Preventivní kontrola

Zpráva

Malc · #1 Příspěvek od **Malc** » 27 zář 2017 09:26

Zdravím!
před pár lety mi tu bylo pomoženo tak jsem si vzpomněl, když jsem teď dostal pocit, že se mi zpomaluje nb.

log přeposílám dole. vyjma něj řeším problém, že ačkoliv mám licensi kasperskyho, spouští se mi windows defender a nevím, jak jej vypnout.

zároveň, pokud si to bude číst nějaký admin - zkoušel jsem obnovit zapomenuté heslo na svůj starý mail - mailová adresa nenalezena. stejnou adresu však nelze znovu registrovat.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Malcolm at 2017-09-27 10:07:40
Microsoft Windows 10 Home
System drive C: has 21 GB (8%) free of 243 GB
Total RAM: 8088 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:07:46, on 27.09.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Users\Malcolm\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\trend micro\Malcolm.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus15.msn.com/?pc=ASTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O3 - Toolbar: Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [Bonus.SSR.FR12] "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Malcolm\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Spotify] C:\Users\Malcolm\AppData\Roaming\Spotify\Spotify.exe --autostart
O4 - HKCU\..\Run: [WallpaperEngine] "C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe" -silent
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Malcolm\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #0] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus GiftBox Desktop (ASUSGiftBoxDekstop) - ASUS - C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Kaspersky Anti-Virus Service 17.0.0 (AVP17.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem89.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem95.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) WiDi Software Asset Manager (Intel(R) WiDi SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: IntelUSBoverIP - Intel - C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: WPS Office Update Service (Kingsoft_WPS_UpdateService) - Zhuhai Kingsoft Office Software Co.,Ltd - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe
O23 - Service: Kaspersky Secure Connection Service 1.0.0 (KSDE1.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16100 bytes

======Listing Processes======

c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
winlogon.exe
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"dwm.exe"
c:\windows\system32\svchost.exe -k localservice -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-35aaa5e4-fd54-4cf8-9841-e8845f5a847c -SystemEventPortName:HostProcess-e4577706-541e-4f11-9f3f-39db1aa83a6a -IoCancelEventPortName:HostProcess-e89db69e-d697-4c37-bbcb-309866b29cc1 -NonStateChangingEventPortName:HostProcess-caad6db3-6fbc-493a-adb9-d162feba8a49 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d0d95bb3-ecc2-494f-8a30-67009ad97fa5 -DeviceGroupId:
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s BthHFSrv
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f6cd4038-6179-40f7-a969-f84265b93d67 -SystemEventPortName:HostProcess-d09c6081-1bb0-44e1-8253-2176b13b10d8 -IoCancelEventPortName:HostProcess-7a142578-ffcb-4b6d-9d0e-b1990f05ab07 -NonStateChangingEventPortName:HostProcess-87997ed3-ddd2-48ef-8b4c-e41e079152e9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:89ea08d3-3d69-440f-83f3-8b964b60e350 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SensorService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
C:\WINDOWS\system32\WLANExt.exe 2017201707760
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe"
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe" -r
C:\Windows\system32\CxAudMsg64.exe
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\SysWOW64\esif_uf.exe
C:\WINDOWS\system32\ibtsiva
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
c:\windows\system32\svchost.exe -k networkservice -s TermService
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
"C:\Windows\system32\SAsrv.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"

