-20 23:22:15 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-05-20 23:22:15 ----A---- C:\WINDOWS\SYSWOW64\XpsFilt.dll
2018-05-20 23:22:15 ----A---- C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-20 23:22:15 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2018-05-20 23:22:15 ----A---- C:\WINDOWS\system32\XpsFilt.dll
2018-05-20 23:22:06 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2018-05-20 23:22:06 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2018-05-20 23:22:06 ----A---- C:\WINDOWS\system32\prm0009.dll
2018-05-20 23:22:06 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2018-05-20 23:22:06 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2018-05-20 22:40:15 ----D---- C:\ProgramData\Microsoft OneDrive
2018-05-20 22:38:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-20 22:34:58 ----SHD---- C:\Recovery
2018-05-20 22:33:24 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2018-05-20 22:32:20 ----ASH---- C:\hiberfil.sys
2018-05-20 22:31:16 ----D---- C:\ProgramData\USOShared
2018-05-20 22:31:15 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2018-05-20 22:31:11 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2018-05-20 22:30:19 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2018-05-20 22:30:18 ----D---- C:\Program Files (x86)\VulkanRT
2018-05-20 22:30:18 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2018-05-20 22:30:18 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2018-05-20 22:30:18 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2018-05-20 22:30:18 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2018-05-20 22:30:11 ----HD---- C:\Program Files (x86)\Uninstall Information
2018-05-20 22:30:10 ----A---- C:\WINDOWS\system32\OpenCL.dll
2018-05-20 22:29:15 ----D---- C:\WINDOWS\Prefetch
2018-05-20 22:28:54 ----D---- C:\WINDOWS\system32\SleepStudy
2018-05-20 22:28:54 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-19 15:34:19 ----D---- C:\Users\admin\AppData\Roaming\NVIDIA
2018-05-18 21:49:20 ----DC---- C:\WINDOWS\Panther
2018-05-16 17:26:52 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2018-05-16 17:26:52 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-05-16 17:26:52 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2018-05-16 17:26:52 ----A---- C:\WINDOWS\system32\drivers\nvhda64v.sys
2018-05-16 17:16:24 ----A---- C:\WINDOWS\ntbtlog.txt
2018-05-16 15:52:01 ----D---- C:\ProgramData\Slightly Mad Studios
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFThevc.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\nvDecMFTMjpeg.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvopencl.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvEncMFThevc.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvdispgenco6439764.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvdispco6439764.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2018-05-13 14:19:22 ----A---- C:\WINDOWS\system32\nvcuda.dll
2018-05-13 14:19:21 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2018-05-13 14:19:21 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2018-05-13 14:19:21 ----A---- C:\WINDOWS\system32\nvapi64.dll
2018-05-10 22:09:34 ----D---- C:\Users\admin\AppData\Roaming\Notepad++
2018-05-10 22:09:34 ----D---- C:\Program Files (x86)\Notepad++
2018-05-10 17:59:06 ----D---- C:\Program Files (x86)\Steam
2018-05-05 16:19:04 ----D---- C:\Users\admin\AppData\Roaming\Bungie
2018-05-05 01:23:15 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_7.dll
2018-05-05 01:23:15 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2018-05-05 01:23:13 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_6.dll
2018-05-05 01:23:13 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_4.dll
2018-05-05 01:23:13 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_6.dll
2018-05-05 01:23:13 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2018-05-05 01:23:13 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2018-05-05 01:23:13 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2018-05-05 01:23:12 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_5.dll
2018-05-05 01:23:12 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_5.dll
2018-05-05 01:23:12 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_42.dll
2018-05-05 01:23:12 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2018-05-05 01:23:12 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2018-05-05 01:23:12 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2018-05-05 01:23:11 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_42.dll
2018-05-05 01:23:11 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_42.dll
2018-05-05 01:23:11 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_42.dll
2018-05-05 01:23:11 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2018-05-05 01:23:11 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2018-05-05 01:23:11 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2018-05-05 01:23:10 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_42.dll
2018-05-05 01:23:10 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_41.dll
2018-05-05 01:23:10 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_41.dll
2018-05-05 01:23:10 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2018-05-05 01:23:10 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2018-05-05 01:23:10 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2018-05-05 01:23:09 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_4.dll
2018-05-05 01:23:09 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_3.dll
2018-05-05 01:23:09 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_4.dll
2018-05-05 01:23:09 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_41.dll
2018-05-05 01:23:09 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2018-05-05 01:23:09 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2018-05-05 01:23:09 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2018-05-05 01:23:09 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2018-05-05 01:23:08 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_6.dll
2018-05-05 01:23:08 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_40.dll
2018-05-05 01:23:08 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_40.dll
2018-05-05 01:23:08 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_40.dll
2018-05-05 01:23:08 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2018-05-05 01:23:08 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2018-05-05 01:23:08 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2018-05-05 01:23:08 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2018-05-05 01:23:07 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_3.dll
2018-05-05 01:23:07 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_2.dll
2018-05-05 01:23:07 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_3.dll
2018-05-05 01:23:07 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_5.dll
2018-05-05 01:23:07 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2018-05-05 01:23:07 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2018-05-05 01:23:07 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2018-05-05 01:23:07 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2018-05-05 01:23:06 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_2.dll
2018-05-05 01:23:06 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_1.dll
2018-05-05 01:23:06 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_2.dll
2018-05-05 01:23:06 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_39.dll
2018-05-05 01:23:06 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_39.dll
2018-05-05 01:23:06 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2018-05-05 01:23:06 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2018-05-05 01:23:06 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2018-05-05 01:23:06 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2018-05-05 01:23:06 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2018-05-05 01:23:05 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_1.dll
2018-05-05 01:23:05 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_0.dll
2018-05-05 01:23:05 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_39.dll
2018-05-05 01:23:05 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2018-05-05 01:23:05 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2018-05-05 01:23:05 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2018-05-05 01:23:04 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_1.dll
2018-05-05 01:23:04 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_4.dll
2018-05-05 01:23:04 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_38.dll
2018-05-05 01:23:04 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_38.dll
2018-05-05 01:23:04 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2018-05-05 01:23:04 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2018-05-05 01:23:04 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2018-05-05 01:23:04 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2018-05-05 01:23:03 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_0.dll
2018-05-05 01:23:03 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_0.dll
2018-05-05 01:23:03 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_38.dll
2018-05-05 01:23:03 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2018-05-05 01:23:03 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2018-05-05 01:23:03 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2018-05-05 01:23:02 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_3.dll
2018-05-05 01:23:02 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_37.dll
2018-05-05 01:23:02 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_37.dll
2018-05-05 01:23:02 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_37.dll
2018-05-05 01:23:02 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2018-05-05 01:23:02 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2018-05-05 01:23:02 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2018-05-05 01:23:02 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2018-05-05 01:23:01 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_10.dll
2018-05-05 01:23:01 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_36.dll
2018-05-05 01:23:01 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_36.dll
2018-05-05 01:23:01 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2018-05-05 01:23:01 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2018-05-05 01:23:01 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2018-05-05 01:23:00 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_9.dll
2018-05-05 01:23:00 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_36.dll
2018-05-05 01:23:00 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2018-05-05 01:23:00 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2018-05-05 01:22:59 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_8.dll
2018-05-05 01:22:59 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_2.dll
2018-05-05 01:22:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_35.dll
2018-05-05 01:22:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_35.dll
2018-05-05 01:22:59 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_35.dll
2018-05-05 01:22:59 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2018-05-05 01:22:59 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2018-05-05 01:22:59 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2018-05-05 01:22:59 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2018-05-05 01:22:59 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2018-05-05 01:22:58 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_34.dll
2018-05-05 01:22:58 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_34.dll
2018-05-05 01:22:58 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_34.dll
2018-05-05 01:22:58 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2018-05-05 01:22:58 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2018-05-05 01:22:58 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2018-05-05 01:22:57 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_7.dll
2018-05-05 01:22:57 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_33.dll
2018-05-05 01:22:57 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_33.dll
2018-05-05 01:22:57 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2018-05-05 01:22:57 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2018-05-05 01:22:57 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2018-05-05 01:22:56 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_6.dll
2018-05-05 01:22:56 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_5.dll
2018-05-05 01:22:56 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_33.dll
2018-05-05 01:22:56 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2018-05-05 01:22:56 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2018-05-05 01:22:56 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2018-05-05 01:22:55 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_4.dll
2018-05-05 01:22:55 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_1.dll
2018-05-05 01:22:55 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2018-05-05 01:22:55 ----A---- C:\WINDOWS\SYSWOW64\d3dx10.dll
2018-05-05 01:22:55 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2018-05-05 01:22:55 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2018-05-05 01:22:55 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2018-05-05 01:22:55 ----A---- C:\WINDOWS\system32\d3dx10.dll
2018-05-05 01:22:54 ----A---- C:\WINDOWS\SYSWOW64\xinput1_2.dll
2018-05-05 01:22:54 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_3.dll
2018-05-05 01:22:54 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_31.dll
2018-05-05 01:22:54 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2018-05-05 01:22:54 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2018-05-05 01:22:54 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2018-05-05 01:22:53 ----A---- C:\WINDOWS\SYSWOW64\xinput1_1.dll
2018-05-05 01:22:53 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_2.dll
2018-05-05 01:22:53 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_1.dll
2018-05-05 01:22:53 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2018-05-05 01:22:53 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2018-05-05 01:22:53 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2018-05-05 01:22:50 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_30.dll
2018-05-05 01:22:50 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2018-05-05 01:22:49 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_0.dll
2018-05-05 01:22:49 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_0.dll
2018-05-05 01:22:49 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_29.dll
2018-05-05 01:22:49 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_28.dll
2018-05-05 01:22:49 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2018-05-05 01:22:49 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2018-05-05 01:22:49 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2018-05-05 01:22:49 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2018-05-05 01:22:48 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_27.dll
2018-05-05 01:22:48 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_26.dll
2018-05-05 01:22:48 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2018-05-05 01:22:48 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2018-05-05 01:22:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_25.dll
2018-05-05 01:22:47 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_24.dll
2018-05-05 01:22:47 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2018-05-05 01:22:47 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2018-05-04 23:58:59 ----D---- C:\ProgramData\GOG.com
2018-05-04 23:58:59 ----D---- C:\Program Files (x86)\GalaxyClient
2018-05-04 22:55:41 ----D---- C:\ProgramData\Blizzard Entertainment
2018-05-04 22:54:49 ----D---- C:\Users\admin\AppData\Roaming\Battle.net
2018-05-04 22:52:42 ----D---- C:\Program Files (x86)\Battle.net
2018-05-04 22:51:51 ----D---- C:\ProgramData\Battle.net
2018-05-02 15:52:27 ----D---- C:\Users\admin\AppData\Roaming\DashCore
2018-05-01 18:52:45 ----D---- C:\Users\admin\AppData\Roaming\WinRAR
2018-05-01 18:52:24 ----D---- C:\Program Files\WinRAR
2018-05-01 15:54:08 ----D---- C:\WINDOWS\system32\drivers\NVIDIA Corporation
2018-05-01 15:53:10 ----A---- C:\WINDOWS\system32\nvdispgenco6439731.dll
2018-05-01 15:53:10 ----A---- C:\WINDOWS\system32\nvdispco6439731.dll
2018-05-01 15:45:39 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2018-05-01 15:45:39 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2018-05-01 15:45:39 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-05-01 15:45:36 ----A---- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-05-01 15:45:35 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2018-05-01 15:45:35 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2018-05-01 15:45:33 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys

====== List of files/folders modified in the last 1 month ======

2018-05-24 17:48:37 ----D---- C:\WINDOWS\Temp
2018-05-24 17:48:34 ----RD---- C:\Program Files
2018-05-24 17:44:45 ----D---- C:\Users\admin\AppData\Roaming\TS3Client
2018-05-24 17:30:29 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-05-24 16:53:42 ----D---- C:\WINDOWS\system32\LogFiles
2018-05-24 16:53:42 ----D---- C:\ProgramData\NVIDIA
2018-05-24 16:51:15 ----D---- C:\WINDOWS\system32\sru
2018-05-23 19:29:44 ----D---- C:\WINDOWS\Logs
2018-05-23 19:29:33 ----RD---- C:\WINDOWS\Microsoft.NET
2018-05-23 18:38:57 ----SD---- C:\ProgramData\Microsoft
2018-05-23 15:31:16 ----D---- C:\WINDOWS\AppReadiness
2018-05-23 15:30:09 ----D---- C:\WINDOWS\system32\Tasks
2018-05-23 15:29:22 ----HD---- C:\Program Files\WindowsApps
2018-05-22 14:28:06 ----RD---- C:\WINDOWS\assembly
2018-05-22 14:27:23 ----D---- C:\WINDOWS\system32\DriverStore
2018-05-22 14:27:23 ----D---- C:\WINDOWS\system32\catroot2
2018-05-22 14:27:23 ----D---- C:\WINDOWS\INF
2018-05-22 14:00:26 ----D---- C:\WINDOWS\system32\config
2018-05-22 13:56:17 ----D---- C:\WINDOWS\System32
2018-05-22 13:51:52 ----D---- C:\WINDOWS\system32\WDI
2018-05-21 17:45:22 ----D---- C:\Users\admin\AppData\Roaming\Adobe
2018-05-21 17:40:21 ----HD---- C:\ProgramData
2018-05-21 17:38:17 ----D---- C:\Program Files\Common Files
2018-05-21 17:38:14 ----SHD---- C:\WINDOWS\Installer
2018-05-21 17:38:14 ----SHD---- C:\Config.Msi
2018-05-21 17:37:08 ----D---- C:\WINDOWS\WinSxS
2018-05-21 17:36:39 ----RD---- C:\Program Files (x86)
2018-05-21 17:36:39 ----D---- C:\Program Files (x86)\Common Files
2018-05-21 17:27:25 ----D---- C:\WINDOWS\system32\drivers
2018-05-21 13:13:18 ----D---- C:\WINDOWS\SysWOW64
2018-05-21 13:13:17 ----D---- C:\WINDOWS\CbsTemp
2018-05-21 13:13:15 ----SHD---- C:\System Volume Information
2018-05-21 13:13:08 ----D---- C:\WINDOWS\system32\restore
2018-05-21 13:12:55 ----RD---- C:\WINDOWS\PrintDialog
2018-05-21 13:12:34 ----D---- C:\WINDOWS\system32\CodeIntegrity
2018-05-20 23:28:18 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-05-20 23:28:18 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-05-20 23:28:18 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-05-20 23:28:18 ----D---- C:\WINDOWS\system32\WinBioDatabase
2018-05-20 23:28:18 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2018-05-20 23:28:18 ----D---- C:\WINDOWS\system32\drivers\etc
2018-05-20 23:28:17 ----SD---- C:\WINDOWS\system32\F12
2018-05-20 23:28:17 ----D---- C:\WINDOWS\system32\spool
2018-05-20 23:28:17 ----D---- C:\WINDOWS\system32\Recovery
2018-05-20 23:28:17 ----D---- C:\WINDOWS\system32\oobe
2018-05-20 23:28:17 ----D---- C:\WINDOWS\system32\en-US
2018-05-20 23:28:17 ----D---- C:\WINDOWS\system32\drivers\en-US
2018-05-20 23:28:17 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2018-05-20 23:28:17 ----D---- C:\WINDOWS\system32\appmgmt
2018-05-20 23:28:17 ----D---- C:\WINDOWS\ShellExperiences
2018-05-20 23:28:17 ----D---- C:\WINDOWS\PolicyDefinitions
2018-05-20 23:28:17 ----D---- C:\WINDOWS\Help
2018-05-20 23:28:17 ----D---- C:\Program Files\Common Files\microsoft shared
2018-05-20 23:28:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-05-20 23:28:16 ----D---- C:\WINDOWS\Setup
2018-05-20 23:27:12 ----D---- C:\WINDOWS\appcompat
2018-05-20 23:27:12 ----D---- C:\Program Files\Realtek
2018-05-20 23:25:54 ----D---- C:\WINDOWS\TextInput
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\vi-VN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ur-PK
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ug-CN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\tt-RU
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\tk-TM
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\te-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ta-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\sw-KE
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\sq-AL
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\si-LK
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\setup
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\quz-PE
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\prs-AF
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\pa-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\or-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\nn-NO
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ne-NP
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\mt-MT
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ms-MY
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\mr-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\mn-MN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ml-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\mk-MK
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\mi-NZ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\lo-LA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\lb-LU
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ky-KG
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\kok-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\kn-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\km-KH
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\kk-KZ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ka-GE
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\is-IS
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\id-ID
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\hy-AM
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\gu-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\gd-GB
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ga-IE
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\fil-PH
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\fa-IR
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\cy-GB
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\bn-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\bn-BD
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\be-BY
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\as-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\am-ET
2018-05-20 23:25:54 ----D---- C:\WINDOWS\SYSWOW64\af-ZA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\zu-ZA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\yo-NG
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\xh-ZA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\wo-SN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\vi-VN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ur-PK
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ug-CN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\tt-RU
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\tn-ZA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\tk-TM
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ti-ET
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\te-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ta-in
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\sw-KE
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\sq-AL
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\si-lk
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\setup
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\rw-RW
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\quz-PE
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\prs-AF
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\pa-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\or-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\nso-ZA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\nn-NO
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ne-NP
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\mt-MT
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ms-MY
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\mr-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\mn-MN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ml-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\mk-MK
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\mi-NZ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\lo-LA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\lb-LU
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ky-KG
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\kok-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\kn-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\km-KH
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\kk-KZ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ka-GE
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\is-IS
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ig-NG
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\id-ID
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\hy-AM
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\gu-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\gd-GB
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ga-IE
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\fil-PH
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\fa-IR
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\en-GB
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\cy-GB
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\cs-CZ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\Boot
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\bn-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\bn-BD
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\be-BY
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\as-IN
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\appraiser
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\am-et
2018-05-20 23:25:54 ----D---- C:\WINDOWS\system32\af-ZA
2018-05-20 23:25:53 ----D---- C:\WINDOWS\Provisioning
2018-05-20 23:25:53 ----D---- C:\WINDOWS\Containers
2018-05-20 23:25:53 ----D---- C:\WINDOWS\bcastdvr
2018-05-20 23:25:53 ----D---- C:\WINDOWS\apppatch
2018-05-20 23:25:53 ----D---- C:\Program Files\Windows Photo Viewer
2018-05-20 23:25:53 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2018-05-20 23:24:15 ----D---- C:\WINDOWS\SYSWOW64\winrm
2018-05-20 23:24:15 ----D---- C:\WINDOWS\SYSWOW64\WCN
2018-05-20 23:24:15 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-05-20 23:24:15 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2018-05-20 23:24:15 ----D---- C:\WINDOWS\SYSWOW64\Printing_Admin_Scripts
2018-05-20 23:24:15 ----D---- C:\WINDOWS\SYSWOW64\oobe
2018-05-20 23:24:15 ----D---- C:\WINDOWS\SYSWOW64\en
2018-05-20 23:24:14 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2018-05-20 23:24:14 ----SD---- C:\WINDOWS\system32\DiagSvcs
2018-05-20 23:24:14 ----D---- C:\WINDOWS\SYSWOW64\drivers\en-US
2018-05-20 23:24:14 ----D---- C:\WINDOWS\SYSWOW64\drivers
2018-05-20 23:24:14 ----D---- C:\WINDOWS\system32\winrm
2018-05-20 23:24:14 ----D---- C:\WINDOWS\system32\WCN
2018-05-20 23:24:14 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2018-05-20 23:24:14 ----D---- C:\WINDOWS\system32\slmgr
2018-05-20 23:24:14 ----D---- C:\WINDOWS\system32\Printing_Admin_Scripts
2018-05-20 23:24:14 ----D---- C:\WINDOWS\system32\migwiz
2018-05-20 23:24:14 ----D---- C:\WINDOWS\system32\en
2018-05-20 23:24:14 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-05-20 23:24:14 ----D---- C:\WINDOWS\servicing
2018-05-20 23:24:14 ----D---- C:\WINDOWS\IME
2018-05-20 23:24:14 ----D---- C:\WINDOWS\en-US
2018-05-20 23:24:14 ----D---- C:\Program Files\Windows Media Player
2018-05-20 23:24:14 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2018-05-20 23:24:14 ----D---- C:\Program Files\internet explorer
2018-05-20 23:24:14 ----D---- C:\Program Files\Common Files\system
2018-05-20 23:24:14 ----D---- C:\Program Files (x86)\Windows Media Player
2018-05-20 23:24:14 ----D---- C:\Program Files (x86)\Windows Defender
2018-05-20 23:24:14 ----D---- C:\Program Files (x86)\Internet Explorer
2018-05-20 23:22:32 ----D---- C:\WINDOWS\SYSWOW64\MUI
2018-05-20 23:22:32 ----D---- C:\WINDOWS\system32\MUI
2018-05-20 23:22:31 ----RSD---- C:\WINDOWS\Fonts
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\fr-CA
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\es-MX
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2018-05-20 23:22:16 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\zh-TW
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\zh-CN
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\uk-UA
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\tr-TR
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\th-TH
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\sv-SE
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\sl-SI
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\sk-SK
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\ru-RU
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\ro-RO
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\pt-PT
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\pt-BR
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\pl-PL
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\nl-NL
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\nb-NO
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\lv-LV
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\lt-LT
2018-05-20 23:22:16 ----D---- C:\WINDOWS\system32\ko-KR
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\ja-jp
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\it-IT
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\hu-HU
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\hr-HR
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\he-IL
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\fr-FR
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\fr-CA
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\fi-FI
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\et-EE
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\es-MX
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\es-ES
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\el-GR
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\de-DE
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\da-DK
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\bg-BG
2018-05-20 23:22:15 ----D---- C:\WINDOWS\system32\ar-SA
2018-05-20 23:22:08 ----D---- C:\WINDOWS\OCR
2018-05-20 22:35:03 ----D---- C:\WINDOWS\SoftwareDistribution
2018-05-20 22:34:56 ----D---- C:\WINDOWS\Tasks
2018-05-20 22:34:56 ----D---- C:\Program Files\Windows Defender
2018-05-20 22:34:55 ----D---- C:\WINDOWS\Registration
2018-05-20 22:34:44 ----D---- C:\Windows
2018-05-20 22:33:38 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-05-20 22:33:22 ----D---- C:\WINDOWS\system32\wbem
2018-05-20 22:31:11 ----RD---- C:\Users
2018-05-20 22:30:48 ----D---- C:\WINDOWS\system32\DAX3
2018-05-20 22:30:48 ----D---- C:\WINDOWS\system32\DAX2
2018-05-20 22:30:48 ----D---- C:\ProgramData\Audyssey Labs
2018-05-20 22:30:46 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2018-05-20 22:30:38 ----D---- C:\Program Files (x86)\Razer
2018-05-20 22:30:36 ----D---- C:\temp
2018-05-20 22:29:25 ----D---- C:\ProgramData\NVIDIA Corporation
2018-05-20 22:29:22 ----D---- C:\Program Files\NVIDIA Corporation
2018-05-11 21:33:13 ----D---- C:\ProgramData\Epic
2018-05-10 22:02:07 ----D---- C:\ProgramData\Package Cache
2018-05-09 18:07:24 ----D---- C:\WINDOWS\system32\MRT
2018-05-09 18:06:40 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-09 18:06:37 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-05-08 23:23:18 ----A---- C:\WINDOWS\SYSWOW64\opencl.dll
2018-05-07 21:16:17 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2018-05-07 21:15:41 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2018-05-07 21:15:41 ----A---- C:\WINDOWS\system32\nvcpl.dll
2018-05-07 21:15:39 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2018-05-07 21:15:39 ----A---- C:\WINDOWS\system32\nvshext.dll
2018-05-07 21:15:38 ----A---- C:\WINDOWS\system32\nvmctray.dll
2018-05-07 21:15:38 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2018-05-07 21:15:38 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2018-05-05 00:44:00 ----D---- C:\Users\admin\AppData\Roaming\discord
2018-05-04 00:27:16 ----D---- C:\ProgramData\Origin
2018-05-03 19:14:15 ----D---- C:\Users\admin\AppData\Roaming\Origin
2018-05-01 23:22:36 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-04-27 20:11:24 ----D---- C:\Program Files (x86)\Origin
2018-04-27 18:23:00 ----D---- C:\WINDOWS\system32\drivers\wd

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2018-04-12 304032]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 amdpsp;@oem69.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [2017-06-12 239976]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-04-12 414208]
R3 amdgpio2;@oem1.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2017-03-01 43400]
R3 amdgpio3;@oem27.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio3.sys [2016-08-12 24424]
R3 AMDPCIDev;@oem63.inf,%AMDPCIDev.SVCDESC%;AMD PCI; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [2017-10-10 31112]
R3 asmthub3;@oem7.inf,%asmthub3_ServiceDescription%;ASMedia USB3.1 Hub Service; C:\WINDOWS\System32\drivers\asmthub3.sys [2016-07-13 149888]
R3 asmtxhci;@oem34.inf,%asmtxhci_ServiceDescription%;ASMedia XHCI Service; C:\WINDOWS\System32\drivers\asmtxhci.sys [2016-07-13 454016]
R3 e1rexpress;@oem14.inf,%E1RExpress.Service.DispName%;Intel(R) PCI Express Network Connection Driver R; C:\WINDOWS\system32\DRIVERS\e1r65x64.sys [2016-07-29 540112]
R3 NVHDA;@oem26.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2018-05-07 226280]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_38c9bee769f9ef1f\nvlddmkm.sys [2018-05-08 17168744]
R3 nvvad_WaveExtensible;@oem59.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-12-15 59240]
R3 nvvhci;@oem38.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-05-07 58816]
R3 RzCommon;@oem56.inf,%RzCommon.SVCDESC%;Razer Control Service; C:\WINDOWS\System32\drivers\RzCommon.sys [2018-04-15 49136]
R3 RzDev_005c;@oem62.inf,%RzDev.ServiceDesc%;Razer 005c Service; C:\WINDOWS\System32\drivers\RzDev_005c.sys [2018-03-14 51184]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-04-12 128416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 amdkmcsp;@oem69.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [2017-06-12 95080]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2018-04-12 127384]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2018-04-12 162712]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2018-04-12 143768]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudbus.sys [2017-05-18 131984]
S3 dtlitescsibus;@oem43.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-08-04 30264]
S3 dtliteusbbus;@oem51.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-08-04 47672]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-04-12 73632]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [2018-04-12 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2018-04-12 197632]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-03-14 31632]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2017-11-09 504360]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2018-04-12 1921944]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 rzbtendpt;Razer Bluetooth End Point; C:\WINDOWS\System32\drivers\rzbtendpt.sys [2016-10-30 52240]
S3 rzdaendpt;Razer DeathAdder end point; C:\WINDOWS\System32\drivers\rzdaendpt.sys [2016-10-30 42000]
S3 rzendpt;rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [2016-10-30 52240]
S3 rzhnet;Razer Inc. External Display Driver; C:\WINDOWS\System32\Drivers\rzhnet.sys [2016-10-30 29712]
S3 rzjstk;Razer Virtual Joystick Driver; C:\WINDOWS\System32\drivers\rzjstk.sys [2016-10-30 36376]
S3 rzkeypadendpt;Razer Keypad Endpoint; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [2016-10-30 45592]
S3 rzmpos;rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [2016-10-30 48144]
S3 rzp1endpt;Razer platform 1 end point; C:\WINDOWS\System32\drivers\rzp1endpt.sys [2016-10-30 52240]
S3 rzudd;Razer Keyboard Driver; C:\WINDOWS\System32\drivers\rzudd.sys [2016-10-30 204824]
S3 rzvkeyboard;Razer Virtual Keyboard Driver; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [2016-10-30 44048]
S3 rzvmouse;Razer Virtual Mouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [2016-10-30 44048]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 smbdirect;smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [2018-04-12 152064]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-09-20 817760]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-01-05 2319848]
R2 CDPUserSvc_5cc7478;Uživatelská služba platformy připojených zařízení_5cc7478; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14 523152]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-05-07 520672]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-03-14 470416]
R2 OneSyncSvc_5cc7478;Hostitel synchronizace_5cc7478; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2018-04-10 3028808]
R2 Razer Game Manager Service;Razer Game Manager; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [2017-08-12 147792]
R2 Razer Chroma SDK Server;Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2018-04-24 450688]
R2 Razer Chroma SDK Service;Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2018-04-24 943752]
R2 Razer Synapse Service;Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [2018-05-02 282864]
R2 RzActionSvc;Razer Central Service; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [2018-03-25 533376]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-04-12 761440]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; %SystemRoot%\system32\svchost.exe -k appmodel -p;"ServiceDll" = %SystemRoot%\system32\CapabilityAccessManager.dll
R3 PimIndexMaintenanceSvc_5cc7478;Data kontaktů_5cc7478; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k AssignedAccessManagerSvc;"ServiceDll" = %SystemRoot%\System32\assignedaccessmanagersvc.dll
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; %SystemRoot%\system32\svchost.exe -k BcastDVRUserService;"ServiceDll" = %SystemRoot%\System32\BcastDVRUserService.dll
S3 BcastDVRUserService_5cc7478;Uživatelská služba pro GameDVR a vysílání her_5cc7478; C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService;"ServiceDll" =
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-04-24 5745672]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; %SystemRoot%\system32\svchost.exe -k BthAppGroup;"ServiceDll" = %SystemRoot%\System32\Microsoft.Bluetooth.UserService.dll
S3 BluetoothUserService_5cc7478;Služba pro podporu uživatelů Bluetooth_5cc7478; C:\WINDOWS\system32\svchost.exe -k BthAppGroup;"ServiceDll" =
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\BTAGService.dll
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\BthAvctpSvc.dll
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\CaptureService.dll
S3 CaptureService_5cc7478;CaptureService_5cc7478; C:\WINDOWS\system32\svchost.exe -k LocalService -p;"ServiceDll" =
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\Windows.Devices.Picker.dll
S3 DevicePickerUserSvc_5cc7478;DevicePicker_5cc7478; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_5cc7478;Tok zařízení_5cc7478; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k diagnostics;"ServiceDll" = %systemroot%\system32\DiagSvc.dll
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-04-12 775296]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-20 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [2018-05-05 665160]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2018-05-05 8109640]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k GraphicsPerfSvcGroup;"ServiceDll" = %SystemRoot%\System32\GraphicsPerfSvc.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\InstallService.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\LanguageOverlayServer.dll
S3 MessagingService_5cc7478;Služba zasílání zpráv_5cc7478; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14 523152]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2018-04-10 2158912]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; %SystemRoot%\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = %SystemRoot%\System32\PrintWorkflowService.dll
S3 PrintWorkflowUserSvc_5cc7478;PrintWorkflow_5cc7478; C:\WINDOWS\system32\svchost.exe -k PrintWorkflow;"ServiceDll" =
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\PushToInstall.dll
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-04-12 4737448]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\SharedRealitySvc.dll
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2018-05-20 826776]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Objevil se mi Místní Disk F:

#2 Příspěvek od Rudy »

Zdravím!
Zkuste tento postup: https://forum.viry.cz/viewtopic.php?f=4&t=154236 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět