Právě je 14 pro 2017 09:08

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 9 ] 
Autor Zpráva
PříspěvekNapsal: 06 pro 2017 20:58 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 16 dub 2007 20:01
Příspěvky: 56
Ahoj, windows je týden starý, ale nerad bych musel hned reinstall, nejdou mi psát háčky a čárky přes to dané tlačítko vedle backspace, dočetl jsem se, že to může být spywarem nebo keyloggerem, v EN klávesnici to jde, testováno s více fyzickými klávesnicemi. Děkuju


Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2017-12-06 20:55:31
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 20 GB (8%) free of 238 GB
Total RAM: 8088 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:55:36, on 6.12.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Lenovo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe
O4 - HKCU\..\Run: [d2eb8269bf8ed4a7d2fc1e70463c756e] "C:\Users\Lenovo\AppData\Local\Temp\SSScheduler.exe" ..
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4203416088-688117384-3358250737-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4203416088-688117384-3358250737-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: d2eb8269bf8ed4a7d2fc1e70463c756e.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8783 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
winlogon.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SAsrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=62.0.3202.94 --initial-client-data=0xbc,0xc0,0xc4,0xb8,0xc8,0x7fee5ea27e8,0x7fee5ea27a8,0x7fee5ea27b8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5712 --on-initialized-event-handle=340 --parent-handle=344 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1480,11573558911028783018,4105875027458834524,131072 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4264 --gpu-driver-date=8-4-2015 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1341 --service-request-channel-token=D23FA085B77F4C9C9C1EB64635220A2B --mojo-platform-channel-handle=1496 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1480,11573558911028783018,4105875027458834524,131072 --service-pipe-token=2B41EE4555217E08887F5F2E51572CB2 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=2B41EE4555217E08887F5F2E51572CB2 --renderer-client-id=8 --mojo-platform-channel-handle=2400 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1480,11573558911028783018,4105875027458834524,131072 --service-pipe-token=16A2DB5D1AB6B8243F90C20436BC666B --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=16A2DB5D1AB6B8243F90C20436BC666B --renderer-client-id=4 --mojo-platform-channel-handle=3056 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1480,11573558911028783018,4105875027458834524,131072 --service-pipe-token=68FDB0C5EDACB3C9F24A5E2776B18A24 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=68FDB0C5EDACB3C9F24A5E2776B18A24 --renderer-client-id=5 --mojo-platform-channel-handle=3284 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1480,11573558911028783018,4105875027458834524,131072 --service-pipe-token=1769D015647BF62DA4568796BB9768E1 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1769D015647BF62DA4568796BB9768E1 --renderer-client-id=6 --mojo-platform-channel-handle=3324 /prefetch:1
"C:\Windows\system32\StikyNot.exe"
"C:\Users\Lenovo\AppData\Local\Temp\SSScheduler.exe"
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1480,11573558911028783018,4105875027458834524,131072 --service-pipe-token=180D49EDFC26220AAEF730E3B564B94F --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=180D49EDFC26220AAEF730E3B564B94F --renderer-client-id=262 --mojo-platform-channel-handle=8300 /prefetch:1
C:\Windows\system32\WLANExt.exe 52633872
\??\C:\Windows\system32\conhost.exe "372201999943300970518961750-1478715091-1980207495744595616-1906012246-1381498799
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1480,11573558911028783018,4105875027458834524,131072 --service-pipe-token=8184FC8DB96C51FAE236D3D094263E2C --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=8184FC8DB96C51FAE236D3D094263E2C --renderer-client-id=434 --mojo-platform-channel-handle=3224 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1480,11573558911028783018,4105875027458834524,131072 --service-pipe-token=B86FAF0B97FC3636D7139031AA65FAB0 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=B86FAF0B97FC3636D7139031AA65FAB0 --renderer-client-id=437 --mojo-platform-channel-handle=3004 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1480,11573558911028783018,4105875027458834524,131072 --service-pipe-token=C3014FF2D92C2561BDB194603F8CA7AD --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=C3014FF2D92C2561BDB194603F8CA7AD --renderer-client-id=512 --mojo-platform-channel-handle=2664 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe62_ Global\UsGthrCtrlFltPipeMssGthrPipe62 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Lenovo\Desktop\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"=C:\Windows\RTFTrack.exe [2013-10-18 6340312]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-11-21 36352]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-10-17 2891080]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-08-09 404376]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe []
"Persistence"=C:\Windows\system32\igfxpers.exe []
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-04 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-10-18 1028384]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2014-03-26 7825720]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"d2eb8269bf8ed4a7d2fc1e70463c756e"=C:\Users\Lenovo\AppData\Local\Temp\SSScheduler.exe [2017-12-04 124928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"RESTART_STICKY_NOTES"=C:\Windows\system32\StikyNot.exe [2009-07-14 427520]
"d2eb8269bf8ed4a7d2fc1e70463c756e"=C:\Users\Lenovo\AppData\Local\Temp\SSScheduler.exe [2017-12-04 124928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-01-06 292848]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
d2eb8269bf8ed4a7d2fc1e70463c756e.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-12-06 20:55:31 ----D---- C:\rsit
2017-12-06 20:55:31 ----D---- C:\Program Files\trend micro
2017-12-04 18:38:28 ----A---- C:\Windows\system32\drivers\ngoomuho.sys
2017-12-04 18:38:08 ----A---- C:\Windows\SYSWOW64\SSScheduler.exe
2017-12-04 18:33:21 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2017-12-04 10:34:41 ----D---- C:\Users\Lenovo\AppData\Roaming\vlc
2017-12-04 10:33:55 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2017-12-04 10:33:23 ----D---- C:\Program Files\Adobe
2017-12-04 10:32:47 ----D---- C:\Program Files (x86)\Adobe
2017-12-04 10:31:51 ----D---- C:\Windows\SYSWOW64\Macromed
2017-12-04 10:31:32 ----D---- C:\Program Files\Common Files\Adobe
2017-12-04 10:29:34 ----D---- C:\Users\Lenovo\AppData\Roaming\Macromedia
2017-12-04 10:29:33 ----D---- C:\ProgramData\Adobe
2017-12-04 08:42:24 ----D---- C:\Program Files\VideoLAN
2017-12-04 08:26:06 ----D---- C:\Users\Lenovo\AppData\Roaming\uTorrent
2017-12-03 00:25:30 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2017-12-03 00:25:29 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-12-03 00:25:25 ----A---- C:\Windows\system32\win32k.sys
2017-12-03 00:25:24 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-03 00:25:23 ----A---- C:\Windows\system32\tzres.dll
2017-12-03 00:25:22 ----A---- C:\Windows\system32\gpedit.dll
2017-12-03 00:21:09 ----D---- C:\Windows\system32\appmgmt
2017-12-02 23:49:21 ----D---- C:\Users\Lenovo\AppData\Roaming\Google
2017-12-02 23:18:18 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\system32\KBDYAK.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\system32\KBDTAT.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\system32\KBDRU1.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\system32\KBDRU.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\system32\KBDBASH.DLL
2017-12-02 23:13:50 ----SD---- C:\Windows\system32\CompatTel
2017-12-02 23:13:50 ----D---- C:\Windows\system32\appraiser
2017-12-02 16:23:37 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2017-12-02 16:23:37 ----A---- C:\Windows\system32\wksprt.exe
2017-12-02 16:23:37 ----A---- C:\Windows\system32\mstscax.dll
2017-12-02 16:23:36 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2017-12-02 16:23:36 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2017-12-02 16:23:36 ----A---- C:\Windows\system32\tsgqec.dll
2017-12-02 16:23:36 ----A---- C:\Windows\system32\rdvidcrl.dll
2017-12-02 16:23:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2017-12-02 16:23:32 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2017-12-02 16:23:32 ----A---- C:\Windows\system32\bcryptprimitives.dll
2017-12-02 16:23:17 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2017-12-02 16:23:17 ----A---- C:\Windows\system32\TSWbPrxy.exe
2017-12-02 16:23:17 ----A---- C:\Windows\system32\invagent.dll
2017-12-02 16:23:17 ----A---- C:\Windows\system32\d2d1.dll
2017-12-02 16:23:17 ----A---- C:\Windows\system32\centel.dll
2017-12-02 16:23:17 ----A---- C:\Windows\system32\aitstatic.exe
2017-12-02 16:23:16 ----A---- C:\Windows\system32\generaltel.dll
2017-12-02 16:23:16 ----A---- C:\Windows\system32\devinv.dll
2017-12-02 16:23:16 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-12-02 16:23:16 ----A---- C:\Windows\system32\appraiser.dll
2017-12-02 16:23:16 ----A---- C:\Windows\system32\aepic.dll
2017-12-02 16:23:16 ----A---- C:\Windows\system32\aeinv.dll
2017-12-02 16:23:16 ----A---- C:\Windows\system32\acmigration.dll
2017-12-02 16:23:15 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2017-12-02 16:23:15 ----A---- C:\Windows\system32\drivers\bthport.sys
2017-12-02 16:23:10 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2017-12-02 16:23:10 ----A---- C:\Windows\SYSWOW64\esent.dll
2017-12-02 16:23:10 ----A---- C:\Windows\system32\fsutil.exe
2017-12-02 16:23:10 ----A---- C:\Windows\system32\esent.dll
2017-12-02 16:23:10 ----A---- C:\Windows\system32\drivers\nvstor.sys
2017-12-02 16:23:10 ----A---- C:\Windows\system32\drivers\nvraid.sys
2017-12-02 16:23:10 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2017-12-02 16:23:10 ----A---- C:\Windows\system32\drivers\amdxata.sys
2017-12-02 16:23:10 ----A---- C:\Windows\system32\drivers\amdsata.sys
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-12-02 16:19:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-02 16:19:14 ----A---- C:\Windows\system32\inseng.dll
2017-12-02 16:19:14 ----A---- C:\Windows\system32\iernonce.dll
2017-12-02 16:19:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-02 16:19:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-02 16:19:14 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\urlmon.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\occache.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-02 16:19:13 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-02 16:19:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-12-02 16:19:12 ----A---- C:\Windows\system32\iesetup.dll
2017-12-02 16:19:12 ----A---- C:\Windows\system32\iertutil.dll
2017-12-02 16:19:12 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-02 16:19:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-12-02 16:19:11 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-12-02 16:19:11 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-12-02 16:19:11 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-12-02 16:19:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-12-02 16:19:11 ----A---- C:\Windows\system32\vbscript.dll
2017-12-02 16:19:11 ----A---- C:\Windows\system32\rdpcorets.dll
2017-12-02 16:19:11 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-02 16:19:11 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\webcheck.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\jscript9.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\jscript.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\ieui.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\ieframe.dll
2017-12-02 16:19:09 ----A---- C:\Windows\system32\wininet.dll
2017-12-02 16:19:09 ----A---- C:\Windows\system32\msrating.dll
2017-12-02 16:19:09 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-02 16:19:09 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-02 16:19:08 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-12-02 16:19:08 ----A---- C:\Windows\system32\mshtml.dll
2017-12-02 16:19:08 ----A---- C:\Windows\system32\FntCache.dll
2017-12-02 16:19:08 ----A---- C:\Windows\system32\DWrite.dll
2017-12-02 16:19:07 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-12-02 16:19:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-12-02 16:19:07 ----A---- C:\Windows\system32\UIAnimation.dll
2017-12-02 16:19:07 ----A---- C:\Windows\system32\rdpudd.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\rundll32.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mswdat10.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msrepl40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msjtes40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msjter40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msjetoledb40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msexch40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mmcshext.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mmcbase.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mmc.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\input.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\cic.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\wer.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\winnsi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\user.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\pla.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\pdh.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\oleres.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\nsi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mscms.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\MigAutoPlay.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\icm32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\comcat.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\tquery.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-12-02 16:18:57 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-12-02 16:18:57 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssvp.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssrch.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssprxy.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssphtb.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssph.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssitlb.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\msshooks.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\msscntrs.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbport.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbohci.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbhub.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbehci.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbd.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wvc.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wuwebv.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wups2.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wups.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wudriver.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wucltux.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wuaueng.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wuauclt.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wuapp.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wuapi.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WsmSvc.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WsmRes.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WsmAuto.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wpnpinst.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wow64win.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wow64cpu.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wow64.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wlansvc.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wlansec.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wlanmsm.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wlanhlp.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wlanapi.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wintrust.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\winsrv.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\winnsi.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\win32spl.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WebClnt.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wdigest.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wdc.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\UtcResources.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\usp10.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\user32.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\ucrtbase.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\TSpkg.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\themeui.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\srcore.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\srclient.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\smss.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\schannel.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\shell32.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\shdocvw.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\scavengeui.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\rundll32.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\rstrui.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\rpchttp.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\rpcrt4.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\resmon.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\rdpcore.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\PrintBrmUi.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\plasrv.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\pla.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\perfmon.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\pdhui.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\pdh.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\oleaut32.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\ntvdm64.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\ntprint.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\ntprint.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\ntoskrnl.exe

_________________
Obrázek
Trojan suX hard!
StaY metal!!!


Naposledy upravil SyLeSek dne 06 pro 2017 21:00, celkově upraveno 1

Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 06 pro 2017 20:58 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 16 dub 2007 20:01
Příspěvky: 56
2017-12-02 16:18:56 ----A---- C:\Windows\system32\nsisvc.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\nsi.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\msv1_0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\msctf.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\localspl.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\kerberos.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\input.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\inetppui.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\inetpp.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\icaapi.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\srv.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\afd.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\diagtrack.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\davclnt.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\credssp.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\apisetschema.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\wmploc.DLL
2017-12-02 16:18:55 ----A---- C:\Windows\system32\wmp.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\Wldap32.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\WcsPlugInService.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\sspisrv.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\sspicli.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\spwmp.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\secur32.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\rrinstaller.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\ntdll.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\nlsbres.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\netbtugc.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\ncrypt.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msxml3r.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msxml3.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msscp.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msobjs.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msnetobj.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msmmsp.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msinfo32.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msimsg.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msihnd.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msiexec.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msi.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mscms.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msaudite.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mmcshext.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mmcbase.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mmc.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\MigAutoPlay.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mfps.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mfpmp.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mfplat.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mferror.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mf.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\lsass.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\lsasrv.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\KernelBase.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\kernel32.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\INETRES.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\inetcomm.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\icm32.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\dxmasf.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drmv2clt.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\netio.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\cng.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\consent.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\cic.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\cdd.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\blackbox.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\auditpol.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\asycfilt.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\appinfo.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\adtschema.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\wermgr.exe
2017-12-02 16:18:54 ----A---- C:\Windows\system32\werdiagcontroller.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\wer.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\t2embed.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\samsrv.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\samlib.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\quartz.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\qdvd.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\lpk.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-12-02 16:18:54 ----A---- C:\Windows\system32\hlink.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\gdi32.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\fontsub.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\evr.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2017-12-02 16:18:54 ----A---- C:\Windows\system32\drivers\http.sys
2017-12-02 16:18:54 ----A---- C:\Windows\system32\drivers\fastfat.sys
2017-12-02 16:18:54 ----A---- C:\Windows\system32\drivers\exfat.sys
2017-12-02 16:18:54 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-12-02 16:18:54 ----A---- C:\Windows\system32\dciman32.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\atmlib.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\atmfd.dll
2017-12-02 16:18:54 ----A---- C:\Windows\HelpPane.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\winload.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\rpcss.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\Query.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\pcawrk.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\pcasvc.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\pcalua.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\pcaevts.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\pcadm.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\oleres.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\ole32.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\EncDump.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-12-02 16:18:53 ----A---- C:\Windows\system32\drivers\appid.sys
2017-12-02 16:18:53 ----A---- C:\Windows\system32\csrsrv.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cryptui.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cryptsvc.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cryptsp.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cryptnet.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cryptbase.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\crypt32.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\conhost.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\comcat.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\clfs.sys
2017-12-02 16:18:53 ----A---- C:\Windows\system32\certcli.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cdosys.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\bcrypt.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\bcdedit.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\authui.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\audiosrv.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\AudioSes.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\AudioEng.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\audiodg.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\appidsvc.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\appidapi.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\advapi32.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\adsmsext.dll
2017-12-02 16:18:52 ----A---- C:\Windows\system32\drivers\bthpan.sys
2017-12-02 16:18:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2017-12-02 16:18:11 ----A---- C:\Windows\system32\d3d10warp.dll
2017-12-02 16:18:10 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2017-12-02 16:18:10 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2017-12-02 16:18:10 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2017-12-02 16:18:10 ----A---- C:\Windows\system32\d3d10level9.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\qasf.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMVXENCD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMVSENCD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMVSDECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMVENCOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMVDECOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\wmpmde.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMADMOE.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMADMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\VIDRESZR.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\qasf.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\msmpeg2adec.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MPG4DECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MP4SDECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MP43DECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MP3DMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\mfvdsp.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\mcmde.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\ksuser.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\drivers\portcls.sys
2017-12-02 16:18:09 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2017-12-02 16:18:09 ----A---- C:\Windows\system32\drivers\drmk.sys
2017-12-02 16:18:09 ----A---- C:\Windows\system32\COLORCNV.DLL
2017-12-02 16:18:08 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2017-12-02 16:18:08 ----A---- C:\Windows\system32\WindowsCodecs.dll
2017-12-02 16:16:53 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2017-12-02 16:16:53 ----A---- C:\Windows\system32\WMPhoto.dll
2017-12-02 16:10:44 ----D---- C:\Users\Lenovo\AppData\Roaming\Adobe
2017-12-02 16:08:21 ----D---- C:\Windows\SYSWOW64\Wat
2017-12-02 16:08:21 ----D---- C:\Windows\system32\Wat
2017-12-02 15:35:23 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-02 15:35:23 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-02 15:34:37 ----D---- C:\Windows\system32\MRT
2017-12-02 15:34:33 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-12-02 15:34:28 ----AC---- C:\Windows\system32\MRT.exe
2017-12-02 15:33:39 ----D---- C:\Users\Lenovo\AppData\Roaming\Skype
2017-12-02 15:33:33 ----D---- C:\ProgramData\Skype
2017-12-02 15:32:36 ----A---- C:\Windows\system32\IEUDINIT.EXE
2017-12-02 15:26:23 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\wextract.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\url.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\msls31.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\mshta.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\icardie.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\wextract.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\url.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\pngfilt.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\msls31.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\mshtmler.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\mshta.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\msfeedssync.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\msfeedsbs.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\licmgr10.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\jsIntl.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\imgutil.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\iexpress.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\iesysprep.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\iepeers.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\ieapfltr.dat
2017-12-02 15:26:21 ----A---- C:\Windows\system32\IEAdvpack.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\icardie.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\elshyph.dll
2017-12-02 15:11:50 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2017-12-02 15:11:49 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2017-12-02 15:11:49 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2017-12-02 15:11:49 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2017-12-02 15:11:49 ----A---- C:\Windows\system32\wksprtPS.dll
2017-12-02 15:11:49 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-12-02 15:11:49 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-12-02 15:11:49 ----A---- C:\Windows\system32\mstsc.exe
2017-12-02 15:11:49 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2017-12-02 15:11:49 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2017-12-02 14:48:11 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2017-12-02 14:48:11 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2017-12-02 14:48:11 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2017-12-02 14:48:10 ----A---- C:\Windows\system32\rdpendp_winip.dll
2017-12-02 14:41:49 ----D---- C:\Intel
2017-12-02 14:38:11 ----D---- C:\Program Files\Microsoft Silverlight
2017-12-02 14:38:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-12-02 14:27:01 ----A---- C:\Windows\system32\WUDFx.dll
2017-12-02 14:27:01 ----A---- C:\Windows\system32\WUDFSvc.dll
2017-12-02 14:27:01 ----A---- C:\Windows\system32\WUDFPlatform.dll
2017-12-02 14:27:01 ----A---- C:\Windows\system32\WUDFHost.exe
2017-12-02 14:27:01 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2017-12-02 14:27:01 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2017-12-02 14:27:01 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2017-12-02 14:20:20 ----D---- C:\Windows\Migration
2017-12-02 14:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-12-02 14:16:56 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2017-12-02 14:16:56 ----A---- C:\Windows\system32\d3d10_1.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\XpsPrint.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\dxgi.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\d3d10core.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\d3d10_1core.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\d3d10.dll
2017-12-02 14:13:16 ----A---- C:\Windows\SYSWOW64\wmi.dll
2017-12-02 14:13:16 ----A---- C:\Windows\system32\wmi.dll
2017-12-02 14:13:16 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2017-12-02 14:12:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2017-12-02 14:12:02 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2017-12-02 14:05:27 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2017-12-02 14:05:27 ----A---- C:\Windows\SYSWOW64\icardres.dll
2017-12-02 14:05:27 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2017-12-02 14:05:27 ----A---- C:\Windows\system32\infocardapi.dll
2017-12-02 14:05:27 ----A---- C:\Windows\system32\icardres.dll
2017-12-02 14:05:27 ----A---- C:\Windows\system32\icardagt.exe
2017-12-02 14:05:21 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2017-12-02 14:05:21 ----A---- C:\Windows\system32\TsWpfWrp.exe
2017-12-02 14:03:21 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2017-12-02 14:03:21 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2017-12-02 14:03:21 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2017-12-02 14:03:21 ----A---- C:\Windows\system32\kbdgeoqw.dll
2017-12-02 14:03:21 ----A---- C:\Windows\system32\KBDAZEL.DLL
2017-12-02 14:03:21 ----A---- C:\Windows\system32\KBDAZE.DLL
2017-12-02 14:02:23 ----A---- C:\Windows\system32\sysmain.dll
2017-12-02 14:02:14 ----A---- C:\Windows\system32\basesrv.dll
2017-12-02 14:02:08 ----A---- C:\Windows\system32\EncDec.dll
2017-12-02 14:02:08 ----A---- C:\Windows\system32\CPFilters.dll
2017-12-02 14:02:07 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2017-12-02 14:02:07 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2017-12-02 14:01:58 ----A---- C:\Windows\SYSWOW64\tdh.dll
2017-12-02 14:01:58 ----A---- C:\Windows\system32\tdh.dll
2017-12-02 14:01:50 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2017-12-02 14:01:50 ----A---- C:\Windows\SYSWOW64\sechost.dll
2017-12-02 14:01:50 ----A---- C:\Windows\system32\tracerpt.exe
2017-12-02 14:01:50 ----A---- C:\Windows\system32\sechost.dll
2017-12-02 14:01:50 ----A---- C:\Windows\system32\logman.exe
2017-12-02 14:01:49 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2017-12-02 14:01:49 ----A---- C:\Windows\SYSWOW64\relog.exe
2017-12-02 14:01:49 ----A---- C:\Windows\SYSWOW64\logman.exe
2017-12-02 14:01:49 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2017-12-02 14:01:49 ----A---- C:\Windows\system32\typeperf.exe
2017-12-02 14:01:49 ----A---- C:\Windows\system32\relog.exe
2017-12-02 14:01:49 ----A---- C:\Windows\system32\diskperf.exe
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\objsel.dll
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\wincredprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\objsel.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\dpapiprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\dimsroam.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\cngprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\capiprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\adprovider.dll
2017-12-02 14:01:41 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2017-12-02 14:01:36 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2017-12-02 14:01:36 ----A---- C:\Windows\system32\winresume.exe
2017-12-02 14:01:36 ----A---- C:\Windows\system32\mtxoci.dll
2017-12-02 14:01:36 ----A---- C:\Windows\system32\ci.dll
2017-12-02 14:01:35 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2017-12-02 14:01:31 ----A---- C:\Windows\system32\RMActivate_isv.exe
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\secproc.dll
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2017-12-02 14:01:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2017-12-02 14:01:30 ----A---- C:\Windows\system32\secproc_ssp.dll
2017-12-02 14:01:30 ----A---- C:\Windows\system32\secproc_isv.dll
2017-12-02 14:01:30 ----A---- C:\Windows\system32\secproc.dll
2017-12-02 14:01:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2017-12-02 14:01:30 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2017-12-02 14:01:30 ----A---- C:\Windows\system32\RMActivate.exe
2017-12-02 14:01:30 ----A---- C:\Windows\system32\msdrm.dll
2017-12-02 14:01:28 ----A---- C:\Windows\SYSWOW64\netevent.dll
2017-12-02 14:01:28 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2017-12-02 14:01:28 ----A---- C:\Windows\system32\nlaapi.dll
2017-12-02 14:01:28 ----A---- C:\Windows\system32\netevent.dll
2017-12-02 14:01:28 ----A---- C:\Windows\system32\netcorehc.dll
2017-12-02 14:01:28 ----A---- C:\Windows\system32\ncsi.dll
2017-12-02 14:01:28 ----A---- C:\Windows\system32\iphlpsvc.dll
2017-12-02 14:01:20 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2017-12-02 14:01:20 ----A---- C:\Windows\system32\pku2u.dll
2017-12-02 14:01:04 ----A---- C:\Windows\SYSWOW64\explorer.exe
2017-12-02 14:01:04 ----A---- C:\Windows\explorer.exe
2017-12-02 14:01:01 ----A---- C:\Windows\system32\termsrv.dll
2017-12-02 14:00:57 ----A---- C:\Windows\SYSWOW64\gameux.dll
2017-12-02 14:00:57 ----A---- C:\Windows\system32\Wpc.dll
2017-12-02 14:00:57 ----A---- C:\Windows\system32\gameux.dll
2017-12-02 14:00:56 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2017-12-02 14:00:36 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2017-12-02 14:00:36 ----A---- C:\Windows\system32\TSWorkspace.dll
2017-12-02 14:00:35 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2017-12-02 14:00:35 ----A---- C:\Windows\system32\ntshrui.dll
2017-12-02 14:00:34 ----A---- C:\Windows\SYSWOW64\sbe.dll
2017-12-02 14:00:34 ----A---- C:\Windows\system32\sbe.dll
2017-12-02 14:00:33 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2017-12-02 14:00:33 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2017-12-02 14:00:33 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2017-12-02 14:00:33 ----A---- C:\Windows\system32\dhcpcore6.dll
2017-12-02 14:00:32 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2017-12-02 14:00:32 ----A---- C:\Windows\system32\cryptdlg.dll
2017-12-02 14:00:29 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2017-12-02 14:00:29 ----A---- C:\Windows\SYSWOW64\credui.dll
2017-12-02 14:00:29 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2017-12-02 14:00:29 ----A---- C:\Windows\system32\credui.dll
2017-12-02 14:00:28 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2017-12-02 14:00:28 ----A---- C:\Windows\system32\msieftp.dll
2017-12-02 14:00:27 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2017-12-02 14:00:27 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\system32\odbctrac.dll
2017-12-02 14:00:27 ----A---- C:\Windows\system32\odbccu32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\system32\odbccr32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\system32\odbccp32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2017-12-02 14:00:26 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2017-12-02 14:00:26 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2017-12-02 14:00:26 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2017-12-02 14:00:26 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2017-12-02 14:00:26 ----A---- C:\Windows\system32\xmllite.dll
2017-12-02 14:00:26 ----A---- C:\Windows\system32\mapistub.dll
2017-12-02 14:00:26 ----A---- C:\Windows\system32\mapi32.dll
2017-12-02 14:00:26 ----A---- C:\Windows\system32\fixmapi.exe
2017-12-02 14:00:25 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2017-12-02 14:00:25 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2017-12-02 14:00:25 ----A---- C:\Windows\system32\schedsvc.dll
2017-12-02 14:00:25 ----A---- C:\Windows\system32\services.exe
2017-12-02 14:00:25 ----A---- C:\Windows\system32\dpnet.dll
2017-12-02 14:00:25 ----A---- C:\Windows\system32\cewmdm.dll
2017-12-02 14:00:24 ----A---- C:\Windows\system32\wwansvc.dll
2017-12-02 14:00:24 ----A---- C:\Windows\system32\wwanprotdim.dll
2017-12-02 14:00:24 ----A---- C:\Windows\system32\drivers\fvevol.sys
2017-12-02 13:59:15 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2017-12-02 13:59:15 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2017-12-02 13:59:15 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2017-12-02 13:59:15 ----A---- C:\Windows\system32\shimeng.dll
2017-12-02 13:59:15 ----A---- C:\Windows\system32\sdbinst.exe
2017-12-02 13:59:15 ----A---- C:\Windows\system32\apphelp.dll
2017-12-02 13:59:15 ----A---- C:\Windows\system32\aelupsvc.dll
2017-12-02 13:59:03 ----A---- C:\Windows\SYSWOW64\winsta.dll
2017-12-02 13:59:03 ----A---- C:\Windows\system32\winsta.dll
2017-12-02 13:59:03 ----A---- C:\Windows\system32\winlogon.exe
2017-12-02 13:59:03 ----A---- C:\Windows\system32\rdrmemptylst.exe
2017-12-02 13:59:03 ----A---- C:\Windows\system32\rdpwsx.dll
2017-12-02 13:59:03 ----A---- C:\Windows\system32\rdpcorekmts.dll
2017-12-02 13:59:03 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2017-12-02 13:58:58 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2017-12-02 13:58:58 ----A---- C:\Windows\system32\d3d11.dll
2017-12-02 13:58:44 ----A---- C:\Windows\SYSWOW64\tbs.dll
2017-12-02 13:58:44 ----A---- C:\Windows\system32\tbs.dll
2017-12-02 13:58:44 ----A---- C:\Windows\system32\fveapibase.dll
2017-12-02 13:58:44 ----A---- C:\Windows\system32\fveapi.dll
2017-12-02 13:58:43 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2017-12-02 13:58:43 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2017-12-02 13:58:43 ----A---- C:\Windows\system32\msxml6r.dll
2017-12-02 13:58:43 ----A---- C:\Windows\system32\msxml6.dll
2017-12-02 13:58:42 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2017-12-02 13:58:41 ----A---- C:\Windows\SYSWOW64\osk.exe
2017-12-02 13:58:41 ----A---- C:\Windows\system32\osk.exe
2017-12-02 13:58:37 ----A---- C:\Windows\system32\gpsvc.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\polstore.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\winipsec.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\polstore.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\IPSECSVC.DLL
2017-12-02 13:58:36 ----A---- C:\Windows\system32\gpscript.exe
2017-12-02 13:58:36 ----A---- C:\Windows\system32\gpscript.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\gpprefcl.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\gpapi.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2017-12-02 13:58:35 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2017-12-02 13:58:35 ----A---- C:\Windows\system32\wpdshext.dll
2017-12-02 13:58:33 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2017-12-02 13:58:33 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2017-12-02 13:58:33 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2017-12-02 13:58:33 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2017-12-02 13:58:33 ----A---- C:\Windows\system32\nlasvc.dll
2017-12-02 13:58:33 ----A---- C:\Windows\system32\mscorier.dll
2017-12-02 13:58:33 ----A---- C:\Windows\system32\dfshim.dll
2017-12-02 13:58:32 ----A---- C:\Windows\SYSWOW64\mscories.dll
2017-12-02 13:58:32 ----A---- C:\Windows\system32\mscories.dll
2017-12-02 13:58:32 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2017-12-02 13:58:31 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2017-12-02 13:58:31 ----A---- C:\Windows\system32\iologmsg.dll
2017-12-02 13:58:31 ----A---- C:\Windows\system32\drivers\storport.sys
2017-12-02 13:58:31 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2017-12-02 13:58:30 ----A---- C:\Windows\system32\OxpsConverter.exe
2017-12-02 13:58:28 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2017-12-02 13:58:27 ----A---- C:\Windows\SYSWOW64\notepad.exe
2017-12-02 13:58:27 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2017-12-02 13:58:27 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2017-12-02 13:58:27 ----A---- C:\Windows\system32\notepad.exe
2017-12-02 13:58:27 ----A---- C:\Windows\system32\mfc42u.dll
2017-12-02 13:58:27 ----A---- C:\Windows\system32\mfc42.dll
2017-12-02 13:58:27 ----A---- C:\Windows\notepad.exe
2017-12-02 13:58:26 ----A---- C:\Windows\system32\drivers\hidparse.sys
2017-12-02 13:58:26 ----A---- C:\Windows\system32\drivers\hidclass.sys
2017-12-02 13:58:25 ----A---- C:\Windows\SYSWOW64\wdi.dll
2017-12-02 13:58:25 ----A---- C:\Windows\system32\wdi.dll
2017-12-02 13:58:25 ----A---- C:\Windows\system32\powertracker.dll
2017-12-02 13:58:25 ----A---- C:\Windows\system32\perftrack.dll
2017-12-02 13:58:24 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2017-12-02 13:58:24 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2017-12-02 13:58:24 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2017-12-02 13:58:24 ----A---- C:\Windows\system32\dwmcore.dll
2017-12-02 13:58:24 ----A---- C:\Windows\system32\dwmapi.dll
2017-12-02 13:58:24 ----A---- C:\Windows\system32\comctl32.dll
2017-12-02 13:58:21 ----A---- C:\Windows\SYSWOW64\certutil.exe
2017-12-02 13:58:21 ----A---- C:\Windows\SYSWOW64\certenc.dll
2017-12-02 13:58:21 ----A---- C:\Windows\system32\certutil.exe
2017-12-02 13:58:21 ----A---- C:\Windows\system32\certenc.dll
2017-12-02 13:58:17 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2017-12-02 13:58:17 ----A---- C:\Windows\system32\ubpm.dll
2017-12-02 13:58:16 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2017-12-02 13:58:16 ----A---- C:\Windows\system32\wshrm.dll
2017-12-02 13:58:16 ----A---- C:\Windows\system32\drivers\usb8023.sys
2017-12-02 13:58:16 ----A---- C:\Windows\system32\drivers\rmcast.sys
2017-12-02 13:58:16 ----A---- C:\Windows\system32\drivers\disk.sys
2017-12-02 13:58:13 ----A---- C:\Windows\SYSWOW64\mfds.dll
2017-12-02 13:58:13 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2017-12-02 13:58:13 ----A---- C:\Windows\system32\mfds.dll
2017-12-02 13:58:13 ----A---- C:\Windows\system32\imagehlp.dll
2017-12-02 13:58:11 ----A---- C:\Windows\SYSWOW64\qedit.dll
2017-12-02 13:58:11 ----A---- C:\Windows\SYSWOW64\devenum.dll
2017-12-02 13:58:11 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2017-12-02 13:58:11 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2017-12-02 13:58:11 ----A---- C:\Windows\system32\qedit.dll
2017-12-02 13:58:11 ----A---- C:\Windows\system32\devenum.dll
2017-12-02 13:58:11 ----A---- C:\Windows\system32\comsvcs.dll
2017-12-02 13:58:11 ----A---- C:\Windows\system32\catsrvut.dll
2017-12-02 13:58:10 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2017-12-02 13:58:10 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2017-12-02 13:58:10 ----A---- C:\Windows\SYSWOW64\devobj.dll
2017-12-02 13:58:10 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2017-12-02 13:58:10 ----A---- C:\Windows\system32\umpnpmgr.dll
2017-12-02 13:58:09 ----A---- C:\Windows\system32\drivers\partmgr.sys
2017-12-02 13:58:08 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2017-12-02 13:58:07 ----A---- C:\Windows\SYSWOW64\charmap.exe
2017-12-02 13:58:07 ----A---- C:\Windows\system32\profsvc.dll
2017-12-02 13:58:07 ----A---- C:\Windows\system32\charmap.exe
2017-12-02 13:58:05 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2017-12-02 13:58:05 ----A---- C:\Windows\system32\psisdecd.dll
2017-12-02 13:58:05 ----A---- C:\Windows\system32\drivers\ataport.sys
2017-12-02 13:58:04 ----A---- C:\Windows\SYSWOW64\synceng.dll
2017-12-02 13:58:04 ----A---- C:\Windows\system32\synceng.dll
2017-12-02 13:58:04 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2017-12-02 13:58:04 ----A---- C:\Windows\system32\drivers\usbcir.sys
2017-12-02 13:58:03 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2017-12-02 13:58:03 ----A---- C:\Windows\system32\StructuredQuery.dll
2017-12-02 13:58:03 ----A---- C:\Windows\system32\kdusb.dll
2017-12-02 13:58:03 ----A---- C:\Windows\system32\kdcom.dll
2017-12-02 13:58:03 ----A---- C:\Windows\system32\kd1394.dll
2017-12-02 13:58:02 ----A---- C:\Windows\system32\taskhost.exe
2017-12-02 13:58:02 ----A---- C:\Windows\system32\drivers\stream.sys
2017-12-02 13:58:01 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2017-12-02 13:58:01 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2017-12-02 13:58:01 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2017-12-02 13:58:01 ----A---- C:\Windows\system32\ws2_32.dll
2017-12-02 13:58:01 ----A---- C:\Windows\system32\winhttp.dll
2017-12-02 13:58:01 ----A---- C:\Windows\system32\seclogon.dll
2017-12-02 13:58:01 ----A---- C:\Windows\system32\mswsock.dll
2017-12-02 13:57:59 ----A---- C:\Windows\SYSWOW64\rastls.dll
2017-12-02 13:57:59 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2017-12-02 13:57:59 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2017-12-02 13:57:59 ----A---- C:\Windows\system32\rastls.dll
2017-12-02 13:57:59 ----A---- C:\Windows\system32\drivers\ndis.sys
2017-12-02 13:57:59 ----A---- C:\Windows\system32\dnsrslvr.dll
2017-12-02 13:57:59 ----A---- C:\Windows\system32\dnscacheugc.exe
2017-12-02 13:57:59 ----A---- C:\Windows\system32\dnsapi.dll
2017-12-02 13:56:23 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2017-12-02 13:56:23 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2017-12-02 13:56:23 ----A---- C:\Windows\system32\InkEd.dll
2017-12-02 13:56:23 ----A---- C:\Windows\system32\clfsw32.dll
2017-12-02 13:56:21 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2017-12-02 13:56:21 ----A---- C:\Windows\system32\oleacc.dll
2017-12-02 13:56:20 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2017-12-02 13:56:20 ----A---- C:\Windows\system32\msvcrt.dll
2017-12-02 13:56:19 ----A---- C:\Windows\SYSWOW64\webio.dll
2017-12-02 13:56:19 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2017-12-02 13:56:19 ----A---- C:\Windows\system32\webio.dll
2017-12-02 13:56:19 ----A---- C:\Windows\system32\scesrv.dll
2017-12-02 13:56:18 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2017-12-02 13:56:18 ----A---- C:\Windows\SYSWOW64\els.dll
2017-12-02 13:56:18 ----A---- C:\Windows\SYSWOW64\browcli.dll
2017-12-02 13:56:18 ----A---- C:\Windows\system32\netapi32.dll
2017-12-02 13:56:18 ----A---- C:\Windows\system32\els.dll
2017-12-02 13:56:18 ----A---- C:\Windows\system32\browser.dll
2017-12-02 13:56:18 ----A---- C:\Windows\system32\browcli.dll
2017-12-02 13:56:17 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2017-12-02 13:56:17 ----A---- C:\Windows\system32\prevhost.exe
2017-12-02 13:56:17 ----A---- C:\Windows\system32\FXSCOVER.exe
2017-12-02 13:56:16 ----A---- C:\Windows\SYSWOW64\wscript.exe
2017-12-02 13:56:16 ----A---- C:\Windows\SYSWOW64\packager.dll
2017-12-02 13:56:16 ----A---- C:\Windows\system32\scrrun.dll
2017-12-02 13:56:16 ----A---- C:\Windows\system32\packager.dll
2017-12-02 13:56:16 ----A---- C:\Windows\system32\cscript.exe
2017-12-02 13:56:15 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2017-12-02 13:56:15 ----A---- C:\Windows\SYSWOW64\cscript.exe
2017-12-02 13:56:15 ----A---- C:\Windows\system32\wscript.exe
2017-12-02 13:55:38 ----D---- C:\Windows\Prefetch
2017-12-02 13:55:32 ----ASH---- C:\pagefile.sys
2017-12-02 13:55:32 ----ASH---- C:\hiberfil.sys
2017-12-02 13:55:31 ----SHD---- C:\System Volume Information
2017-12-02 13:55:14 ----D---- C:\Windows\Panther
2017-12-02 13:48:54 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2017-12-02 13:48:54 ----A---- C:\Windows\system32\poqexec.exe
2017-12-02 13:46:16 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2017-12-02 13:46:16 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2017-12-02 13:46:16 ----A---- C:\Windows\system32\nshwfp.dll
2017-12-02 13:46:16 ----A---- C:\Windows\system32\IKEEXT.DLL
2017-12-02 13:46:16 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2017-12-02 13:41:15 ----D---- C:\Windows\SYSWOW64\NV
2017-12-02 13:41:15 ----D---- C:\Windows\system32\NV
2017-12-02 13:40:28 ----D---- C:\ProgramData\Lenovo
2017-12-02 13:40:28 ----A---- C:\Windows\system32\drivers\AcpiVpc.sys
2017-12-02 13:38:12 ----D---- C:\drivers
2017-12-02 13:37:41 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2017-12-02 13:32:52 ----D---- C:\Program Files (x86)\Microsoft Security Client
2017-12-02 13:32:42 ----D---- C:\Program Files\Microsoft Security Client
2017-12-02 13:31:36 ----D---- C:\Program Files (x86)\AGEIA Technologies
2017-12-02 13:31:34 ----D---- C:\ProgramData\NVIDIA
2017-12-02 13:31:26 ----A---- C:\Windows\SYSWOW64\oemdspif.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvvsvc.exe
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvsvcr.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvsvc64.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvshext.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvmctray.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvcpl.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nv3dappshextr.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nv3dappshext.dll
2017-12-02 13:31:11 ----D---- C:\ProgramData\NVIDIA Corporation
2017-12-02 13:31:07 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-12-02 13:27:47 ----D---- C:\Program Files (x86)\Microsoft.NET
2017-12-02 13:27:29 ----HD---- C:\Windows\system32\WLANProfiles
2017-12-02 13:27:20 ----D---- C:\Users\Lenovo\AppData\Roaming\Intel
2017-12-02 13:27:14 ----D---- C:\ProgramData\Roaming
2017-12-02 13:27:04 ----D---- C:\Program Files\Common Files\Intel
2017-12-02 13:27:04 ----D---- C:\Program Files (x86)\Cisco
2017-12-02 13:27:02 ----D---- C:\ProgramData\Intel.sav
2017-12-02 13:26:43 ----D---- C:\ProgramData\Package Cache
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvumdshimx.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvopencl.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvoglv64.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvoglshim64.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvinitx.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\NvIFR64.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\NvFBC64.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2017-12-02 13:26:33 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvdispgenco6433233.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvdispco6433233.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvcuvid.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvcuvenc.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvcuda.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvcompiler.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvapi64.dll
2017-12-02 13:26:25 ----D---- C:\Program Files\NVIDIA Corporation
2017-12-02 13:23:10 ----D---- C:\Program Files (x86)\Dolby Home Theater v4
2017-12-02 13:23:07 ----A---- C:\Windows\SAII_LOG.TXT
2017-12-02 13:22:53 ----A---- C:\Windows\SYSWOW64\SASrv.exe
2017-12-02 13:22:44 ----A---- C:\Windows\system32\drivers\SamSfPa.dat
2017-12-02 13:22:41 ----A---- C:\Windows\system32\CxAudMsg64.exe
2017-12-02 13:22:34 ----D---- C:\Program Files\CONEXANT
2017-12-02 13:22:25 ----D---- C:\ProgramData\Conexant
2017-12-02 13:22:23 ----A---- C:\Windows\system32\UCI64A45.DLL
2017-12-02 13:22:23 ----A---- C:\Windows\system32\FMAPO64.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\EEP64A.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\EEL64A.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\EEG64A.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\EED64A.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\EEA64A.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\drivers\Mixer.ini
2017-12-02 13:22:23 ----A---- C:\Windows\system32\drivers\CHDRT64.sys
2017-12-02 13:22:23 ----A---- C:\Windows\system32\CxPageMaster64.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\CX64BP07.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\CX64AP86.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\CSpkExt64.dll
2017-12-02 13:20:17 ----A---- C:\Windows\SYSWOW64\OpenCL.DLL
2017-12-02 13:20:17 ----A---- C:\Windows\system32\OpenCL.DLL
2017-12-02 13:20:14 ----D---- C:\Program Files (x86)\Google
2017-12-02 13:19:39 ----D---- C:\Program Files\Elantech
2017-12-02 13:19:34 ----A---- C:\Windows\system32\igfxCoIn_v3368.dll
2017-12-02 13:19:33 ----A---- C:\Windows\SYSWOW64\igfxdv32.dll
2017-12-02 13:19:33 ----A---- C:\Windows\system32\igfxTray.exe
2017-12-02 13:19:33 ----A---- C:\Windows\system32\igfxress.dll
2017-12-02 13:19:32 ----A---- C:\Windows\system32\igdusc64.dll
2017-12-02 13:19:30 ----A---- C:\Windows\system32\igd10iumd64.dll
2017-12-02 13:19:29 ----A---- C:\Windows\system32\hccutils.dll
2017-12-02 13:19:29 ----A---- C:\Windows\system32\GfxRes.dll
2017-12-02 13:19:28 ----A---- C:\Windows\system32\drivers\IntcDAud.sys
2017-12-02 13:19:08 ----A---- C:\Windows\system32\drivers\ETD.sys
2017-12-02 13:18:55 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2017-12-02 13:18:52 ----A---- C:\Windows\system32\drivers\USB3Ver.dll
2017-12-02 13:18:49 ----A---- C:\Windows\system32\drivers\iusb3xhc.sys
2017-12-02 13:18:49 ----A---- C:\Windows\system32\drivers\iusb3hub.sys
2017-12-02 13:18:49 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2017-12-02 13:18:39 ----A---- C:\Windows\system32\Wdfres.dll
2017-12-02 13:18:39 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2017-12-02 13:18:29 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2017-12-02 13:18:29 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2017-12-02 13:18:26 ----D---- C:\Users\Lenovo\AppData\Roaming\Intel Corporation
2017-12-02 13:18:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-12-02 13:18:25 ----D---- C:\ProgramData\Intel
2017-12-02 13:18:23 ----D---- C:\Program Files\Intel
2017-12-02 13:18:17 ----SHD---- C:\Windows\Installer
2017-12-02 13:17:50 ----D---- C:\Program Files (x86)\Intel
2017-12-02 13:17:50 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2017-12-02 13:17:27 ----A---- C:\Windows\SYSWOW64\RtCamX.dll
2017-12-02 13:17:27 ----A---- C:\Windows\system32\RtCamX64.dll
2017-12-02 13:17:27 ----A---- C:\Windows\system32\drivers\rtsuvc.sys
2017-12-02 13:17:27 ----A---- C:\Windows\RTFTrack.exe
2017-12-02 13:17:27 ----A---- C:\Windows\RtCamU64.exe
2017-12-02 13:17:14 ----A---- C:\Windows\system32\RTNUninst64.dll
2017-12-02 13:17:14 ----A---- C:\Windows\system32\RtNicProp64.dll
2017-12-02 13:17:14 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2017-12-02 13:16:53 ----D---- C:\Windows\SYSWOW64\sda
2017-12-02 13:16:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-12-02 13:16:48 ----D---- C:\Program Files (x86)\Realtek
2017-12-02 13:16:48 ----A---- C:\Windows\SYSWOW64\RtsUVStoricon.dll
2017-12-02 13:16:48 ----A---- C:\Windows\system32\drivers\RtsUVStor.sys
2017-12-02 13:00:21 ----D---- C:\Users\Lenovo\AppData\Roaming\Identities
2017-12-02 13:00:18 ----SD---- C:\Users\Lenovo\AppData\Roaming\Microsoft
2017-12-02 13:00:18 ----D---- C:\Users\Lenovo\AppData\Roaming\Media Center Programs
2017-12-02 13:00:17 ----SHD---- C:\Recovery
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Šablony
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Plocha
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Oblíbené položky
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Nabídka Start
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Dokumenty
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Data aplikací
2017-12-02 13:00:16 ----D---- C:\Windows\SoftwareDistribution


======List of files/folders modified in the last 1 month======

2017-12-06 20:55:31 ----RD---- C:\Program Files
2017-12-06 20:55:28 ----D---- C:\Windows\Temp
2017-12-06 20:43:10 ----D---- C:\Windows\System32
2017-12-06 20:43:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-06 20:43:09 ----D---- C:\Windows\inf
2017-12-06 17:40:17 ----D---- C:\Windows\system32\config
2017-12-06 17:29:17 ----D---- C:\Windows\winsxs
2017-12-06 17:15:27 ----D---- C:\Windows\system32\NDF
2017-12-05 12:06:56 ----D---- C:\Windows\system32\wdi
2017-12-04 18:39:29 ----D---- C:\Windows\SysWOW64
2017-12-04 18:38:28 ----D---- C:\Windows\system32\drivers
2017-12-04 18:33:21 ----RD---- C:\Program Files (x86)
2017-12-04 12:10:24 ----D---- C:\Windows\rescache
2017-12-04 10:33:55 ----HD---- C:\ProgramData
2017-12-04 10:33:11 ----RSD---- C:\Windows\Fonts
2017-12-04 10:31:32 ----D---- C:\Program Files\Common Files
2017-12-04 10:29:33 ----D---- C:\Program Files (x86)\Common Files
2017-12-04 09:11:29 ----D---- C:\Program Files\Common Files\Microsoft Shared
2017-12-04 08:12:59 ----D---- C:\Windows\AppCompat
2017-12-03 00:46:19 ----D---- C:\Windows\system32\catroot2
2017-12-03 00:40:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-12-03 00:40:48 ----D---- C:\Windows\system32\cs-CZ
2017-12-02 23:13:52 ----D---- C:\Windows\SYSWOW64\migwiz
2017-12-02 23:13:52 ----D---- C:\Windows\SYSWOW64\migration
2017-12-02 23:13:52 ----D---- C:\Windows\SYSWOW64\en-US
2017-12-02 23:13:52 ----D---- C:\Windows\SYSWOW64\Dism
2017-12-02 23:13:52 ----D---- C:\Program Files\Windows Media Player
2017-12-02 23:13:52 ----D---- C:\Program Files\Internet Explorer
2017-12-02 23:13:52 ----D---- C:\Program Files\DVD Maker
2017-12-02 23:13:52 ----D---- C:\Program Files (x86)\Windows Media Player
2017-12-02 23:13:52 ----D---- C:\Program Files (x86)\Internet Explorer
2017-12-02 23:13:51 ----D---- C:\Windows\system32\migwiz
2017-12-02 23:13:51 ----D---- C:\Windows\system32\migration
2017-12-02 23:13:51 ----D---- C:\Windows\system32\en-US
2017-12-02 23:13:51 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-12-02 23:13:51 ----D---- C:\Windows\system32\Dism
2017-12-02 23:13:51 ----D---- C:\Windows\PolicyDefinitions
2017-12-02 23:13:51 ----D---- C:\Windows\AppPatch
2017-12-02 23:13:51 ----D---- C:\Windows
2017-12-02 23:13:50 ----D---- C:\Windows\system32\wbem
2017-12-02 23:13:50 ----D---- C:\Windows\system32\Boot
2017-12-02 23:13:48 ----D---- C:\Windows\system32\DriverStore
2017-12-02 23:08:14 ----D---- C:\Windows\Microsoft.NET
2017-12-02 16:51:27 ----D---- C:\Windows\Logs
2017-12-02 16:24:26 ----RSD---- C:\Windows\assembly
2017-12-02 16:23:07 ----D---- C:\Windows\system32\catroot
2017-12-02 16:08:24 ----D---- C:\Windows\system32\CodeIntegrity
2017-12-02 16:08:24 ----D---- C:\Windows\ehome
2017-12-02 16:08:24 ----D---- C:\Program Files\Common Files\System
2017-12-02 16:08:23 ----D---- C:\Windows\SYSWOW64\wbem
2017-12-02 16:08:23 ----D---- C:\Windows\system32\drivers\en-US
2017-12-02 16:08:22 ----D---- C:\Windows\tracing
2017-12-02 16:08:22 ----D---- C:\Windows\system32\AdvancedInstallers
2017-12-02 16:08:22 ----D---- C:\Program Files (x86)\Windows Defender
2017-12-02 16:08:21 ----D---- C:\Program Files\Windows Defender
2017-12-02 16:08:20 ----SD---- C:\ProgramData\Microsoft
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\zh-TW
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\zh-HK
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\zh-CN
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\tr-TR
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\sv-SE
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\ru-RU
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\pt-PT
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\pt-BR
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\nl-NL
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\nb-NO
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\ko-KR
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\ja-JP
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\it-IT
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\fr-FR
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\fi-FI
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\es-ES
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\el-GR
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\de-DE
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\da-DK
2017-12-02 16:08:19 ----D---- C:\Windows\system32\zh-TW
2017-12-02 16:08:19 ----D---- C:\Windows\system32\zh-HK
2017-12-02 16:08:19 ----D---- C:\Windows\system32\zh-CN
2017-12-02 16:08:19 ----D---- C:\Windows\system32\tr-TR
2017-12-02 16:08:19 ----D---- C:\Windows\system32\sv-SE
2017-12-02 16:08:19 ----D---- C:\Windows\system32\ru-RU
2017-12-02 16:08:19 ----D---- C:\Windows\system32\pt-PT
2017-12-02 16:08:19 ----D---- C:\Windows\system32\pt-BR
2017-12-02 16:08:19 ----D---- C:\Windows\system32\pl-PL
2017-12-02 16:08:19 ----D---- C:\Windows\system32\nl-NL
2017-12-02 16:08:19 ----D---- C:\Windows\system32\nb-NO
2017-12-02 16:08:19 ----D---- C:\Windows\system32\ko-KR
2017-12-02 16:08:19 ----D---- C:\Windows\system32\ja-JP
2017-12-02 16:08:19 ----D---- C:\Windows\system32\it-IT
2017-12-02 16:08:19 ----D---- C:\Windows\system32\hu-HU
2017-12-02 16:08:19 ----D---- C:\Windows\system32\fr-FR
2017-12-02 16:08:19 ----D---- C:\Windows\system32\fi-FI
2017-12-02 16:08:19 ----D---- C:\Windows\system32\es-ES
2017-12-02 16:08:19 ----D---- C:\Windows\system32\el-GR
2017-12-02 16:08:19 ----D---- C:\Windows\system32\de-DE
2017-12-02 16:08:19 ----D---- C:\Windows\system32\da-DK
2017-12-02 15:34:37 ----D---- C:\Windows\debug
2017-12-02 13:56:20 ----D---- C:\Windows\system32\sysprep
2017-12-02 13:55:38 ----D---- C:\Windows\CSC
2017-12-02 13:33:54 ----D---- C:\Windows\Tasks
2017-12-02 13:31:33 ----RD---- C:\Users
2017-12-02 13:31:25 ----D---- C:\Windows\Help
2017-12-02 13:28:34 ----D---- C:\Windows\system32\Tasks
2017-12-02 13:17:39 ----D---- C:\Windows\twain_32
2017-12-02 13:16:49 ----D---- C:\Windows\system32\restore
2017-12-02 13:01:24 ----D---- C:\Windows\system32\drivers\UMDF
2017-12-02 13:00:20 ----SHD---- C:\$Recycle.Bin
2017-12-02 13:00:17 ----D---- C:\Program Files\Windows NT
2017-11-20 21:32:23 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-11-21 632168]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-11-21 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-01-06 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-01-06 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 MpKsl27982ce6;MpKsl27982ce6; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{611B7749-804B-4662-BB13-FD523B9932AE}\MpKsl27982ce6.sys [2017-12-06 58120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2014-01-27 1692376]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-10-17 377608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-08-09 4928256]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-01-06 369648]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-01-06 790512]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-17 99288]
R3 NETwNs64;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw02.sys [2014-05-04 3438048]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-08-08 329944]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-08-28 883928]
R3 rtsuvc;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2013-10-18 8876248]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 ngoomuho;ngoomuho; \??\C:\Windows\system32\drivers\ngoomuho.sys [2017-12-04 72816]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2016-10-18 45048]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2014-03-26 140600]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2014-04-18 1423160]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ibtusb;Aplikace Intel(R) Wireless Bluetooth(R) 4.0 a vysokorychlostní (HS) adaptér; C:\Windows\system32\DRIVERS\ibtusb.sys [2014-05-10 192456]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-11-29 449496]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2014-03-26 1206648]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2014-03-26 1706360]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2014-03-26 1165688]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-17 632048]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-21 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-08-09 355232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-17 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-17 390616]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-01-06 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-18 1914656]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-17 154864]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2014-01-17 3816176]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-02 153168]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-02 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-17 284912]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-12-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

_________________
Obrázek
Trojan suX hard!
StaY metal!!!


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 06 pro 2017 21:13 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 101506
Bydliště: Plzeň
Zdravím!
Spusťte tuto utilitu:

Citace:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 06 pro 2017 21:28 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 16 dub 2007 20:01
Příspěvky: 56
Nic to nenašlo, při prvním cleanu hodil modrou smrt a restartoval se, při druhém už vše ok

# AdwCleaner 7.0.5.0 - Logfile created on Wed Dec 06 20:27:37 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [952 B] - [2017/12/6 20:23:47]
C:/AdwCleaner/AdwCleaner[S1].txt - [1019 B] - [2017/12/6 20:27:26]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

_________________
Obrázek
Trojan suX hard!
StaY metal!!!


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 06 pro 2017 22:15 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 101506
Bydliště: Plzeň
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

Citace:
:files
C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d2eb8269bf8ed4a7d2fc1e70463c756e.exe

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"d2eb8269bf8ed4a7d2fc1e70463c756e"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"d2eb8269bf8ed4a7d2fc1e70463c756e"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]


a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 06 pro 2017 23:52 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 16 dub 2007 20:01
Příspěvky: 56
Už to funguje, super, děkuju moc, zde zasílám nový log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2017-12-06 23:50:15
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 23 GB (10%) free of 238 GB
Total RAM: 8088 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:50:17, on 6.12.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Lenovo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4203416088-688117384-3358250737-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4203416088-688117384-3358250737-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 13 (TeamViewer) - Unknown owner - c:\users\lenovo\appdata\local\temp\teamviewer\TeamViewer_Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8766 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 29255328
\??\C:\Windows\system32\conhost.exe "-19246423732074784582-674858569-9977911941423701240556155316-1788094537-1770899915
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SAsrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe {45AEAFA3-34CE-4314-AAEE-562B4958F7DC}
"taskhost.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\12062017_234323.log
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=62.0.3202.94 --initial-client-data=0xbc,0xc0,0xc4,0xb8,0xc8,0x7feea2b27e8,0x7feea2b27a8,0x7feea2b27b8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4736 --on-initialized-event-handle=340 --parent-handle=344 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=216,3168563303173016657,10796563121786148599,131072 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4264 --gpu-driver-date=8-4-2015 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1341 --service-request-channel-token=572042F001B8DB55FA1A041693E361A6 --mojo-platform-channel-handle=1604 --ignored=" --type=renderer " /prefetch:2
wmiadap.exe /F /T /R
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=216,3168563303173016657,10796563121786148599,131072 --service-pipe-token=B44817167201E56EF3D6B19AADD3542A --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=B44817167201E56EF3D6B19AADD3542A --renderer-client-id=10 --mojo-platform-channel-handle=2960 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=216,3168563303173016657,10796563121786148599,131072 --service-pipe-token=00B32D6D74A116E856F22EE2DFC6FB01 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=00B32D6D74A116E856F22EE2DFC6FB01 --renderer-client-id=4 --mojo-platform-channel-handle=3976 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=216,3168563303173016657,10796563121786148599,131072 --service-pipe-token=2BA7FA78930EF33E92421CC4308750C3 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=2BA7FA78930EF33E92421CC4308750C3 --renderer-client-id=5 --mojo-platform-channel-handle=4140 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=216,3168563303173016657,10796563121786148599,131072 --service-pipe-token=9CD894F7C6C008C75AA9A12304616A27 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=9CD894F7C6C008C75AA9A12304616A27 --renderer-client-id=6 --mojo-platform-channel-handle=4412 /prefetch:1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=216,3168563303173016657,10796563121786148599,131072 --service-pipe-token=6D9C9F8D00FBC15C342C480FA65DE25F --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=6D9C9F8D00FBC15C342C480FA65DE25F --renderer-client-id=15 --mojo-platform-channel-handle=5148 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=216,3168563303173016657,10796563121786148599,131072 --service-pipe-token=DD67FEF49E90B4B87FDDECF2B3BC0E5D --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=DD67FEF49E90B4B87FDDECF2B3BC0E5D --renderer-client-id=16 --mojo-platform-channel-handle=700 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-4203416088-688117384-3358250737-10003_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-4203416088-688117384-3358250737-10003 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Users\Lenovo\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"=C:\Windows\RTFTrack.exe [2013-10-18 6340312]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-11-21 36352]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-10-17 2891080]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-08-09 404376]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe []
"Persistence"=C:\Windows\system32\igfxpers.exe []
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-04 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-10-18 1028384]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2014-03-26 7825720]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-01-06 292848]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-12-06 23:48:12 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-12-06 23:43:23 ----D---- C:\_OTM
2017-12-06 21:24:54 ----D---- C:\Windows\Minidump
2017-12-06 21:22:51 ----D---- C:\AdwCleaner
2017-12-06 21:19:13 ----D---- C:\Users\Lenovo\AppData\Roaming\TeamViewer
2017-12-06 20:55:31 ----D---- C:\rsit
2017-12-06 20:55:31 ----D---- C:\Program Files\trend micro
2017-12-04 18:33:21 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2017-12-04 10:34:41 ----D---- C:\Users\Lenovo\AppData\Roaming\vlc
2017-12-04 10:33:55 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2017-12-04 10:33:23 ----D---- C:\Program Files\Adobe
2017-12-04 10:32:47 ----D---- C:\Program Files (x86)\Adobe
2017-12-04 10:31:51 ----D---- C:\Windows\SYSWOW64\Macromed
2017-12-04 10:31:32 ----D---- C:\Program Files\Common Files\Adobe
2017-12-04 10:29:34 ----D---- C:\Users\Lenovo\AppData\Roaming\Macromedia
2017-12-04 10:29:33 ----D---- C:\ProgramData\Adobe
2017-12-04 08:42:24 ----D---- C:\Program Files\VideoLAN
2017-12-04 08:26:06 ----D---- C:\Users\Lenovo\AppData\Roaming\uTorrent
2017-12-03 00:25:30 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2017-12-03 00:25:29 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-12-03 00:25:25 ----A---- C:\Windows\system32\win32k.sys
2017-12-03 00:25:24 ----A---- C:\Windows\system32\drivers\rdbss.sys
2017-12-03 00:25:23 ----A---- C:\Windows\system32\tzres.dll
2017-12-03 00:25:22 ----A---- C:\Windows\system32\gpedit.dll
2017-12-03 00:21:09 ----D---- C:\Windows\system32\appmgmt
2017-12-02 23:49:21 ----D---- C:\Users\Lenovo\AppData\Roaming\Google
2017-12-02 23:18:18 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\system32\KBDYAK.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\system32\KBDTAT.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\system32\KBDRU1.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\system32\KBDRU.DLL
2017-12-02 23:18:18 ----A---- C:\Windows\system32\KBDBASH.DLL
2017-12-02 23:13:50 ----SD---- C:\Windows\system32\CompatTel
2017-12-02 23:13:50 ----D---- C:\Windows\system32\appraiser
2017-12-02 16:23:37 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2017-12-02 16:23:37 ----A---- C:\Windows\system32\wksprt.exe
2017-12-02 16:23:37 ----A---- C:\Windows\system32\mstscax.dll
2017-12-02 16:23:36 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2017-12-02 16:23:36 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2017-12-02 16:23:36 ----A---- C:\Windows\system32\tsgqec.dll
2017-12-02 16:23:36 ----A---- C:\Windows\system32\rdvidcrl.dll
2017-12-02 16:23:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2017-12-02 16:23:32 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2017-12-02 16:23:32 ----A---- C:\Windows\system32\bcryptprimitives.dll
2017-12-02 16:23:17 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2017-12-02 16:23:17 ----A---- C:\Windows\system32\TSWbPrxy.exe
2017-12-02 16:23:17 ----A---- C:\Windows\system32\invagent.dll
2017-12-02 16:23:17 ----A---- C:\Windows\system32\d2d1.dll
2017-12-02 16:23:17 ----A---- C:\Windows\system32\centel.dll
2017-12-02 16:23:17 ----A---- C:\Windows\system32\aitstatic.exe
2017-12-02 16:23:16 ----A---- C:\Windows\system32\generaltel.dll
2017-12-02 16:23:16 ----A---- C:\Windows\system32\devinv.dll
2017-12-02 16:23:16 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-12-02 16:23:16 ----A---- C:\Windows\system32\appraiser.dll
2017-12-02 16:23:16 ----A---- C:\Windows\system32\aepic.dll
2017-12-02 16:23:16 ----A---- C:\Windows\system32\aeinv.dll
2017-12-02 16:23:16 ----A---- C:\Windows\system32\acmigration.dll
2017-12-02 16:23:15 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2017-12-02 16:23:15 ----A---- C:\Windows\system32\drivers\bthport.sys
2017-12-02 16:23:10 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2017-12-02 16:23:10 ----A---- C:\Windows\SYSWOW64\esent.dll
2017-12-02 16:23:10 ----A---- C:\Windows\system32\fsutil.exe
2017-12-02 16:23:10 ----A---- C:\Windows\system32\esent.dll
2017-12-02 16:23:10 ----A---- C:\Windows\system32\drivers\nvstor.sys
2017-12-02 16:23:10 ----A---- C:\Windows\system32\drivers\nvraid.sys
2017-12-02 16:23:10 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2017-12-02 16:23:10 ----A---- C:\Windows\system32\drivers\amdxata.sys
2017-12-02 16:23:10 ----A---- C:\Windows\system32\drivers\amdsata.sys
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-12-02 16:19:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-12-02 16:19:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-02 16:19:14 ----A---- C:\Windows\system32\inseng.dll
2017-12-02 16:19:14 ----A---- C:\Windows\system32\iernonce.dll
2017-12-02 16:19:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-12-02 16:19:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-12-02 16:19:14 ----A---- C:\Windows\system32\ie4uinit.exe
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-12-02 16:19:13 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\urlmon.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\occache.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-02 16:19:13 ----A---- C:\Windows\system32\msfeeds.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\iedkcs32.dll
2017-12-02 16:19:13 ----A---- C:\Windows\system32\dxtrans.dll
2017-12-02 16:19:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-12-02 16:19:12 ----A---- C:\Windows\system32\iesetup.dll
2017-12-02 16:19:12 ----A---- C:\Windows\system32\iertutil.dll
2017-12-02 16:19:12 ----A---- C:\Windows\system32\ieapfltr.dll
2017-12-02 16:19:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-12-02 16:19:11 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-12-02 16:19:11 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-12-02 16:19:11 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-12-02 16:19:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-12-02 16:19:11 ----A---- C:\Windows\system32\vbscript.dll
2017-12-02 16:19:11 ----A---- C:\Windows\system32\rdpcorets.dll
2017-12-02 16:19:11 ----A---- C:\Windows\system32\ieUnatt.exe
2017-12-02 16:19:11 ----A---- C:\Windows\system32\dxtmsft.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\webcheck.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\mshtmled.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\jscript9diag.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\jscript9.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\jscript.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\ieui.dll
2017-12-02 16:19:10 ----A---- C:\Windows\system32\ieframe.dll
2017-12-02 16:19:09 ----A---- C:\Windows\system32\wininet.dll
2017-12-02 16:19:09 ----A---- C:\Windows\system32\msrating.dll
2017-12-02 16:19:09 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-12-02 16:19:09 ----A---- C:\Windows\system32\jsproxy.dll
2017-12-02 16:19:08 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-12-02 16:19:08 ----A---- C:\Windows\system32\mshtml.dll
2017-12-02 16:19:08 ----A---- C:\Windows\system32\FntCache.dll
2017-12-02 16:19:08 ----A---- C:\Windows\system32\DWrite.dll
2017-12-02 16:19:07 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-12-02 16:19:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-12-02 16:19:07 ----A---- C:\Windows\system32\UIAnimation.dll
2017-12-02 16:19:07 ----A---- C:\Windows\system32\rdpudd.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-12-02 16:19:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\rundll32.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mswdat10.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msrepl40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msjtes40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msjter40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msjetoledb40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msexch40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mmcshext.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mmcbase.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mmc.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\input.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\cic.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-12-02 16:19:04 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\wer.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\evr.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-12-02 16:19:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\winnsi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\user.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\pla.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\pdh.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\oleres.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\nsi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msscp.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mscms.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\MigAutoPlay.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\icm32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\comcat.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-12-02 16:19:02 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\tquery.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-12-02 16:18:57 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-12-02 16:18:57 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssvp.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssrch.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssprxy.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssphtb.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssph.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\mssitlb.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\msshooks.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\msscntrs.dll
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbport.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbohci.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbhub.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbehci.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbd.sys
2017-12-02 16:18:57 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wvc.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wuwebv.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wups2.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wups.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wudriver.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wucltux.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wuaueng.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wuauclt.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wuapp.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wuapi.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WsmWmiPl.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WsmSvc.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WsmRes.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wsmprovhost.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wsmplpxy.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WsmAuto.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wpnpinst.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wow64win.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wow64cpu.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wow64.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wlansvc.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wlansec.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wlanmsm.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wlanhlp.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wlanapi.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wintrust.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\winsrv.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\winnsi.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\win32spl.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\WebClnt.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wdigest.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\wdc.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\UtcResources.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\usp10.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\user32.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\ucrtbase.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\TSpkg.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\themeui.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\srcore.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\srclient.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\smss.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\schannel.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\shell32.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\shdocvw.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\scavengeui.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\rundll32.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\rstrui.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\rpchttp.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\rpcrt4.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\resmon.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\rdpcore.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\PrintBrmUi.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\plasrv.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\pla.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\perfmon.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\pdhui.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\pdh.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\oleaut32.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\ntvdm64.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\ntprint.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\ntprint.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-12-02 16:18:56 ----A---- C:\Windows\system32\nsisvc.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\nsi.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\msv1_0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\msctf.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\localspl.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\kerberos.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\input.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\inetppui.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\inetpp.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\icaapi.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\srv.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-12-02 16:18:56 ----A---- C:\Windows\system32\drivers\afd.sys
2017-12-02 16:18:56 ----A---- C:\Windows\system32\diagtrack.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\davclnt.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\credssp.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\apisetschema.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-12-02 16:18:56 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-12-02 16:18:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\wmploc.DLL
2017-12-02 16:18:55 ----A---- C:\Windows\system32\wmp.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\wmdrmsdk.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\Wldap32.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\WcsPlugInService.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\sspisrv.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\sspicli.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\spwmp.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\secur32.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\rrinstaller.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\ntdll.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\nlsbres.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\netbtugc.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\ncrypt.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msxml3r.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msxml3.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msscp.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msobjs.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msnetobj.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msmmsp.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msinfo32.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msimsg.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msihnd.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msiexec.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msi.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mscms.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\msaudite.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mmcshext.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mmcbase.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mmc.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\MigAutoPlay.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mfps.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mfpmp.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mfplat.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mferror.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\mf.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\lsass.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\lsasrv.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\KernelBase.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\kernel32.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\INETRES.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\inetcomm.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\icm32.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\dxmasf.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drmv2clt.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drmmgrtn.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\netio.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\drivers\cng.sys
2017-12-02 16:18:55 ----A---- C:\Windows\system32\consent.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\cic.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\cdd.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\blackbox.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\auditpol.exe
2017-12-02 16:18:55 ----A---- C:\Windows\system32\asycfilt.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\appinfo.dll
2017-12-02 16:18:55 ----A---- C:\Windows\system32\adtschema.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\wermgr.exe
2017-12-02 16:18:54 ----A---- C:\Windows\system32\werdiagcontroller.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\wer.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\t2embed.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\samsrv.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\samlib.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\quartz.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\qdvd.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\lpk.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-12-02 16:18:54 ----A---- C:\Windows\system32\hlink.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\gdi32.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\fontsub.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\evr.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2017-12-02 16:18:54 ----A---- C:\Windows\system32\drivers\http.sys
2017-12-02 16:18:54 ----A---- C:\Windows\system32\drivers\fastfat.sys
2017-12-02 16:18:54 ----A---- C:\Windows\system32\drivers\exfat.sys
2017-12-02 16:18:54 ----A---- C:\Windows\system32\drivers\dfsc.sys
2017-12-02 16:18:54 ----A---- C:\Windows\system32\dciman32.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\atmlib.dll
2017-12-02 16:18:54 ----A---- C:\Windows\system32\atmfd.dll
2017-12-02 16:18:54 ----A---- C:\Windows\HelpPane.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\winload.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\rpcss.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\Query.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\pcawrk.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\pcasvc.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\pcalua.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\pcaevts.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\pcadm.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\oleres.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\ole32.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\EncDump.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-12-02 16:18:53 ----A---- C:\Windows\system32\drivers\appid.sys
2017-12-02 16:18:53 ----A---- C:\Windows\system32\csrsrv.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cryptui.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cryptsvc.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cryptsp.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cryptnet.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cryptbase.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\crypt32.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\conhost.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\comcat.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\clfs.sys
2017-12-02 16:18:53 ----A---- C:\Windows\system32\certcli.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\cdosys.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\bcrypt.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\bcdedit.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\authui.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\audiosrv.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\AudioSes.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\AUDIOKSE.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\AudioEng.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\audiodg.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\appidsvc.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-12-02 16:18:53 ----A---- C:\Windows\system32\appidapi.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\advapi32.dll
2017-12-02 16:18:53 ----A---- C:\Windows\system32\adsmsext.dll
2017-12-02 16:18:52 ----A---- C:\Windows\system32\drivers\bthpan.sys
2017-12-02 16:18:11 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2017-12-02 16:18:11 ----A---- C:\Windows\system32\d3d10warp.dll
2017-12-02 16:18:10 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2017-12-02 16:18:10 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2017-12-02 16:18:10 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2017-12-02 16:18:10 ----A---- C:\Windows\system32\d3d10level9.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\qasf.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2017-12-02 16:18:09 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMVXENCD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMVSENCD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMVSDECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMVENCOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMVDECOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\wmpmde.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMADMOE.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\WMADMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\VIDRESZR.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\qasf.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\msmpeg2adec.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MPG4DECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MP4SDECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MP43DECD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MP3DMOD.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2017-12-02 16:18:09 ----A---- C:\Windows\system32\mfvdsp.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\mcmde.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\ksuser.dll
2017-12-02 16:18:09 ----A---- C:\Windows\system32\drivers\portcls.sys
2017-12-02 16:18:09 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2017-12-02 16:18:09 ----A---- C:\Windows\system32\drivers\drmk.sys
2017-12-02 16:18:09 ----A---- C:\Windows\system32\COLORCNV.DLL
2017-12-02 16:18:08 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2017-12-02 16:18:08 ----A---- C:\Windows\system32\WindowsCodecs.dll
2017-12-02 16:16:53 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll

_________________
Obrázek
Trojan suX hard!
StaY metal!!!


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 06 pro 2017 23:52 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 16 dub 2007 20:01
Příspěvky: 56
2017-12-02 16:16:53 ----A---- C:\Windows\system32\WMPhoto.dll
2017-12-02 16:10:44 ----D---- C:\Users\Lenovo\AppData\Roaming\Adobe
2017-12-02 16:08:21 ----D---- C:\Windows\SYSWOW64\Wat
2017-12-02 16:08:21 ----D---- C:\Windows\system32\Wat
2017-12-02 15:35:23 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-02 15:35:23 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-02 15:34:37 ----D---- C:\Windows\system32\MRT
2017-12-02 15:34:33 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-12-02 15:34:28 ----AC---- C:\Windows\system32\MRT.exe
2017-12-02 15:33:39 ----D---- C:\Users\Lenovo\AppData\Roaming\Skype
2017-12-02 15:33:33 ----D---- C:\ProgramData\Skype
2017-12-02 15:32:36 ----A---- C:\Windows\system32\IEUDINIT.EXE
2017-12-02 15:26:23 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\wextract.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\url.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\msls31.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\mshta.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2017-12-02 15:26:21 ----A---- C:\Windows\SYSWOW64\icardie.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\wextract.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\url.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\pngfilt.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\msls31.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\mshtmler.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\mshta.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\msfeedssync.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\msfeedsbs.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\licmgr10.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\jsIntl.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\imgutil.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\iexpress.exe
2017-12-02 15:26:21 ----A---- C:\Windows\system32\iesysprep.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\iepeers.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\ieapfltr.dat
2017-12-02 15:26:21 ----A---- C:\Windows\system32\IEAdvpack.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\icardie.dll
2017-12-02 15:26:21 ----A---- C:\Windows\system32\elshyph.dll
2017-12-02 15:11:50 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2017-12-02 15:11:49 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2017-12-02 15:11:49 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2017-12-02 15:11:49 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2017-12-02 15:11:49 ----A---- C:\Windows\system32\wksprtPS.dll
2017-12-02 15:11:49 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-12-02 15:11:49 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-12-02 15:11:49 ----A---- C:\Windows\system32\mstsc.exe
2017-12-02 15:11:49 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2017-12-02 15:11:49 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2017-12-02 14:48:11 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2017-12-02 14:48:11 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2017-12-02 14:48:11 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2017-12-02 14:48:10 ----A---- C:\Windows\system32\rdpendp_winip.dll
2017-12-02 14:41:49 ----D---- C:\Intel
2017-12-02 14:38:11 ----D---- C:\Program Files\Microsoft Silverlight
2017-12-02 14:38:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-12-02 14:27:01 ----A---- C:\Windows\system32\WUDFx.dll
2017-12-02 14:27:01 ----A---- C:\Windows\system32\WUDFSvc.dll
2017-12-02 14:27:01 ----A---- C:\Windows\system32\WUDFPlatform.dll
2017-12-02 14:27:01 ----A---- C:\Windows\system32\WUDFHost.exe
2017-12-02 14:27:01 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2017-12-02 14:27:01 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2017-12-02 14:27:01 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2017-12-02 14:20:20 ----D---- C:\Windows\Migration
2017-12-02 14:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-12-02 14:16:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-12-02 14:16:56 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2017-12-02 14:16:56 ----A---- C:\Windows\system32\d3d10_1.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-12-02 14:16:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2017-12-02 14:16:55 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\XpsPrint.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\dxgi.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\d3d10core.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\d3d10_1core.dll
2017-12-02 14:16:55 ----A---- C:\Windows\system32\d3d10.dll
2017-12-02 14:13:16 ----A---- C:\Windows\SYSWOW64\wmi.dll
2017-12-02 14:13:16 ----A---- C:\Windows\system32\wmi.dll
2017-12-02 14:13:16 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2017-12-02 14:12:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2017-12-02 14:12:02 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2017-12-02 14:05:27 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2017-12-02 14:05:27 ----A---- C:\Windows\SYSWOW64\icardres.dll
2017-12-02 14:05:27 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2017-12-02 14:05:27 ----A---- C:\Windows\system32\infocardapi.dll
2017-12-02 14:05:27 ----A---- C:\Windows\system32\icardres.dll
2017-12-02 14:05:27 ----A---- C:\Windows\system32\icardagt.exe
2017-12-02 14:05:21 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2017-12-02 14:05:21 ----A---- C:\Windows\system32\TsWpfWrp.exe
2017-12-02 14:03:21 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2017-12-02 14:03:21 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2017-12-02 14:03:21 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2017-12-02 14:03:21 ----A---- C:\Windows\system32\kbdgeoqw.dll
2017-12-02 14:03:21 ----A---- C:\Windows\system32\KBDAZEL.DLL
2017-12-02 14:03:21 ----A---- C:\Windows\system32\KBDAZE.DLL
2017-12-02 14:02:23 ----A---- C:\Windows\system32\sysmain.dll
2017-12-02 14:02:14 ----A---- C:\Windows\system32\basesrv.dll
2017-12-02 14:02:08 ----A---- C:\Windows\system32\EncDec.dll
2017-12-02 14:02:08 ----A---- C:\Windows\system32\CPFilters.dll
2017-12-02 14:02:07 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2017-12-02 14:02:07 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2017-12-02 14:01:58 ----A---- C:\Windows\SYSWOW64\tdh.dll
2017-12-02 14:01:58 ----A---- C:\Windows\system32\tdh.dll
2017-12-02 14:01:50 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2017-12-02 14:01:50 ----A---- C:\Windows\SYSWOW64\sechost.dll
2017-12-02 14:01:50 ----A---- C:\Windows\system32\tracerpt.exe
2017-12-02 14:01:50 ----A---- C:\Windows\system32\sechost.dll
2017-12-02 14:01:50 ----A---- C:\Windows\system32\logman.exe
2017-12-02 14:01:49 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2017-12-02 14:01:49 ----A---- C:\Windows\SYSWOW64\relog.exe
2017-12-02 14:01:49 ----A---- C:\Windows\SYSWOW64\logman.exe
2017-12-02 14:01:49 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2017-12-02 14:01:49 ----A---- C:\Windows\system32\typeperf.exe
2017-12-02 14:01:49 ----A---- C:\Windows\system32\relog.exe
2017-12-02 14:01:49 ----A---- C:\Windows\system32\diskperf.exe
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\objsel.dll
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\wincredprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\objsel.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\dpapiprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\dimsroam.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\cngprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\capiprovider.dll
2017-12-02 14:01:42 ----A---- C:\Windows\system32\adprovider.dll
2017-12-02 14:01:41 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2017-12-02 14:01:36 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2017-12-02 14:01:36 ----A---- C:\Windows\system32\winresume.exe
2017-12-02 14:01:36 ----A---- C:\Windows\system32\mtxoci.dll
2017-12-02 14:01:36 ----A---- C:\Windows\system32\ci.dll
2017-12-02 14:01:35 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2017-12-02 14:01:31 ----A---- C:\Windows\system32\RMActivate_isv.exe
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\secproc.dll
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2017-12-02 14:01:30 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2017-12-02 14:01:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2017-12-02 14:01:30 ----A---- C:\Windows\system32\secproc_ssp.dll
2017-12-02 14:01:30 ----A---- C:\Windows\system32\secproc_isv.dll
2017-12-02 14:01:30 ----A---- C:\Windows\system32\secproc.dll
2017-12-02 14:01:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2017-12-02 14:01:30 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2017-12-02 14:01:30 ----A---- C:\Windows\system32\RMActivate.exe
2017-12-02 14:01:30 ----A---- C:\Windows\system32\msdrm.dll
2017-12-02 14:01:28 ----A---- C:\Windows\SYSWOW64\netevent.dll
2017-12-02 14:01:28 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2017-12-02 14:01:28 ----A---- C:\Windows\system32\nlaapi.dll
2017-12-02 14:01:28 ----A---- C:\Windows\system32\netevent.dll
2017-12-02 14:01:28 ----A---- C:\Windows\system32\netcorehc.dll
2017-12-02 14:01:28 ----A---- C:\Windows\system32\ncsi.dll
2017-12-02 14:01:28 ----A---- C:\Windows\system32\iphlpsvc.dll
2017-12-02 14:01:20 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2017-12-02 14:01:20 ----A---- C:\Windows\system32\pku2u.dll
2017-12-02 14:01:04 ----A---- C:\Windows\SYSWOW64\explorer.exe
2017-12-02 14:01:04 ----A---- C:\Windows\explorer.exe
2017-12-02 14:01:01 ----A---- C:\Windows\system32\termsrv.dll
2017-12-02 14:00:57 ----A---- C:\Windows\SYSWOW64\gameux.dll
2017-12-02 14:00:57 ----A---- C:\Windows\system32\Wpc.dll
2017-12-02 14:00:57 ----A---- C:\Windows\system32\gameux.dll
2017-12-02 14:00:56 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2017-12-02 14:00:36 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2017-12-02 14:00:36 ----A---- C:\Windows\system32\TSWorkspace.dll
2017-12-02 14:00:35 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2017-12-02 14:00:35 ----A---- C:\Windows\system32\ntshrui.dll
2017-12-02 14:00:34 ----A---- C:\Windows\SYSWOW64\sbe.dll
2017-12-02 14:00:34 ----A---- C:\Windows\system32\sbe.dll
2017-12-02 14:00:33 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2017-12-02 14:00:33 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2017-12-02 14:00:33 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2017-12-02 14:00:33 ----A---- C:\Windows\system32\dhcpcore6.dll
2017-12-02 14:00:32 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2017-12-02 14:00:32 ----A---- C:\Windows\system32\cryptdlg.dll
2017-12-02 14:00:29 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2017-12-02 14:00:29 ----A---- C:\Windows\SYSWOW64\credui.dll
2017-12-02 14:00:29 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2017-12-02 14:00:29 ----A---- C:\Windows\system32\credui.dll
2017-12-02 14:00:28 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2017-12-02 14:00:28 ----A---- C:\Windows\system32\msieftp.dll
2017-12-02 14:00:27 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2017-12-02 14:00:27 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\system32\odbctrac.dll
2017-12-02 14:00:27 ----A---- C:\Windows\system32\odbccu32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\system32\odbccr32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\system32\odbccp32.dll
2017-12-02 14:00:27 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2017-12-02 14:00:26 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2017-12-02 14:00:26 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2017-12-02 14:00:26 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2017-12-02 14:00:26 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2017-12-02 14:00:26 ----A---- C:\Windows\system32\xmllite.dll
2017-12-02 14:00:26 ----A---- C:\Windows\system32\mapistub.dll
2017-12-02 14:00:26 ----A---- C:\Windows\system32\mapi32.dll
2017-12-02 14:00:26 ----A---- C:\Windows\system32\fixmapi.exe
2017-12-02 14:00:25 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2017-12-02 14:00:25 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2017-12-02 14:00:25 ----A---- C:\Windows\system32\schedsvc.dll
2017-12-02 14:00:25 ----A---- C:\Windows\system32\services.exe
2017-12-02 14:00:25 ----A---- C:\Windows\system32\dpnet.dll
2017-12-02 14:00:25 ----A---- C:\Windows\system32\cewmdm.dll
2017-12-02 14:00:24 ----A---- C:\Windows\system32\wwansvc.dll
2017-12-02 14:00:24 ----A---- C:\Windows\system32\wwanprotdim.dll
2017-12-02 14:00:24 ----A---- C:\Windows\system32\drivers\fvevol.sys
2017-12-02 13:59:15 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2017-12-02 13:59:15 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2017-12-02 13:59:15 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2017-12-02 13:59:15 ----A---- C:\Windows\system32\shimeng.dll
2017-12-02 13:59:15 ----A---- C:\Windows\system32\sdbinst.exe
2017-12-02 13:59:15 ----A---- C:\Windows\system32\apphelp.dll
2017-12-02 13:59:15 ----A---- C:\Windows\system32\aelupsvc.dll
2017-12-02 13:59:03 ----A---- C:\Windows\SYSWOW64\winsta.dll
2017-12-02 13:59:03 ----A---- C:\Windows\system32\winsta.dll
2017-12-02 13:59:03 ----A---- C:\Windows\system32\winlogon.exe
2017-12-02 13:59:03 ----A---- C:\Windows\system32\rdrmemptylst.exe
2017-12-02 13:59:03 ----A---- C:\Windows\system32\rdpwsx.dll
2017-12-02 13:59:03 ----A---- C:\Windows\system32\rdpcorekmts.dll
2017-12-02 13:59:03 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2017-12-02 13:58:58 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2017-12-02 13:58:58 ----A---- C:\Windows\system32\d3d11.dll
2017-12-02 13:58:44 ----A---- C:\Windows\SYSWOW64\tbs.dll
2017-12-02 13:58:44 ----A---- C:\Windows\system32\tbs.dll
2017-12-02 13:58:44 ----A---- C:\Windows\system32\fveapibase.dll
2017-12-02 13:58:44 ----A---- C:\Windows\system32\fveapi.dll
2017-12-02 13:58:43 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2017-12-02 13:58:43 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2017-12-02 13:58:43 ----A---- C:\Windows\system32\msxml6r.dll
2017-12-02 13:58:43 ----A---- C:\Windows\system32\msxml6.dll
2017-12-02 13:58:42 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2017-12-02 13:58:41 ----A---- C:\Windows\SYSWOW64\osk.exe
2017-12-02 13:58:41 ----A---- C:\Windows\system32\osk.exe
2017-12-02 13:58:37 ----A---- C:\Windows\system32\gpsvc.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\polstore.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\gpscript.exe
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\gpscript.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\gpprefcl.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2017-12-02 13:58:36 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\winipsec.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\polstore.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\IPSECSVC.DLL
2017-12-02 13:58:36 ----A---- C:\Windows\system32\gpscript.exe
2017-12-02 13:58:36 ----A---- C:\Windows\system32\gpscript.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\gpprefcl.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\gpapi.dll
2017-12-02 13:58:36 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2017-12-02 13:58:35 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2017-12-02 13:58:35 ----A---- C:\Windows\system32\wpdshext.dll
2017-12-02 13:58:33 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2017-12-02 13:58:33 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2017-12-02 13:58:33 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2017-12-02 13:58:33 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2017-12-02 13:58:33 ----A---- C:\Windows\system32\nlasvc.dll
2017-12-02 13:58:33 ----A---- C:\Windows\system32\mscorier.dll
2017-12-02 13:58:33 ----A---- C:\Windows\system32\dfshim.dll
2017-12-02 13:58:32 ----A---- C:\Windows\SYSWOW64\mscories.dll
2017-12-02 13:58:32 ----A---- C:\Windows\system32\mscories.dll
2017-12-02 13:58:32 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2017-12-02 13:58:31 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2017-12-02 13:58:31 ----A---- C:\Windows\system32\iologmsg.dll
2017-12-02 13:58:31 ----A---- C:\Windows\system32\drivers\storport.sys
2017-12-02 13:58:31 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2017-12-02 13:58:30 ----A---- C:\Windows\system32\OxpsConverter.exe
2017-12-02 13:58:28 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2017-12-02 13:58:27 ----A---- C:\Windows\SYSWOW64\notepad.exe
2017-12-02 13:58:27 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2017-12-02 13:58:27 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2017-12-02 13:58:27 ----A---- C:\Windows\system32\notepad.exe
2017-12-02 13:58:27 ----A---- C:\Windows\system32\mfc42u.dll
2017-12-02 13:58:27 ----A---- C:\Windows\system32\mfc42.dll
2017-12-02 13:58:27 ----A---- C:\Windows\notepad.exe
2017-12-02 13:58:26 ----A---- C:\Windows\system32\drivers\hidparse.sys
2017-12-02 13:58:26 ----A---- C:\Windows\system32\drivers\hidclass.sys
2017-12-02 13:58:25 ----A---- C:\Windows\SYSWOW64\wdi.dll
2017-12-02 13:58:25 ----A---- C:\Windows\system32\wdi.dll
2017-12-02 13:58:25 ----A---- C:\Windows\system32\powertracker.dll
2017-12-02 13:58:25 ----A---- C:\Windows\system32\perftrack.dll
2017-12-02 13:58:24 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2017-12-02 13:58:24 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2017-12-02 13:58:24 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2017-12-02 13:58:24 ----A---- C:\Windows\system32\dwmcore.dll
2017-12-02 13:58:24 ----A---- C:\Windows\system32\dwmapi.dll
2017-12-02 13:58:24 ----A---- C:\Windows\system32\comctl32.dll
2017-12-02 13:58:21 ----A---- C:\Windows\SYSWOW64\certutil.exe
2017-12-02 13:58:21 ----A---- C:\Windows\SYSWOW64\certenc.dll
2017-12-02 13:58:21 ----A---- C:\Windows\system32\certutil.exe
2017-12-02 13:58:21 ----A---- C:\Windows\system32\certenc.dll
2017-12-02 13:58:17 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2017-12-02 13:58:17 ----A---- C:\Windows\system32\ubpm.dll
2017-12-02 13:58:16 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2017-12-02 13:58:16 ----A---- C:\Windows\system32\wshrm.dll
2017-12-02 13:58:16 ----A---- C:\Windows\system32\drivers\usb8023.sys
2017-12-02 13:58:16 ----A---- C:\Windows\system32\drivers\rmcast.sys
2017-12-02 13:58:16 ----A---- C:\Windows\system32\drivers\disk.sys
2017-12-02 13:58:13 ----A---- C:\Windows\SYSWOW64\mfds.dll
2017-12-02 13:58:13 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2017-12-02 13:58:13 ----A---- C:\Windows\system32\mfds.dll
2017-12-02 13:58:13 ----A---- C:\Windows\system32\imagehlp.dll
2017-12-02 13:58:11 ----A---- C:\Windows\SYSWOW64\qedit.dll
2017-12-02 13:58:11 ----A---- C:\Windows\SYSWOW64\devenum.dll
2017-12-02 13:58:11 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2017-12-02 13:58:11 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2017-12-02 13:58:11 ----A---- C:\Windows\system32\qedit.dll
2017-12-02 13:58:11 ----A---- C:\Windows\system32\devenum.dll
2017-12-02 13:58:11 ----A---- C:\Windows\system32\comsvcs.dll
2017-12-02 13:58:11 ----A---- C:\Windows\system32\catsrvut.dll
2017-12-02 13:58:10 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2017-12-02 13:58:10 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2017-12-02 13:58:10 ----A---- C:\Windows\SYSWOW64\devobj.dll
2017-12-02 13:58:10 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2017-12-02 13:58:10 ----A---- C:\Windows\system32\umpnpmgr.dll
2017-12-02 13:58:09 ----A---- C:\Windows\system32\drivers\partmgr.sys
2017-12-02 13:58:08 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2017-12-02 13:58:07 ----A---- C:\Windows\SYSWOW64\charmap.exe
2017-12-02 13:58:07 ----A---- C:\Windows\system32\profsvc.dll
2017-12-02 13:58:07 ----A---- C:\Windows\system32\charmap.exe
2017-12-02 13:58:05 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2017-12-02 13:58:05 ----A---- C:\Windows\system32\psisdecd.dll
2017-12-02 13:58:05 ----A---- C:\Windows\system32\drivers\ataport.sys
2017-12-02 13:58:04 ----A---- C:\Windows\SYSWOW64\synceng.dll
2017-12-02 13:58:04 ----A---- C:\Windows\system32\synceng.dll
2017-12-02 13:58:04 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2017-12-02 13:58:04 ----A---- C:\Windows\system32\drivers\usbcir.sys
2017-12-02 13:58:03 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2017-12-02 13:58:03 ----A---- C:\Windows\system32\StructuredQuery.dll
2017-12-02 13:58:03 ----A---- C:\Windows\system32\kdusb.dll
2017-12-02 13:58:03 ----A---- C:\Windows\system32\kdcom.dll
2017-12-02 13:58:03 ----A---- C:\Windows\system32\kd1394.dll
2017-12-02 13:58:02 ----A---- C:\Windows\system32\taskhost.exe
2017-12-02 13:58:02 ----A---- C:\Windows\system32\drivers\stream.sys
2017-12-02 13:58:01 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2017-12-02 13:58:01 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2017-12-02 13:58:01 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2017-12-02 13:58:01 ----A---- C:\Windows\system32\ws2_32.dll
2017-12-02 13:58:01 ----A---- C:\Windows\system32\winhttp.dll
2017-12-02 13:58:01 ----A---- C:\Windows\system32\seclogon.dll
2017-12-02 13:58:01 ----A---- C:\Windows\system32\mswsock.dll
2017-12-02 13:57:59 ----A---- C:\Windows\SYSWOW64\rastls.dll
2017-12-02 13:57:59 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2017-12-02 13:57:59 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2017-12-02 13:57:59 ----A---- C:\Windows\system32\rastls.dll
2017-12-02 13:57:59 ----A---- C:\Windows\system32\drivers\ndis.sys
2017-12-02 13:57:59 ----A---- C:\Windows\system32\dnsrslvr.dll
2017-12-02 13:57:59 ----A---- C:\Windows\system32\dnscacheugc.exe
2017-12-02 13:57:59 ----A---- C:\Windows\system32\dnsapi.dll
2017-12-02 13:56:23 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2017-12-02 13:56:23 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2017-12-02 13:56:23 ----A---- C:\Windows\system32\InkEd.dll
2017-12-02 13:56:23 ----A---- C:\Windows\system32\clfsw32.dll
2017-12-02 13:56:21 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2017-12-02 13:56:21 ----A---- C:\Windows\system32\oleacc.dll
2017-12-02 13:56:20 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2017-12-02 13:56:20 ----A---- C:\Windows\system32\msvcrt.dll
2017-12-02 13:56:19 ----A---- C:\Windows\SYSWOW64\webio.dll
2017-12-02 13:56:19 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2017-12-02 13:56:19 ----A---- C:\Windows\system32\webio.dll
2017-12-02 13:56:19 ----A---- C:\Windows\system32\scesrv.dll
2017-12-02 13:56:18 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2017-12-02 13:56:18 ----A---- C:\Windows\SYSWOW64\els.dll
2017-12-02 13:56:18 ----A---- C:\Windows\SYSWOW64\browcli.dll
2017-12-02 13:56:18 ----A---- C:\Windows\system32\netapi32.dll
2017-12-02 13:56:18 ----A---- C:\Windows\system32\els.dll
2017-12-02 13:56:18 ----A---- C:\Windows\system32\browser.dll
2017-12-02 13:56:18 ----A---- C:\Windows\system32\browcli.dll
2017-12-02 13:56:17 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2017-12-02 13:56:17 ----A---- C:\Windows\system32\prevhost.exe
2017-12-02 13:56:17 ----A---- C:\Windows\system32\FXSCOVER.exe
2017-12-02 13:56:16 ----A---- C:\Windows\SYSWOW64\wscript.exe
2017-12-02 13:56:16 ----A---- C:\Windows\SYSWOW64\packager.dll
2017-12-02 13:56:16 ----A---- C:\Windows\system32\scrrun.dll
2017-12-02 13:56:16 ----A---- C:\Windows\system32\packager.dll
2017-12-02 13:56:16 ----A---- C:\Windows\system32\cscript.exe
2017-12-02 13:56:15 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2017-12-02 13:56:15 ----A---- C:\Windows\SYSWOW64\cscript.exe
2017-12-02 13:56:15 ----A---- C:\Windows\system32\wscript.exe
2017-12-02 13:55:38 ----D---- C:\Windows\Prefetch
2017-12-02 13:55:32 ----ASH---- C:\pagefile.sys
2017-12-02 13:55:32 ----ASH---- C:\hiberfil.sys
2017-12-02 13:55:31 ----SHD---- C:\System Volume Information
2017-12-02 13:55:14 ----D---- C:\Windows\Panther
2017-12-02 13:48:54 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2017-12-02 13:48:54 ----A---- C:\Windows\system32\poqexec.exe
2017-12-02 13:46:16 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2017-12-02 13:46:16 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2017-12-02 13:46:16 ----A---- C:\Windows\system32\nshwfp.dll
2017-12-02 13:46:16 ----A---- C:\Windows\system32\IKEEXT.DLL
2017-12-02 13:46:16 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2017-12-02 13:41:15 ----D---- C:\Windows\SYSWOW64\NV
2017-12-02 13:41:15 ----D---- C:\Windows\system32\NV
2017-12-02 13:40:28 ----D---- C:\ProgramData\Lenovo
2017-12-02 13:40:28 ----A---- C:\Windows\system32\drivers\AcpiVpc.sys
2017-12-02 13:38:12 ----D---- C:\drivers
2017-12-02 13:37:41 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2017-12-02 13:32:52 ----D---- C:\Program Files (x86)\Microsoft Security Client
2017-12-02 13:32:42 ----D---- C:\Program Files\Microsoft Security Client
2017-12-02 13:31:36 ----D---- C:\Program Files (x86)\AGEIA Technologies
2017-12-02 13:31:34 ----D---- C:\ProgramData\NVIDIA
2017-12-02 13:31:26 ----A---- C:\Windows\SYSWOW64\oemdspif.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvvsvc.exe
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvsvcr.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvsvc64.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvshext.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvmctray.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nvcpl.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nv3dappshextr.dll
2017-12-02 13:31:26 ----A---- C:\Windows\system32\nv3dappshext.dll
2017-12-02 13:31:11 ----D---- C:\ProgramData\NVIDIA Corporation
2017-12-02 13:31:07 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-12-02 13:27:47 ----D---- C:\Program Files (x86)\Microsoft.NET
2017-12-02 13:27:29 ----HD---- C:\Windows\system32\WLANProfiles
2017-12-02 13:27:20 ----D---- C:\Users\Lenovo\AppData\Roaming\Intel
2017-12-02 13:27:14 ----D---- C:\ProgramData\Roaming
2017-12-02 13:27:04 ----D---- C:\Program Files\Common Files\Intel
2017-12-02 13:27:04 ----D---- C:\Program Files (x86)\Cisco
2017-12-02 13:27:02 ----D---- C:\ProgramData\Intel.sav
2017-12-02 13:26:43 ----D---- C:\ProgramData\Package Cache
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-12-02 13:26:33 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvumdshimx.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvopencl.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvoglv64.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvoglshim64.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvinitx.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\NvIFR64.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\NvFBC64.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2017-12-02 13:26:33 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2017-12-02 13:26:33 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-12-02 13:26:32 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvdispgenco6433233.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvdispco6433233.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvcuvid.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvcuvenc.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvcuda.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvcompiler.dll
2017-12-02 13:26:32 ----A---- C:\Windows\system32\nvapi64.dll
2017-12-02 13:26:25 ----D---- C:\Program Files\NVIDIA Corporation
2017-12-02 13:23:10 ----D---- C:\Program Files (x86)\Dolby Home Theater v4
2017-12-02 13:23:07 ----A---- C:\Windows\SAII_LOG.TXT
2017-12-02 13:22:53 ----A---- C:\Windows\SYSWOW64\SASrv.exe
2017-12-02 13:22:44 ----A---- C:\Windows\system32\drivers\SamSfPa.dat
2017-12-02 13:22:41 ----A---- C:\Windows\system32\CxAudMsg64.exe
2017-12-02 13:22:34 ----D---- C:\Program Files\CONEXANT
2017-12-02 13:22:25 ----D---- C:\ProgramData\Conexant
2017-12-02 13:22:23 ----A---- C:\Windows\system32\UCI64A45.DLL
2017-12-02 13:22:23 ----A---- C:\Windows\system32\FMAPO64.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\EEP64A.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\EEL64A.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\EEG64A.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\EED64A.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\EEA64A.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\drivers\Mixer.ini
2017-12-02 13:22:23 ----A---- C:\Windows\system32\drivers\CHDRT64.sys
2017-12-02 13:22:23 ----A---- C:\Windows\system32\CxPageMaster64.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\CX64BP07.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\CX64AP86.dll
2017-12-02 13:22:23 ----A---- C:\Windows\system32\CSpkExt64.dll
2017-12-02 13:20:17 ----A---- C:\Windows\SYSWOW64\OpenCL.DLL
2017-12-02 13:20:17 ----A---- C:\Windows\system32\OpenCL.DLL
2017-12-02 13:20:14 ----D---- C:\Program Files (x86)\Google
2017-12-02 13:19:39 ----D---- C:\Program Files\Elantech
2017-12-02 13:19:34 ----A---- C:\Windows\system32\igfxCoIn_v3368.dll
2017-12-02 13:19:33 ----A---- C:\Windows\SYSWOW64\igfxdv32.dll
2017-12-02 13:19:33 ----A---- C:\Windows\system32\igfxTray.exe
2017-12-02 13:19:33 ----A---- C:\Windows\system32\igfxress.dll
2017-12-02 13:19:32 ----A---- C:\Windows\system32\igdusc64.dll
2017-12-02 13:19:30 ----A---- C:\Windows\system32\igd10iumd64.dll
2017-12-02 13:19:29 ----A---- C:\Windows\system32\hccutils.dll
2017-12-02 13:19:29 ----A---- C:\Windows\system32\GfxRes.dll
2017-12-02 13:19:28 ----A---- C:\Windows\system32\drivers\IntcDAud.sys
2017-12-02 13:19:08 ----A---- C:\Windows\system32\drivers\ETD.sys
2017-12-02 13:18:55 ----A---- C:\Windows\system32\drivers\IntelMEFWVer.dll
2017-12-02 13:18:52 ----A---- C:\Windows\system32\drivers\USB3Ver.dll
2017-12-02 13:18:49 ----A---- C:\Windows\system32\drivers\iusb3xhc.sys
2017-12-02 13:18:49 ----A---- C:\Windows\system32\drivers\iusb3hub.sys
2017-12-02 13:18:49 ----A---- C:\Windows\system32\drivers\iusb3hcs.sys
2017-12-02 13:18:39 ----A---- C:\Windows\system32\Wdfres.dll
2017-12-02 13:18:39 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2017-12-02 13:18:29 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2017-12-02 13:18:29 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2017-12-02 13:18:26 ----D---- C:\Users\Lenovo\AppData\Roaming\Intel Corporation
2017-12-02 13:18:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-12-02 13:18:25 ----D---- C:\ProgramData\Intel
2017-12-02 13:18:23 ----D---- C:\Program Files\Intel
2017-12-02 13:18:17 ----SHD---- C:\Windows\Installer
2017-12-02 13:17:50 ----D---- C:\Program Files (x86)\Intel
2017-12-02 13:17:50 ----A---- C:\Windows\SYSWOW64\CSVer.dll
2017-12-02 13:17:27 ----A---- C:\Windows\SYSWOW64\RtCamX.dll
2017-12-02 13:17:27 ----A---- C:\Windows\system32\RtCamX64.dll
2017-12-02 13:17:27 ----A---- C:\Windows\system32\drivers\rtsuvc.sys
2017-12-02 13:17:27 ----A---- C:\Windows\RTFTrack.exe
2017-12-02 13:17:27 ----A---- C:\Windows\RtCamU64.exe
2017-12-02 13:17:14 ----A---- C:\Windows\system32\RTNUninst64.dll
2017-12-02 13:17:14 ----A---- C:\Windows\system32\RtNicProp64.dll
2017-12-02 13:17:14 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2017-12-02 13:16:53 ----D---- C:\Windows\SYSWOW64\sda
2017-12-02 13:16:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-12-02 13:16:48 ----D---- C:\Program Files (x86)\Realtek
2017-12-02 13:16:48 ----A---- C:\Windows\SYSWOW64\RtsUVStoricon.dll
2017-12-02 13:16:48 ----A---- C:\Windows\system32\drivers\RtsUVStor.sys
2017-12-02 13:00:21 ----D---- C:\Users\Lenovo\AppData\Roaming\Identities
2017-12-02 13:00:18 ----SD---- C:\Users\Lenovo\AppData\Roaming\Microsoft
2017-12-02 13:00:18 ----D---- C:\Users\Lenovo\AppData\Roaming\Media Center Programs
2017-12-02 13:00:17 ----SHD---- C:\Recovery
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Šablony
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Plocha
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Oblíbené položky
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Nabídka Start
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Dokumenty
2017-12-02 13:00:17 ----SHD---- C:\ProgramData\Data aplikací
2017-12-02 13:00:16 ----D---- C:\Windows\SoftwareDistribution

======List of files/folders modified in the last 1 month======

2017-12-06 23:50:09 ----D---- C:\Windows\Temp
2017-12-06 23:49:56 ----D---- C:\Windows\System32
2017-12-06 23:49:56 ----D---- C:\Windows\inf
2017-12-06 23:49:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-06 23:47:48 ----D---- C:\Windows\system32\config
2017-12-06 23:45:55 ----D---- C:\Windows\system32\wdi
2017-12-06 23:44:48 ----D---- C:\Windows\system32\drivers
2017-12-06 21:25:18 ----D---- C:\Windows
2017-12-06 21:24:49 ----D---- C:\Windows\SysWOW64
2017-12-06 20:55:31 ----RD---- C:\Program Files
2017-12-06 17:29:17 ----D---- C:\Windows\winsxs
2017-12-06 17:15:27 ----D---- C:\Windows\system32\NDF
2017-12-04 18:33:21 ----RD---- C:\Program Files (x86)
2017-12-04 12:10:24 ----D---- C:\Windows\rescache
2017-12-04 10:33:55 ----HD---- C:\ProgramData
2017-12-04 10:33:11 ----RSD---- C:\Windows\Fonts
2017-12-04 10:31:32 ----D---- C:\Program Files\Common Files
2017-12-04 10:29:33 ----D---- C:\Program Files (x86)\Common Files
2017-12-04 09:11:29 ----D---- C:\Program Files\Common Files\Microsoft Shared
2017-12-04 08:12:59 ----D---- C:\Windows\AppCompat
2017-12-03 00:46:19 ----D---- C:\Windows\system32\catroot2
2017-12-03 00:40:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-12-03 00:40:48 ----D---- C:\Windows\system32\cs-CZ
2017-12-02 23:13:52 ----D---- C:\Windows\SYSWOW64\migwiz
2017-12-02 23:13:52 ----D---- C:\Windows\SYSWOW64\migration
2017-12-02 23:13:52 ----D---- C:\Windows\SYSWOW64\en-US
2017-12-02 23:13:52 ----D---- C:\Windows\SYSWOW64\Dism
2017-12-02 23:13:52 ----D---- C:\Program Files\Windows Media Player
2017-12-02 23:13:52 ----D---- C:\Program Files\Internet Explorer
2017-12-02 23:13:52 ----D---- C:\Program Files\DVD Maker
2017-12-02 23:13:52 ----D---- C:\Program Files (x86)\Windows Media Player
2017-12-02 23:13:52 ----D---- C:\Program Files (x86)\Internet Explorer
2017-12-02 23:13:51 ----D---- C:\Windows\system32\migwiz
2017-12-02 23:13:51 ----D---- C:\Windows\system32\migration
2017-12-02 23:13:51 ----D---- C:\Windows\system32\en-US
2017-12-02 23:13:51 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-12-02 23:13:51 ----D---- C:\Windows\system32\Dism
2017-12-02 23:13:51 ----D---- C:\Windows\PolicyDefinitions
2017-12-02 23:13:51 ----D---- C:\Windows\AppPatch
2017-12-02 23:13:50 ----D---- C:\Windows\system32\wbem
2017-12-02 23:13:50 ----D---- C:\Windows\system32\Boot
2017-12-02 23:13:48 ----D---- C:\Windows\system32\DriverStore
2017-12-02 23:08:14 ----D---- C:\Windows\Microsoft.NET
2017-12-02 16:51:27 ----D---- C:\Windows\Logs
2017-12-02 16:24:26 ----RSD---- C:\Windows\assembly
2017-12-02 16:23:07 ----D---- C:\Windows\system32\catroot
2017-12-02 16:08:24 ----D---- C:\Windows\system32\CodeIntegrity
2017-12-02 16:08:24 ----D---- C:\Windows\ehome
2017-12-02 16:08:24 ----D---- C:\Program Files\Common Files\System
2017-12-02 16:08:23 ----D---- C:\Windows\SYSWOW64\wbem
2017-12-02 16:08:23 ----D---- C:\Windows\system32\drivers\en-US
2017-12-02 16:08:22 ----D---- C:\Windows\tracing
2017-12-02 16:08:22 ----D---- C:\Windows\system32\AdvancedInstallers
2017-12-02 16:08:22 ----D---- C:\Program Files (x86)\Windows Defender
2017-12-02 16:08:21 ----D---- C:\Program Files\Windows Defender
2017-12-02 16:08:20 ----SD---- C:\ProgramData\Microsoft
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\zh-TW
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\zh-HK
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\zh-CN
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\tr-TR
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\sv-SE
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\ru-RU
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\pt-PT
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\pt-BR
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\nl-NL
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\nb-NO
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\ko-KR
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\ja-JP
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\it-IT
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\fr-FR
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\fi-FI
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\es-ES
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\el-GR
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\de-DE
2017-12-02 16:08:19 ----D---- C:\Windows\SYSWOW64\da-DK
2017-12-02 16:08:19 ----D---- C:\Windows\system32\zh-TW
2017-12-02 16:08:19 ----D---- C:\Windows\system32\zh-HK
2017-12-02 16:08:19 ----D---- C:\Windows\system32\zh-CN
2017-12-02 16:08:19 ----D---- C:\Windows\system32\tr-TR
2017-12-02 16:08:19 ----D---- C:\Windows\system32\sv-SE
2017-12-02 16:08:19 ----D---- C:\Windows\system32\ru-RU
2017-12-02 16:08:19 ----D---- C:\Windows\system32\pt-PT
2017-12-02 16:08:19 ----D---- C:\Windows\system32\pt-BR
2017-12-02 16:08:19 ----D---- C:\Windows\system32\pl-PL
2017-12-02 16:08:19 ----D---- C:\Windows\system32\nl-NL
2017-12-02 16:08:19 ----D---- C:\Windows\system32\nb-NO
2017-12-02 16:08:19 ----D---- C:\Windows\system32\ko-KR
2017-12-02 16:08:19 ----D---- C:\Windows\system32\ja-JP
2017-12-02 16:08:19 ----D---- C:\Windows\system32\it-IT
2017-12-02 16:08:19 ----D---- C:\Windows\system32\hu-HU
2017-12-02 16:08:19 ----D---- C:\Windows\system32\fr-FR
2017-12-02 16:08:19 ----D---- C:\Windows\system32\fi-FI
2017-12-02 16:08:19 ----D---- C:\Windows\system32\es-ES
2017-12-02 16:08:19 ----D---- C:\Windows\system32\el-GR
2017-12-02 16:08:19 ----D---- C:\Windows\system32\de-DE
2017-12-02 16:08:19 ----D---- C:\Windows\system32\da-DK
2017-12-02 15:34:37 ----D---- C:\Windows\debug
2017-12-02 13:56:20 ----D---- C:\Windows\system32\sysprep
2017-12-02 13:55:38 ----D---- C:\Windows\CSC
2017-12-02 13:33:54 ----D---- C:\Windows\Tasks
2017-12-02 13:31:33 ----RD---- C:\Users
2017-12-02 13:31:25 ----D---- C:\Windows\Help
2017-12-02 13:28:34 ----D---- C:\Windows\system32\Tasks
2017-12-02 13:17:39 ----D---- C:\Windows\twain_32
2017-12-02 13:16:49 ----D---- C:\Windows\system32\restore
2017-12-02 13:01:24 ----D---- C:\Windows\system32\drivers\UMDF
2017-12-02 13:00:20 ----SHD---- C:\$Recycle.Bin
2017-12-02 13:00:17 ----D---- C:\Program Files\Windows NT
2017-11-20 21:32:23 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-11-21 632168]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-11-21 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-01-06 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-01-06 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2014-01-27 1692376]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-10-17 377608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-08-09 4928256]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-01-06 369648]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-01-06 790512]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-17 99288]
R3 NETwNs64;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw02.sys [2014-05-04 3438048]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-08-08 329944]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-08-28 883928]
R3 rtsuvc;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2013-10-18 8876248]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2016-10-18 45048]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2014-03-26 140600]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2014-04-18 1423160]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ibtusb;Aplikace Intel(R) Wireless Bluetooth(R) 4.0 a vysokorychlostní (HS) adaptér; C:\Windows\system32\DRIVERS\ibtusb.sys [2014-05-10 192456]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-11-29 449496]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2014-03-26 1206648]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2014-03-26 1706360]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2014-03-26 1165688]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-17 632048]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-21 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-08-09 355232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-17 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-17 390616]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-01-06 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-18 1914656]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-17 154864]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2014-01-17 3816176]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-02 153168]
S2 TeamViewer;TeamViewer 13; c:\users\lenovo\appdata\local\temp\teamviewer\TeamViewer_Service.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-09 288688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-02 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-17 284912]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-12-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

_________________
Obrázek
Trojan suX hard!
StaY metal!!!


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 06 pro 2017 23:54 
Offline
Vzorný návštěvník
Vzorný návštěvník

Registrován: 16 dub 2007 20:01
Příspěvky: 56
zde ještě log z OTM
All processes killed
========== FILES ==========
File move failed. C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d2eb8269bf8ed4a7d2fc1e70463c756e.exe scheduled to be moved on reboot.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\d2eb8269bf8ed4a7d2fc1e70463c756e not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\d2eb8269bf8ed4a7d2fc1e70463c756e deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lenovo
->Temp folder emptied: 285261303 bytes
->Temporary Internet Files folder emptied: 2040070 bytes
->Google Chrome cache emptied: 183589409 bytes
->Flash cache emptied: 343 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19001279 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 4836040773 bytes

Total Files Cleaned = 5 079,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Lenovo
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 12062017_234323

Files moved on Reboot...
File C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\d2eb8269bf8ed4a7d2fc1e70463c756e.exe not found!
C:\Users\Lenovo\AppData\Local\Temp\TeamViewer\TeamViewer13_Logfile.log moved successfully.
File C:\Users\Lenovo\AppData\Local\Temp\TeamViewer\TVFile2.bak_2017-12-06-22-31-49.tmp not found!
C:\Users\Lenovo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File C:\Users\Lenovo\AppData\Local\Temp\SSScheduler.exe not found!
C:\Users\Lenovo\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\8D223DAA-DAD0-445C-853E-0EF902DDAAA2128c.1d36b6a8021d133\nisfull.vdm scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

_________________
Obrázek
Trojan suX hard!
StaY metal!!!


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 07 pro 2017 22:19 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 101506
Bydliště: Plzeň
OK. Nastala nějaká změna?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 9 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?
>