c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
"C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe"
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
/QuitInfo:00000000000001FC;0000000000000200;
/loadhooks /Parent:00000000000023e8
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe" -hidden
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Users\Malcolm\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files\Conexant\SAII\SmartAudio.exe" /c
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe" -hidden
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -s wlidsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Malcolm\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Malcolm\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x208,0x20c,0x210,0x204,0x214,0x7ff9903d1988,0x7ff9903d1948,0x7ff9903d1958
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=12472 --on-initialized-event-handle=560 --parent-handle=616 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,23,27,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x1916 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=21.20.16.4550 --gpu-driver-date=11-11-2016 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1347 --service-request-channel-token=99F51356A232A565249D167D68A6FABC --mojo-platform-channel-handle=1480 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=211597D0DB18C155B1706EE68591427F --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=211597D0DB18C155B1706EE68591427F --renderer-client-id=4 --mojo-platform-channel-handle=2340 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=C22C31A1269653FFF898BB635435669B --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=C22C31A1269653FFF898BB635435669B --renderer-client-id=10 --mojo-platform-channel-handle=6668 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=B37432E7F0BC48073A239089D648F40D --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=B37432E7F0BC48073A239089D648F40D --renderer-client-id=13 --mojo-platform-channel-handle=7412 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=D2C171B0C28C37F7B162AB3FFB09DC08 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D2C171B0C28C37F7B162AB3FFB09DC08 --renderer-client-id=6 --mojo-platform-channel-handle=8260 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=CCF630BD03AFE71E3972F2670EF2634E --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=CCF630BD03AFE71E3972F2670EF2634E --renderer-client-id=7 --mojo-platform-channel-handle=8844 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=4F0576D0B331DA8615BEF90D239ADD50 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=4F0576D0B331DA8615BEF90D239ADD50 --renderer-client-id=5 --mojo-platform-channel-handle=6664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=7B3A1841BBB7E1754A5B31FCE0322DB3 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=7B3A1841BBB7E1754A5B31FCE0322DB3 --renderer-client-id=9 --mojo-platform-channel-handle=9244 /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
c:\windows\system32\svchost.exe -k localservice -s PhoneSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=E946A563B9EABE3C253840D077370D2E --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=E946A563B9EABE3C253840D077370D2E --renderer-client-id=41 --mojo-platform-channel-handle=3556 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -s BITS
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Malcolm\AppData\Local\Steam\htmlcache" "-steampid=11356" "-buildid=1504757234" "-steamid=0" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Malcolm\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\Malcolm\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x318,0x31c,0x320,0x314,0x324,0x66e681e4,0x66e681f4,0x66e68204
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-blink-features=ResizeObserver --enable-pinch --service-pipe-token=5F95AF605367D931CF85D03CECA624E9 --lang=en-US --lang=cs-CZ --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --disable-spell-checking --buildid=1504757234 --steamid=0 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-gpu-compositing --service-request-channel-token=5F95AF605367D931CF85D03CECA624E9 --renderer-client-id=3 --mojo-platform-channel-handle=3260 /prefetch:1
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s QWAVE
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=3F007C0D90142CBC31A27902E2BC1DB0 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=3F007C0D90142CBC31A27902E2BC1DB0 --renderer-client-id=235 --mojo-platform-channel-handle=14856 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=29F55A59E1B502A9C15C4D5C43656B46 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=29F55A59E1B502A9C15C4D5C43656B46 --renderer-client-id=294 --mojo-platform-channel-handle=10252 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=8ED69405E58DB531B19F06A44BC642ED --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=8ED69405E58DB531B19F06A44BC642ED --renderer-client-id=350 --mojo-platform-channel-handle=14852 /prefetch:1
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
dashost.exe {f4234914-a1d2-4a79-8dcb252cf4a55498}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=2485341C19FFBB412F44142FADD798EE --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=2485341C19FFBB412F44142FADD798EE --renderer-client-id=577 --mojo-platform-channel-handle=15664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1412,3940788954331455814,10170784351529826521,131072 --service-pipe-token=34EBF8544C8ED352D44A10D0A1809C6D --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=34EBF8544C8ED352D44A10D0A1809C6D --renderer-client-id=585 --mojo-platform-channel-handle=6228 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x708
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Malcolm\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\WpsNotifyTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe -from=task
C:\WINDOWS\tasks\WpsUpdateTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe -from=task

=========Mozilla firefox=========

ProfilePath - C:\Users\Malcolm\AppData\Roaming\Mozilla\Firefox\Profiles\e8dpe1ox.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"{C1A2A613-35F1-4FCF-B27F-2840527B6556}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.4.24\coFFAddon\
"light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll

C:\Users\Malcolm\AppData\Roaming\Mozilla\Firefox\Profiles\e8dpe1ox.default\extensions\
{a00bef25-f21a-4539-adbb-b179b29e2b92}

C:\Users\Malcolm\AppData\Roaming\Mozilla\Firefox\Profiles\e8dpe1ox.default\searchplugins\
firmycz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-02-10 1253736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-22 210120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-22 3226824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-02-10 1028968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-22 149704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-22 2178248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{093F479D-712E-46CD-9E06-62E734A05F68} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-02-10 1253736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{093F479D-712E-46CD-9E06-62E734A05F68} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-02-10 1028968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2015-06-10 599896]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2015-12-17 241152]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-05-03 1893496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Malcolm\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-22 1686736]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-09-07 3071776]
"Rainlendar2"=C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2015-11-13 2739240]
"Spotify"=C:\Users\Malcolm\AppData\Roaming\Spotify\Spotify.exe [2017-09-15 20644976]
"WallpaperEngine"=C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe [2017-09-20 1733096]
"Spotify Web Helper"=C:\Users\Malcolm\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-09-15 777840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Bonus.SSR.FR12"=C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [2016-01-05 1472312]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=24

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

Malc · #2 Příspěvek od **Malc** » 27 zář 2017 09:26

======List of files/folders created in the last 1 month======

2017-09-27 10:07:40 ----D---- C:\rsit
2017-09-27 10:07:40 ----D---- C:\Program Files\trend micro
2017-09-15 03:36:03 ----D---- C:\Users\Malcolm\AppData\Roaming\ArcadeGameSeries
2017-09-13 18:30:50 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2017-09-13 18:30:50 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-09-13 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-09-13 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-09-13 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-09-13 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2017-09-13 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-09-13 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-09-13 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2017-09-13 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-09-13 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-09-13 18:30:49 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2017-09-13 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-09-13 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-09-13 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-09-13 18:30:48 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-09-13 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-09-13 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-09-13 18:30:47 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-09-13 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-09-13 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-13 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2017-09-13 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-09-13 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-09-13 18:30:46 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2017-09-13 18:30:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-09-13 18:30:45 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-09-13 18:30:45 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-09-13 18:30:45 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-09-13 18:30:45 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-09-13 18:30:45 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-09-13 18:30:44 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-09-13 18:30:44 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-09-13 18:30:44 ----A---- C:\WINDOWS\SYSWOW64\RstrtMgr.dll
2017-09-13 18:30:44 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-09-13 18:30:44 ----A---- C:\WINDOWS\SYSWOW64\CredentialUIBroker.exe
2017-09-13 18:30:44 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-09-13 18:30:43 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-09-13 18:30:43 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-09-13 18:30:43 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-09-13 18:30:43 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-09-13 18:30:43 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-09-13 18:30:42 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-09-13 18:30:42 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-09-13 18:30:42 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-09-13 18:30:41 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-09-13 18:30:41 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-09-13 18:30:41 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-09-13 18:30:41 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-09-13 18:30:41 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-09-13 18:30:41 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2017-09-13 18:30:41 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-09-13 18:30:41 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-09-13 18:30:41 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-09-13 18:30:41 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-09-13 18:30:41 ----A---- C:\WINDOWS\system32\drivers\bthpan.sys
2017-09-13 18:30:40 ----A---- C:\WINDOWS\SYSWOW64\wevtapi.dll
2017-09-13 18:30:40 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-09-13 18:30:40 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2017-09-13 18:30:40 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2017-09-13 18:30:40 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2017-09-13 18:30:40 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2017-09-13 18:30:40 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2017-09-13 18:30:40 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-09-13 18:30:40 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-09-13 18:30:40 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\wisp.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\tbs.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\rasplap.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\dinput8.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\SYSWOW64\appidapi.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-09-13 18:30:39 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2017-09-13 18:30:39 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys
2017-09-13 18:30:39 ----A---- C:\WINDOWS\system32\BthHFSrv.dll
2017-09-13 18:30:38 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-09-13 18:30:38 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2017-09-13 18:30:38 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2017-09-13 18:30:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2017-09-13 18:30:37 ----A---- C:\WINDOWS\SYSWOW64\shdocvw.dll
2017-09-13 18:30:37 ----A---- C:\WINDOWS\SYSWOW64\Phoneutil.dll
2017-09-13 18:30:37 ----A---- C:\WINDOWS\SYSWOW64\ntprint.exe
2017-09-13 18:30:37 ----A---- C:\WINDOWS\SYSWOW64\dinput.dll
2017-09-13 18:30:37 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2017-09-13 18:30:37 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-13 18:30:34 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-09-13 18:30:33 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-09-13 18:30:33 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-09-13 18:30:31 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-09-13 18:30:31 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-09-13 18:30:31 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-09-13 18:30:30 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-09-13 18:30:29 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-13 18:30:29 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-13 18:30:29 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2017-09-13 18:30:29 ----A---- C:\WINDOWS\system32\cryptngc.dll
2017-09-13 18:30:28 ----A---- C:\WINDOWS\system32\Phoneutil.dll
2017-09-13 18:30:28 ----A---- C:\WINDOWS\system32\ngcrecovery.dll
2017-09-13 18:30:28 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2017-09-13 18:30:28 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2017-09-13 18:30:27 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-09-13 18:30:27 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-13 18:30:26 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-09-13 18:30:26 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-09-13 18:30:26 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-09-13 18:30:25 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2017-09-13 18:30:25 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-09-13 18:30:25 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-09-13 18:30:25 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-09-13 18:30:24 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-09-13 18:30:24 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-09-13 18:30:24 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-09-13 18:30:24 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-09-13 18:30:24 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-09-13 18:30:23 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-09-13 18:30:23 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-09-13 18:30:23 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-09-13 18:30:22 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-13 18:30:22 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-09-13 18:30:22 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-09-13 18:30:22 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-09-13 18:30:22 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-09-13 18:30:22 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2017-09-13 18:30:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-09-13 18:30:20 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-09-13 18:30:20 ----A---- C:\WINDOWS\system32\offreg.dll
2017-09-13 18:30:20 ----A---- C:\WINDOWS\system32\localspl.dll
2017-09-13 18:30:20 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-09-13 18:30:20 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-09-13 18:30:20 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-09-13 18:30:18 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2017-09-13 18:30:18 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-09-13 18:30:18 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-13 18:30:18 ----A---- C:\WINDOWS\system32\nettrace.dll
2017-09-13 18:30:18 ----A---- C:\WINDOWS\system32\msvproc.dll
2017-09-13 18:30:18 ----A---- C:\WINDOWS\system32\mfps.dll
2017-09-13 18:30:18 ----A---- C:\WINDOWS\system32\mfds.dll
2017-09-13 18:30:17 ----A---- C:\WINDOWS\system32\SEMgrPS.dll
2017-09-13 18:30:17 ----A---- C:\WINDOWS\system32\rasplap.dll
2017-09-13 18:30:17 ----A---- C:\WINDOWS\system32\rasgcw.dll
2017-09-13 18:30:17 ----A---- C:\WINDOWS\system32\rasdlg.dll
2017-09-13 18:30:17 ----A---- C:\WINDOWS\system32\ntprint.dll
2017-09-13 18:30:17 ----A---- C:\WINDOWS\system32\drivers\nsiproxy.sys
2017-09-13 18:30:17 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2017-09-13 18:30:17 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2017-09-13 18:30:16 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-09-13 18:30:16 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-09-13 18:30:16 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-09-13 18:30:16 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2017-09-13 18:30:16 ----A---- C:\WINDOWS\system32\spoolsv.exe
2017-09-13 18:30:16 ----A---- C:\WINDOWS\system32\ntprint.exe
2017-09-13 18:30:16 ----A---- C:\WINDOWS\system32\inetpp.dll
2017-09-13 18:30:16 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-09-13 18:30:16 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-09-13 18:30:15 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-09-13 18:30:15 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-09-13 18:30:15 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-09-13 18:30:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-09-13 18:30:14 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-09-13 18:30:14 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-09-13 18:30:14 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-09-13 18:30:14 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-09-13 18:30:14 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-09-13 18:30:14 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-09-13 18:30:14 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-13 18:30:13 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-09-13 18:30:13 ----A---- C:\WINDOWS\system32\wer.dll
2017-09-13 18:30:13 ----A---- C:\WINDOWS\system32\wc_storage.dll
2017-09-13 18:30:13 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-09-13 18:30:13 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-09-13 18:30:13 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-09-13 18:30:13 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-13 18:30:12 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-09-13 18:30:11 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-09-13 18:30:11 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-13 18:30:11 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-09-13 18:30:10 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2017-09-13 18:30:10 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2017-09-13 18:30:10 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2017-09-13 18:30:10 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-09-13 18:30:10 ----A---- C:\WINDOWS\system32\datamarketsvc.dll
2017-09-13 18:30:10 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2017-09-13 18:30:09 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-13 18:30:09 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-09-13 18:30:09 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2017-09-13 18:30:09 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-09-13 18:30:09 ----A---- C:\WINDOWS\system32\OpcServices.dll
2017-09-13 18:30:09 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-09-13 18:30:08 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-13 18:30:07 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-13 18:30:06 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-09-13 18:30:06 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-09-13 18:30:06 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-13 18:30:06 ----A---- C:\WINDOWS\system32\NotificationController.dll
2017-09-13 18:30:05 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-13 18:30:05 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-09-13 18:30:05 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-13 18:30:05 ----A---- C:\WINDOWS\system32\msIso.dll
2017-09-13 18:30:05 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-09-13 18:30:04 ----A---- C:\WINDOWS\system32\twinui.dll
2017-09-13 18:30:04 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-09-13 18:30:04 ----A---- C:\WINDOWS\system32\RstrtMgr.dll
2017-09-13 18:30:04 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-13 18:30:04 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-13 18:30:03 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-13 18:30:03 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-09-13 18:30:03 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-09-13 18:30:02 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-13 18:30:02 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-09-13 18:30:02 ----A---- C:\WINDOWS\system32\wininet.dll
2017-09-13 18:30:02 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-09-13 18:30:02 ----A---- C:\WINDOWS\system32\rpcss.dll
2017-09-13 18:30:02 ----A---- C:\WINDOWS\system32\combase.dll
2017-09-13 18:30:02 ----A---- C:\WINDOWS\explorer.exe
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\winsrvext.dll
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\werui.dll
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-09-13 18:30:01 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-13 18:30:00 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-09-13 18:30:00 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-09-13 18:30:00 ----A---- C:\WINDOWS\system32\rasapi32.dll
2017-09-13 18:30:00 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-09-13 18:30:00 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-13 18:30:00 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-13 18:29:59 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-09-13 18:29:59 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-09-13 18:29:59 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2017-09-13 18:29:59 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2017-09-13 18:29:59 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-09-13 18:29:59 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-09-13 18:29:59 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-09-13 18:29:59 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-09-13 18:29:58 ----A---- C:\WINDOWS\system32\shell32.dll
2017-09-13 18:29:57 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-09-13 18:29:57 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-09-13 18:29:57 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-09-13 18:29:56 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-09-13 18:29:56 ----A---- C:\WINDOWS\system32\wpx.dll
2017-09-13 18:29:56 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-13 18:29:56 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-13 18:29:56 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-09-13 18:29:56 ----A---- C:\WINDOWS\system32\netlogon.dll
2017-09-13 18:29:55 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2017-09-13 18:29:55 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-13 18:29:55 ----A---- C:\WINDOWS\system32\rascustom.dll
2017-09-13 18:29:55 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-09-13 18:29:55 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-09-13 18:29:54 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-09-13 18:29:54 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2017-09-13 18:29:54 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-09-13 18:29:54 ----A---- C:\WINDOWS\system32\bcdedit.exe
2017-09-13 18:29:53 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-09-13 18:29:53 ----A---- C:\WINDOWS\system32\wevtapi.dll
2017-09-13 18:29:53 ----A---- C:\WINDOWS\system32\user32.dll
2017-09-13 18:29:53 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2017-09-13 18:29:53 ----A---- C:\WINDOWS\system32\SHCore.dll
2017-09-13 18:29:53 ----A---- C:\WINDOWS\system32\propsys.dll
2017-09-13 18:29:53 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2017-09-13 18:29:53 ----A---- C:\WINDOWS\system32\httpprxm.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\wisp.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\win32u.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\tdh.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\tbs.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\setupapi.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\profsvc.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\PhoneService.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\nltest.exe
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\dsreg.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\dinput8.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\csplte.dll
2017-09-13 18:29:52 ----A---- C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\wups.dll
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\win32k.sys
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\srpapi.dll
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\shdocvw.dll
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\rasman.dll
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\dinput.dll
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\dab.dll
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\authz.dll
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\appinfo.dll
2017-09-13 18:29:51 ----A---- C:\WINDOWS\system32\appidapi.dll
2017-09-01 17:23:59 ----D---- C:\Users\Malcolm\AppData\Roaming\WildTangent
2017-09-01 16:59:25 ----SHD---- C:\AI_RecycleBin
2017-09-01 01:07:18 ----D---- C:\Users\Malcolm\AppData\Roaming\The Creative Assembly

======List of files/folders modified in the last 1 month======

2017-09-27 10:07:40 ----RD---- C:\Program Files
2017-09-27 10:01:00 ----D---- C:\WINDOWS\system32\sru
2017-09-27 09:32:47 ----D---- C:\WINDOWS\Temp
2017-09-27 09:24:46 ----D---- C:\ProgramData\Kaspersky Lab
2017-09-27 09:11:02 ----D---- C:\WINDOWS\Prefetch
2017-09-27 09:04:17 ----D---- C:\WINDOWS\system32\SleepStudy
2017-09-26 20:10:14 ----D---- C:\Program Files (x86)\Steam
2017-09-26 17:43:26 ----D---- C:\WINDOWS\INF
2017-09-26 17:27:42 ----SHD---- C:\System Volume Information
2017-09-26 17:26:02 ----D---- C:\WINDOWS\system32\Tasks
2017-09-26 17:20:24 ----RD---- C:\WINDOWS\Microsoft.NET
2017-09-26 17:16:26 ----D---- C:\WINDOWS\System32
2017-09-26 17:16:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-26 17:16:11 ----SHD---- C:\WINDOWS\Installer
2017-09-26 17:16:11 ----D---- C:\WINDOWS\Tasks
2017-09-26 17:15:54 ----D---- C:\Users\Malcolm\AppData\Roaming\Riot Games
2017-09-26 17:10:27 ----D---- C:\Users\Malcolm\AppData\Roaming\Spotify
2017-09-26 17:10:15 ----D---- C:\ProgramData\ASUS Smart Gesture
2017-09-26 17:10:09 ----D---- C:\ProgramData\NVIDIA
2017-09-26 17:09:28 ----D---- C:\WINDOWS\system32\catroot2
2017-09-26 17:03:14 ----D---- C:\WINDOWS\AppReadiness
2017-09-26 17:03:00 ----HD---- C:\Program Files\WindowsApps
2017-09-23 15:29:08 ----D---- C:\WINDOWS\system32\config
2017-09-23 14:24:56 ----RSD---- C:\WINDOWS\assembly
2017-09-23 14:24:18 ----D---- C:\WINDOWS\WinSxS
2017-09-23 14:24:18 ----D---- C:\WINDOWS\system32\DriverStore
2017-09-23 14:21:59 ----D---- C:\WINDOWS\rescache
2017-09-22 15:57:18 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-09-22 15:37:59 ----D---- C:\WINDOWS\system32\drivers
2017-09-22 15:37:13 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-09-22 15:37:13 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-09-22 15:37:12 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-09-22 15:37:12 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-09-22 15:37:12 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-09-22 15:37:12 ----D---- C:\WINDOWS\SysWOW64
2017-09-22 15:37:09 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-09-22 15:37:09 ----D---- C:\WINDOWS\system32\wbem
2017-09-22 15:37:09 ----D---- C:\WINDOWS\system32\setup
2017-09-22 15:37:08 ----SD---- C:\WINDOWS\system32\F12
2017-09-22 15:37:08 ----D---- C:\WINDOWS\system32\en-US
2017-09-22 15:37:08 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-09-22 15:37:08 ----D---- C:\WINDOWS\system32\cs-CZ
2017-09-22 15:37:08 ----D---- C:\WINDOWS\system32\cs
2017-09-22 15:37:05 ----D---- C:\WINDOWS\ShellExperiences
2017-09-22 15:37:02 ----D---- C:\Windows
2017-09-22 15:37:02 ----D---- C:\Program Files\Windows Photo Viewer
2017-09-22 15:37:02 ----D---- C:\Program Files\Windows Mail
2017-09-22 15:37:02 ----D---- C:\Program Files\Internet Explorer
2017-09-22 15:37:02 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-09-22 15:37:02 ----D---- C:\Program Files (x86)\Windows Mail
2017-09-22 15:37:02 ----D---- C:\Program Files (x86)\Internet Explorer
2017-09-22 15:36:43 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-09-22 15:36:28 ----D---- C:\Program Files (x86)\Common Files
2017-09-17 19:03:23 ----D---- C:\Users\Malcolm\AppData\Roaming\uTorrent
2017-09-13 18:35:49 ----D---- C:\WINDOWS\system32\MRT
2017-09-13 18:34:10 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-09-13 18:32:03 ----D---- C:\WINDOWS\CbsTemp
2017-09-13 13:10:26 ----D---- C:\Users\Malcolm\AppData\Roaming\MPC-HC
2017-09-13 01:02:07 ----D---- C:\WINDOWS\system32\Macromed
2017-09-13 01:02:06 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-09-08 03:54:27 ----D---- C:\WINDOWS\system32\NDF
2017-09-06 15:27:29 ----D---- C:\WINDOWS\debug
2017-09-06 14:13:47 ----D---- C:\WINDOWS\Logs
2017-09-02 17:15:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-09-01 17:24:00 ----RD---- C:\Program Files (x86)
2017-09-01 17:24:00 ----D---- C:\ProgramData\WildTangent
2017-09-01 17:22:58 ----D---- C:\Program Files (x86)\ASUS
2017-09-01 17:20:29 ----D---- C:\Users\Malcolm\AppData\Roaming\DAEMON Tools Lite
2017-09-01 17:20:28 ----D---- C:\Users\Malcolm\AppData\Roaming\TS3Client
2017-09-01 17:19:33 ----DC---- C:\WINDOWS\Panther
2017-09-01 17:19:32 ----D---- C:\WINDOWS\LiveKernelReports
2017-09-01 17:12:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-01 16:39:32 ----AD---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit); C:\WINDOWS\system32\DRIVERS\cm_km.sys [2016-06-10 238936]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-08-10 1462720]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2016-06-02 554416]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [2016-06-08 63920]
R0 klupd_klif_arkmon;klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [2017-04-27 229288]
R0 klupd_klif_klbg;klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [2017-04-27 112912]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\WINDOWS\system32\DRIVERS\klbackupflt.sys [2016-06-15 86352]
R1 klhk;@oem30.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\WINDOWS\System32\drivers\klhk.sys [2017-07-19 520152]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2017-07-19 1021624]
R1 KLIM6;@oem52.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\WINDOWS\system32\DRIVERS\klim6.sys [2017-05-09 57424]
R1 klpd;Kaspersky Lab format recognizer driver; C:\WINDOWS\system32\DRIVERS\klpd.sys [2016-06-01 45488]
R1 klwfp;klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [2016-06-18 85320]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\WINDOWS\system32\DRIVERS\klwtp.sys [2017-03-13 136416]
R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2017-07-19 199640]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 kldisk;kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [2016-06-01 78216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R3 acpials;@sensorsalsdriver.inf,%kbfiltr.SvcDesc%;ALS Sensor Filter; C:\WINDOWS\System32\drivers\acpials.sys [2017-03-20 12288]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2015-05-25 21816]
R3 ATP;@oem7.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2015-12-14 98296]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-03-18 181248]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-07-28 105472]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\System32\drivers\BthHfAud.sys [2017-03-18 47104]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-07-28 97280]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-05 130560]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 CnxtHdAudService;@oem98.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-08-19 1554552]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2015-08-17 55816]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2015-08-17 53752]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2015-08-17 261624]
R3 HIDSwitch;@oem72.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 ibtusb;@oem95.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-10-15 250624]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igdkmd64.sys [2016-11-30 11039712]
R3 IntcDAud;@oem19.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-10-07 822248]
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2017-07-19 197312]
R3 klids;klids; \??\C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [2017-09-26 186696]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [2016-05-19 52136]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2015-06-07 41656]
R3 kltap;@oem64.inf,%DeviceDescription%;Kaspersky Security Data Escort Adapter; C:\WINDOWS\System32\drivers\kltap.sys [2016-06-07 52152]
R3 klupd_klif_kimul;klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [2017-03-14 87584]
R3 klupd_klif_klark;klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [2017-04-27 251656]
R3 klupd_klif_mark;klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [2017-04-27 173144]
R3 MEIx64;@oem66.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-08-31 185088]
R3 Netwtw04;@oem55.inf,%NIC_Service_DispName_WINT_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [2016-12-19 7918840]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvlddmkm.sys [2016-12-12 14200880]
R3 nvvad_WaveExtensible;@oem9.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-05-03 48248]
R3 nvvhci;@oem20.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-05-03 57976]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-08-01 180736]
R3 SensorsAlsDriver;@sensorsalsdriver.inf,%WudfSensorsAlsDriverDisplayName%;UMDF Reflector service for SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-03-18 220672]
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys [2016-03-31 28792]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-07-28 982016]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 dtlitescsibus;@oem61.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-01-30 30264]
S3 dtliteusbbus;@oem67.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-01-30 47672]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 GeneStor;Genesys Logic Storage Driver; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [2015-07-15 115704]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-05-03 30328]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 rtux64w10;@rtux64w10.inf,%Rtlunic.Service.DispName%;Realtek USB FE/GbE NIC Family Windows 10 64-bit Driver; C:\WINDOWS\System32\drivers\rtux64w10.sys [2017-03-18 348672]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-07-07 123704]
R2 ASUSGiftBoxDekstop;Asus GiftBox Desktop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [2015-06-12 313488]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
R2 AVP17.0.0;Kaspersky Anti-Virus Service 17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [2016-06-28 241544]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_5484a;Uživatelská služba platformy připojených zařízení_5484a; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-09-08 4424392]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CxAudMsg;Conexant Audio Message Service; C:\Windows\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 esifsvc;@oem89.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWOW64\esif_uf.exe [2015-08-17 1385640]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-11-29 640928]
R2 ibtsiva;@oem95.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe [2016-11-30 341984]
R2 IntelUSBoverIP;IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [2015-07-06 396992]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-09-04 207648]
R2 KSDE1.0.0;Kaspersky Secure Connection Service 1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [2016-06-28 241544]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-09-04 415520]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-11 459832]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-05-03 450168]
R2 OneSyncSvc_5484a;Hostitel synchronizace_5484a; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-11-29 157600]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\syswow64\SAsrv.exe [2015-04-17 427224]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-07-07 336320]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_5484a;Data kontaktů_5484a; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-01 153752]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 Kingsoft_WPS_UpdateService;WPS Office Update Service; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [2015-08-15 133480]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe [2016-11-30 301536]
S3 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe [2016-11-30 480224]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_5484a;Tok zařízení_5484a; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-01 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) WiDi SAM;Intel(R) WiDi Software Asset Manager; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-08-12 18152]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [2016-06-28 77328]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_5484a;Služba zasílání zpráv_5484a; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-08-24 175568]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-11-29 268704]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-08 213704]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S4 ABBYY.Licensing.FineReader.Professional.12.0;ABBYY FineReader 12 PE Licensing Service; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [2014-01-23 925904]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]

-----------------EOF-----------------

#3 Příspěvek od **Roli** » 28 zář 2017 17:38

Zdravím,

Windows Defender zakaž v Centru zabezpečení.

Stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :

Služba Aktualizace Google (gupdate)
Služba Aktualizace Google (gupdatem)
Cyberlink RichVideo64 Service

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

Malc · #4 Příspěvek od **Malc** » 29 zář 2017 08:58

# AdwCleaner 7.0.3.0 - Logfile created on Fri Sep 29 07:53:03 2017
# Updated on 2017/28/09 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1210 B] - [2017/9/29 7:51:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

#5 Příspěvek od **Roli** » 29 zář 2017 18:01

Bezva, jak se PC chová nyní ?

Malc · #6 Příspěvek od **Malc** » 30 zář 2017 09:14

On je to relativně výkonný nb, takže se těžko vnímá nějaké zpomalování:) jestli myslíte, že je v cajku a není tam žádná schovaná havěť, jsem spokojen!

akorát windows defender se mi vypnout nepodařilo, jediné zbývající možnosti jsou přes registry, a to mi přijde moc natvrdo

#7 Příspěvek od **Roli** » 02 říj 2017 17:33

Havěť tam není a ten Defender zkus zastavit podle Microsoftu. Kdyby to ani tak nešlo zkusíme pořešit jinak.

VIRY.CZ

Preventivní kontrola

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola