Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Martin1
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 18 zář 2016 13:35

Prosím o kontrolu

#1 Příspěvek od Martin1 »

Dobrý deň, prosím o preventívnu kontrolu logu, ďakujem.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2018-02-26 21:09:00
Microsoft Windows 10 Home
System drive C: has 28 GB (35%) free of 79 GB
Total RAM: 4046 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:09:12, on 26.2.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\Steam.exe
E:\Inštalácia programov\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\ProgramData\Battle.net\Agent\Agent.6066\Agent.exe
E:\Inštalácia programov\Battle.net\Battle.net.exe
E:\Inštalácia programov\Battle.net\Battle.net.9854\Battle.net Helper.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\MICROS~1\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [SDTray] "E:\Inštalácia programov\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Monitoring] "E:\Inštalácia programov\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [Spotify] C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3658169146-2647879922-1068650298-1000\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'defaultuser0')
O4 - HKUS\S-1-5-21-3658169146-2647879922-1068650298-1000\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'defaultuser0')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://E:\Inštalácia programov\Microsoft Office\Office16\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - E:\Inštalácia programov\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - E:\Inštalácia programov\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 9534 bytes

======Listing Processes======








c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem

c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
dashost.exe {6d44972e-fc11-4897-8eac5638651d3d05}
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks

c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"E:\Inštalácia programov\Spybot - Search & Destroy 2\SDFSSvc.exe"
"E:\Inštalácia programov\Spybot - Search & Destroy 2\SDUpdSvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"fontdrvhost.exe"
atieclxx
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
taskhostw.exe
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"ctfmon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"E:\Inštalácia programov\Spybot - Search & Destroy 2\SDTray.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Martin\AppData\Local\Steam\htmlcache" "-steampid=10268" "-buildid=1513371133" "-steamid=0" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Martin\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\Martin\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x300,0x304,0x308,0x2fc,0x30c,0x6ab181a4,0x6ab181b4,0x6ab181c4
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --service-pipe-token=61021921DB703A81C8480349C8D3B5B3 --enable-blink-features=ResizeObserver --lang=en-US --lang=sk-SK --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback.host/* --disable-spell-checking --buildid=1513371133 --steamid=0 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=61021921DB703A81C8480349C8D3B5B3 --renderer-client-id=2 --mojo-platform-channel-handle=1912 /prefetch:1
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1802.311.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\ProgramData\Battle.net\Agent\Agent.6066\Agent.exe" --locale=enUS --session=11539464403711085419
\??\C:\WINDOWS\system32\conhost.exe 0x4
"E:\Inštalácia programov\Battle.net\Battle.net.exe" --game=diablo3_enus "--gamepath=E:\Inštalácia programov\Diablo III"
"Battle.net Helper.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\Martin\AppData\Local\Battle.net\Logs\libcef-20180226T181220.253591.log" --log-severity=error --product-version="Battle.net/1.10.2.9854 Chrome/62.0.3202.94" --gpu-vendor-id=0x1002 --gpu-device-id=0x6841 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.1008 --gpu-driver-date=11-4-2015 --lang=en-US --log-file="C:\Users\Martin\AppData\Local\Battle.net\Logs\libcef-20180226T181220.253591.log" --log-severity=error --product-version="Battle.net/1.10.2.9854 Chrome/62.0.3202.94" --service-request-channel-token=AD5FF0BCF5ACB24A8B7BF707206D9225 --mojo-platform-channel-handle=2828 /prefetch:2
C:\WINDOWS\system32\AUDIODG.EXE 0x4a8
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\smartscreen.exe -Embedding
"E:\Inštalácia programov\Mozilla Firefox\firefox.exe"
"E:\Inštalácia programov\Mozilla Firefox\firefox.exe" -contentproc --channel="9064.0.1455732852\727860203" -greomni "E:\Inštalácia programov\Mozilla Firefox\omni.ja" -appomni "E:\Inštalácia programov\Mozilla Firefox\browser\omni.ja" -appdir "E:\Inštalácia programov\Mozilla Firefox\browser" "C:\Users\Martin\AppData\LocalLow\Mozilla\Temp-{255f71e4-03e6-47ed-9d1e-a32be2207e19}" 9064 "\\.\pipe\gecko-crash-server-pipe.9064" gpu
"E:\Inštalácia programov\Mozilla Firefox\firefox.exe" -contentproc --channel="9064.3.211011084\1092266636" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{255f71e4-03e6-47ed-9d1e-a32be2207e19}|" -schedulerPrefs 0001,2 -greomni "E:\Inštalácia programov\Mozilla Firefox\omni.ja" -appomni "E:\Inštalácia programov\Mozilla Firefox\browser\omni.ja" -appdir "E:\Inštalácia programov\Mozilla Firefox\browser" 9064 "\\.\pipe\gecko-crash-server-pipe.9064" tab
"E:\Inštalácia programov\Mozilla Firefox\firefox.exe" -contentproc --channel="9064.13.321228830\1324257120" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{255f71e4-03e6-47ed-9d1e-a32be2207e19}|" -schedulerPrefs 0001,2 -greomni "E:\Inštalácia programov\Mozilla Firefox\omni.ja" -appomni "E:\Inštalácia programov\Mozilla Firefox\browser\omni.ja" -appdir "E:\Inštalácia programov\Mozilla Firefox\browser" 9064 "\\.\pipe\gecko-crash-server-pipe.9064" tab
"E:\Inštalácia programov\Mozilla Firefox\firefox.exe" -contentproc --channel="9064.20.732345235\406294461" -childID 3 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{255f71e4-03e6-47ed-9d1e-a32be2207e19}|" -schedulerPrefs 0001,2 -greomni "E:\Inštalácia programov\Mozilla Firefox\omni.ja" -appomni "E:\Inštalácia programov\Mozilla Firefox\browser\omni.ja" -appdir "E:\Inštalácia programov\Mozilla Firefox\browser" 9064 "\\.\pipe\gecko-crash-server-pipe.9064" tab
"E:\Inštalácia programov\Mozilla Firefox\firefox.exe" -contentproc --channel="9064.27.2080813626\1929857771" -childID 4 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{255f71e4-03e6-47ed-9d1e-a32be2207e19}|" -schedulerPrefs 0001,2 -greomni "E:\Inštalácia programov\Mozilla Firefox\omni.ja" -appomni "E:\Inštalácia programov\Mozilla Firefox\browser\omni.ja" -appdir "E:\Inštalácia programov\Mozilla Firefox\browser" 9064 "\\.\pipe\gecko-crash-server-pipe.9064" tab
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe180_ Global\UsGthrCtrlFltPipeMssGthrPipe180 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 740 744 752 8192 748
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Martin\Downloads\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\i3qb0hag.default

prefs.js - "browser.startup.homepage" - "google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\MICROS~1\Office16\NPSPWRAP.DLL


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\Inštalácia programov\Microsoft Office\Office16\NPSPWRAP.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\MICROS~1\Office16\GROOVEEX.DLL [2015-07-31 1512152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-02-16 243496]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-09-21 3954368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2017-09-29 20488312]
"CCleaner Monitoring"=E:\Inštalácia programov\CCleaner\CCleaner64.exe [2018-02-07 10290608]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-12-15 3111712]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"Spotify"=C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe [2018-02-16 21325200]
"Spotify Web Helper"=C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-02-16 780688]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SDTray"=E:\Inštalácia programov\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-04 767176]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"E:\Inštalácia programov\Spybot - Search & Destroy 2\SDTray.exe"="E:\Inštalácia programov\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"E:\Inštalácia programov\Spybot - Search & Destroy 2\SDFSSvc.exe"="E:\Inštalácia programov\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"E:\Inštalácia programov\Spybot - Search & Destroy 2\SDUpdate.exe"="E:\Inštalácia programov\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"E:\Inštalácia programov\Spybot - Search & Destroy 2\SDUpdSvc.exe"="E:\Inštalácia programov\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2018-02-26 21:09:01 ----D---- C:\Program Files\trend micro
2018-02-26 21:09:00 ----D---- C:\rsit
2018-02-17 14:05:19 ----D---- C:\ProgramData\Blizzard Entertainment
2018-02-17 14:03:01 ----D---- C:\Users\Martin\AppData\Roaming\Battle.net
2018-02-16 16:55:47 ----D---- C:\Users\Martin\AppData\Roaming\Victor Vran
2018-02-16 13:14:37 ----A---- C:\WINDOWS\system32\aswBoot.exe
2018-02-14 21:26:47 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-14 21:26:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-02-14 21:26:46 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2018-02-14 21:26:46 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-02-14 21:26:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-02-14 21:26:45 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-02-14 21:26:45 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-02-14 21:26:45 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-02-14 21:26:45 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-02-14 21:26:45 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-02-14 21:26:45 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-02-14 21:26:45 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-02-14 21:26:43 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-02-14 21:26:43 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-02-14 21:26:43 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-02-14 21:26:43 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2018-02-14 21:26:43 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-02-14 21:26:43 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-02-14 21:26:42 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-02-14 21:26:42 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2018-02-14 21:26:42 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-02-14 21:26:41 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-02-14 21:26:41 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-02-14 21:26:41 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-02-14 21:26:41 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-14 21:26:41 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-02-14 21:26:41 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-02-14 21:26:41 ----A---- C:\WINDOWS\system32\audiosrv.dll
2018-02-14 21:26:41 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-14 21:26:40 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-02-14 21:26:40 ----A---- C:\WINDOWS\system32\hal.dll
2018-02-14 21:26:40 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-02-14 21:26:40 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2018-02-14 21:26:39 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-02-14 21:26:39 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2018-02-14 21:26:39 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-02-14 21:26:38 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-02-14 21:26:38 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-02-14 21:26:38 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-02-14 21:26:37 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-02-14 21:26:37 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-02-14 21:26:37 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-02-14 21:26:37 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-02-14 21:26:37 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-02-14 21:26:37 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-02-14 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2018-02-14 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2018-02-14 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2018-02-14 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2018-02-14 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2018-02-14 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-02-14 21:26:36 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-02-14 21:26:36 ----A---- C:\WINDOWS\system32\nshhttp.dll
2018-02-14 21:26:36 ----A---- C:\WINDOWS\system32\evr.dll
2018-02-14 21:26:36 ----A---- C:\WINDOWS\system32\DbgModel.dll
2018-02-14 21:26:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-02-14 21:26:35 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-02-14 21:26:35 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2018-02-14 21:26:35 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2018-02-14 21:26:35 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-14 21:26:35 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-14 21:26:35 ----A---- C:\WINDOWS\system32\audiodg.exe
2018-02-14 21:26:34 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-02-14 21:26:34 ----A---- C:\WINDOWS\system32\InputService.dll
2018-02-14 21:26:34 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-02-14 21:26:34 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-02-14 21:26:34 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2018-02-14 21:26:34 ----A---- C:\WINDOWS\system32\d3d11.dll
2018-02-14 21:26:33 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-02-14 21:26:33 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-02-14 21:26:33 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-02-14 21:26:33 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-14 21:26:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-02-14 21:26:32 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-02-14 21:26:32 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-02-14 21:26:32 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-02-14 21:26:31 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-02-14 21:26:31 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-02-14 21:26:31 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-02-14 21:26:31 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-02-14 21:26:30 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-02-14 21:26:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-02-14 21:26:29 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-02-14 21:26:29 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-02-14 21:26:29 ----A---- C:\WINDOWS\system32\mfsvr.dll
2018-02-14 21:26:29 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-02-14 21:26:29 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-02-14 21:26:29 ----A---- C:\WINDOWS\system32\dnsapi.dll
2018-02-14 21:26:28 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-14 21:26:28 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-02-14 21:26:28 ----A---- C:\WINDOWS\system32\AudioSes.dll
2018-02-14 21:26:27 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-02-14 21:26:27 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-02-14 21:26:27 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-02-14 21:26:26 ----A---- C:\WINDOWS\system32\ncsi.dll
2018-02-14 21:26:26 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-02-14 21:26:25 ----A---- C:\WINDOWS\system32\msIso.dll
2018-02-14 21:26:25 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-02-14 21:26:25 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-02-14 21:26:25 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-02-14 21:26:24 ----A---- C:\WINDOWS\system32\wininet.dll
2018-02-14 21:26:23 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-02-14 21:26:23 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-02-14 21:26:22 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-14 21:26:20 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-02-14 21:26:20 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-02-14 21:26:19 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-02-14 21:26:19 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-02-14 21:26:18 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-14 21:26:18 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-02-14 21:26:18 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-02-14 21:26:17 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-14 21:26:17 ----A---- C:\WINDOWS\system32\ISM.dll
2018-02-14 21:26:17 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-14 21:26:17 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-14 21:26:16 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2018-02-14 21:26:16 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-02-14 21:26:16 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2018-02-14 21:26:16 ----A---- C:\WINDOWS\system32\wuauclt.exe
2018-02-14 21:26:16 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-02-14 21:26:16 ----A---- C:\WINDOWS\system32\nlaapi.dll
2018-02-14 21:26:16 ----A---- C:\WINDOWS\system32\convertvhd.exe
2018-02-14 21:26:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2018-02-14 21:26:15 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-02-14 21:26:15 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2018-02-14 21:26:15 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-14 21:26:15 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2018-02-14 21:26:14 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-02-14 21:26:14 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-02-14 21:26:14 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-02-14 21:26:14 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-14 21:26:13 ----A---- C:\WINDOWS\system32\twinui.dll
2018-02-14 21:26:13 ----A---- C:\WINDOWS\system32\sppsvc.exe
2018-02-14 21:26:13 ----A---- C:\WINDOWS\system32\comdlg32.dll
2018-02-14 21:26:12 ----A---- C:\WINDOWS\system32\wow64.dll
2018-02-14 21:26:12 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-14 21:26:12 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-02-14 21:26:11 ----A---- C:\WINDOWS\system32\shell32.dll
2018-02-14 21:26:11 ----A---- C:\WINDOWS\explorer.exe
2018-02-14 21:26:10 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-02-14 21:26:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-14 21:26:09 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-02-14 21:26:09 ----A---- C:\WINDOWS\system32\mfps.dll
2018-02-14 21:26:08 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-14 21:26:04 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2018-02-14 21:26:04 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-02-14 21:26:03 ----A---- C:\WINDOWS\system32\usocore.dll
2018-02-14 21:26:01 ----A---- C:\WINDOWS\system32\vac.exe
2018-02-14 21:25:59 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2018-02-14 21:25:59 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2018-02-14 21:25:59 ----A---- C:\WINDOWS\system32\SRH.dll
2018-02-14 21:25:59 ----A---- C:\WINDOWS\system32\cldapi.dll
2018-02-14 21:25:59 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-14 21:25:59 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-14 21:25:59 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-14 21:25:57 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-14 21:25:57 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-14 21:25:56 ----A---- C:\WINDOWS\system32\winresume.exe
2018-02-14 21:25:56 ----A---- C:\WINDOWS\system32\winload.exe
2018-02-14 21:25:56 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-02-14 21:25:55 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-02-14 21:25:55 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2018-02-14 21:25:55 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2018-02-14 21:25:55 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-02-14 21:25:55 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-14 21:25:55 ----A---- C:\WINDOWS\system32\ci.dll
2018-02-14 21:25:55 ----A---- C:\WINDOWS\system32\AudioEng.dll
2018-02-14 21:25:54 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-14 21:25:54 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-02-14 21:25:54 ----A---- C:\WINDOWS\system32\devinv.dll
2018-02-14 21:25:54 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-14 21:25:54 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-02-14 21:25:54 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-02-14 21:25:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-14 21:25:51 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-02-14 21:25:51 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2018-02-14 21:25:51 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2018-02-14 21:25:51 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-14 21:25:51 ----A---- C:\WINDOWS\system32\sppobjs.dll
2018-02-14 21:25:51 ----A---- C:\WINDOWS\system32\InstallService.dll
2018-02-14 21:25:50 ----A---- C:\WINDOWS\system32\wimserv.exe
2018-02-14 21:25:50 ----A---- C:\WINDOWS\system32\wimgapi.dll
2018-02-14 21:25:50 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-14 21:25:50 ----A---- C:\WINDOWS\system32\efscore.dll
2018-02-14 21:25:50 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-02-14 21:25:50 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-02-14 21:25:49 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2018-02-14 21:25:49 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-14 21:25:49 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-14 21:25:48 ----A---- C:\WINDOWS\system32\rtmpltfm.dll
2018-02-14 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2018-02-14 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2018-02-14 21:25:47 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-14 21:25:47 ----A---- C:\WINDOWS\system32\usercpl.dll
2018-02-14 21:25:47 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2018-02-14 21:25:46 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2018-02-14 21:25:46 ----A---- C:\WINDOWS\system32\tquery.dll
2018-02-14 21:25:46 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-02-14 21:25:46 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-02-14 21:25:46 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-02-14 21:25:46 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-02-14 21:25:45 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-02-14 21:25:45 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2018-02-14 21:25:45 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-14 21:25:45 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-14 21:25:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-02-14 21:25:44 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-02-14 21:25:44 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2018-02-14 21:25:44 ----A---- C:\WINDOWS\SYSWOW64\rtmpltfm.dll
2018-02-14 21:25:44 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2018-02-14 21:25:44 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-14 21:25:43 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2018-02-14 21:25:43 ----A---- C:\WINDOWS\system32\Wpc.dll
2018-02-14 21:25:43 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-14 21:25:43 ----A---- C:\WINDOWS\system32\sppwinob.dll
2018-02-14 21:25:43 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2018-02-14 21:25:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2018-02-14 21:25:42 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2018-02-14 21:25:42 ----A---- C:\WINDOWS\system32\FSClient.dll
2018-02-14 21:25:41 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-02-14 21:25:41 ----A---- C:\WINDOWS\system32\wpncore.dll
2018-02-14 21:25:41 ----A---- C:\WINDOWS\system32\mmc.exe
2018-02-14 21:25:41 ----A---- C:\WINDOWS\system32\mf.dll
2018-02-14 21:25:41 ----A---- C:\WINDOWS\system32\D3D12.dll
2018-02-14 21:25:41 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\system32\WpcMon.exe
2018-02-14 21:25:40 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\system32\VSSVC.exe
2018-02-14 21:25:40 ----A---- C:\WINDOWS\system32\rtmpal.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\system32\invagent.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-02-14 21:25:40 ----A---- C:\WINDOWS\system32\aepic.dll
2018-02-14 21:25:39 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-02-14 21:25:39 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2018-02-14 21:25:39 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-02-14 21:25:39 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-14 21:25:39 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-14 21:25:39 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-02-14 21:25:39 ----A---- C:\WINDOWS\system32\FntCache.dll
2018-02-14 21:25:38 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2018-02-14 21:25:38 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-02-14 21:25:38 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2018-02-14 21:25:38 ----A---- C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-14 21:25:37 ----A---- C:\WINDOWS\SYSWOW64\mmcndmgr.dll
2018-02-14 21:25:37 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-02-14 21:25:37 ----A---- C:\WINDOWS\system32\authui.dll
2018-02-14 21:25:37 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-02-14 21:25:36 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2018-02-14 21:25:36 ----A---- C:\WINDOWS\SYSWOW64\mmc.exe
2018-02-14 21:25:36 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2018-02-14 21:25:36 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-14 21:25:36 ----A---- C:\WINDOWS\system32\shutdownux.dll
2018-02-14 21:25:36 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-02-14 21:25:36 ----A---- C:\WINDOWS\system32\rtmcodecs.dll
2018-02-14 21:25:36 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-14 21:25:36 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2018-02-14 21:25:35 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2018-02-14 21:25:35 ----A---- C:\WINDOWS\SYSWOW64\rtmpal.dll
2018-02-14 21:25:35 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-02-14 21:25:35 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-14 21:25:35 ----A---- C:\WINDOWS\system32\Windows.Payments.dll
2018-02-14 21:25:35 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-02-14 21:25:35 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-14 21:25:35 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-02-14 21:25:35 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-14 21:25:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2018-02-14 21:25:34 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-02-14 21:25:34 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2018-02-14 21:25:34 ----A---- C:\WINDOWS\system32\setupapi.dll
2018-02-14 21:25:34 ----A---- C:\WINDOWS\system32\policymanager.dll
2018-02-14 21:25:34 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-14 21:25:34 ----A---- C:\WINDOWS\system32\localspl.dll
2018-02-14 21:25:34 ----A---- C:\WINDOWS\system32\efswrt.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-02-14 21:25:33 ----A---- C:\WINDOWS\SYSWOW64\rtmcodecs.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeManagerObj.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\system32\uDWM.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\system32\rasdlg.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\system32\mspaint.exe
2018-02-14 21:25:33 ----A---- C:\WINDOWS\system32\lsm.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-14 21:25:33 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2018-02-14 21:25:32 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-02-14 21:25:32 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2018-02-14 21:25:32 ----A---- C:\WINDOWS\system32\winbrand.dll
2018-02-14 21:25:32 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-14 21:25:32 ----A---- C:\WINDOWS\system32\SettingSync.dll
2018-02-14 21:25:32 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-14 21:25:32 ----A---- C:\WINDOWS\system32\Magnify.exe
2018-02-14 21:25:32 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-02-14 21:25:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-02-14 21:25:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Payments.dll
2018-02-14 21:25:31 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2018-02-14 21:25:31 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2018-02-14 21:25:31 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 21:25:31 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 21:25:31 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-14 21:25:31 ----A---- C:\WINDOWS\system32\webio.dll
2018-02-14 21:25:31 ----A---- C:\WINDOWS\system32\vssapi.dll
2018-02-14 21:25:31 ----A---- C:\WINDOWS\system32\FrameServer.dll
2018-02-14 21:25:31 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2018-02-14 21:25:31 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2018-02-14 21:25:30 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\srcore.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\rastls.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\FsIso.exe
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-02-14 21:25:30 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-02-14 21:25:29 ----A---- C:\WINDOWS\SYSWOW64\WMVXENCD.DLL
2018-02-14 21:25:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2018-02-14 21:25:29 ----A---- C:\WINDOWS\SYSWOW64\sppcomapi.dll
2018-02-14 21:25:29 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2018-02-14 21:25:29 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-14 21:25:29 ----A---- C:\WINDOWS\system32\wldp.dll
2018-02-14 21:25:29 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-02-14 21:25:29 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-14 21:25:29 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-14 21:25:29 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-14 21:25:29 ----A---- C:\WINDOWS\system32\rasgcw.dll
2018-02-14 21:25:29 ----A---- C:\WINDOWS\system32\gameux.dll
2018-02-14 21:25:29 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-02-14 21:25:29 ----A---- C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-14 21:25:28 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-02-14 21:25:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2018-02-14 21:25:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 21:25:28 ----A---- C:\WINDOWS\SYSWOW64\ortcengine.dll
2018-02-14 21:25:28 ----A---- C:\WINDOWS\SYSWOW64\Magnify.exe
2018-02-14 21:25:28 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-02-14 21:25:28 ----A---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-14 21:25:28 ----A---- C:\WINDOWS\system32\ortcengine.dll
2018-02-14 21:25:28 ----A---- C:\WINDOWS\system32\edputil.dll
2018-02-14 21:25:28 ----A---- C:\WINDOWS\system32\aclui.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\vssapi.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\rtmmvrortc.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\edputil.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\DeviceReactivation.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2018-02-14 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2018-02-14 21:25:27 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-14 21:25:27 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\system32\twinapi.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\system32\sud.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-02-14 21:25:27 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\WMVSENCD.DLL
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\WebClnt.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\themecpl.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\srchadmin.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\shsetup.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\netlogon.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\mmcbase.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\hgcpl.dll
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2018-02-14 21:25:26 ----A---- C:\WINDOWS\system32\davclnt.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\SYSWOW64\shsetup.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\SYSWOW64\setup16.exe
2018-02-14 21:25:25 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\themeui.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\stobject.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\netplwiz.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\ListSvc.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\FontProvider.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\bootux.dll
2018-02-14 21:25:25 ----A---- C:\WINDOWS\system32\authz.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\sendmail.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\regsvr32.exe
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\mmcbase.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\EnterpriseAppMgmtClient.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\twext.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\rshx32.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\regsvr32.exe
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\ntshrui.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\LockScreenContent.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\fontext.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\dsreg.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2018-02-14 21:25:24 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\user.exe
2018-02-14 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\srchadmin.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeHelper.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\system32\wups2.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\system32\winsrv.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\system32\winsku.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\system32\virtdisk.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\system32\tzres.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\system32\rstrui.exe
2018-02-14 21:25:23 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2018-02-14 21:25:23 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2018-02-11 22:26:04 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2018-02-05 10:24:22 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_5.dll
2018-02-05 10:24:22 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_5.dll
2018-02-05 10:24:22 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2018-02-05 10:24:22 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2018-02-05 10:24:21 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_42.dll
2018-02-05 10:24:21 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2018-02-05 10:24:20 ----A---- C:\WINDOWS\SYSWOW64\d3dcsx_42.dll
2018-02-05 10:24:20 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2018-02-05 10:24:19 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_42.dll
2018-02-05 10:24:19 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_42.dll
2018-02-05 10:24:19 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2018-02-05 10:24:19 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2018-02-05 10:24:18 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_42.dll
2018-02-05 10:24:18 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2018-02-05 10:24:17 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_41.dll
2018-02-05 10:24:17 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_41.dll
2018-02-05 10:24:17 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2018-02-05 10:24:17 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2018-02-05 10:24:16 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2018-02-05 10:24:15 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_4.dll
2018-02-05 10:24:15 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_3.dll
2018-02-05 10:24:15 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2018-02-05 10:24:15 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2018-02-05 10:24:14 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_4.dll
2018-02-05 10:24:14 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_6.dll
2018-02-05 10:24:14 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2018-02-05 10:24:14 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2018-02-05 10:24:13 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_40.dll
2018-02-05 10:24:13 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_40.dll
2018-02-05 10:24:13 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2018-02-05 10:24:13 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2018-02-05 10:24:11 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_3.dll
2018-02-05 10:24:11 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_2.dll
2018-02-05 10:24:11 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_40.dll
2018-02-05 10:24:11 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2018-02-05 10:24:11 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2018-02-05 10:24:11 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2018-02-05 10:24:10 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_2.dll
2018-02-05 10:24:10 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_1.dll
2018-02-05 10:24:10 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_3.dll
2018-02-05 10:24:10 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_5.dll
2018-02-05 10:24:10 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2018-02-05 10:24:10 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2018-02-05 10:24:10 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2018-02-05 10:24:10 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2018-02-05 10:24:09 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_2.dll
2018-02-05 10:24:09 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2018-02-05 10:24:08 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2018-02-05 10:24:08 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2018-02-05 10:24:07 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2018-02-05 10:24:06 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_1.dll
2018-02-05 10:24:06 ----A---- C:\WINDOWS\SYSWOW64\XAPOFX1_0.dll
2018-02-05 10:24:06 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_1.dll
2018-02-05 10:24:06 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2018-02-05 10:24:06 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2018-02-05 10:24:06 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2018-02-05 10:24:05 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_4.dll
2018-02-05 10:24:05 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_38.dll
2018-02-05 10:24:05 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_38.dll
2018-02-05 10:24:05 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2018-02-05 10:24:05 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2018-02-05 10:24:05 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2018-02-05 10:24:04 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_38.dll
2018-02-05 10:24:04 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2018-02-05 10:24:03 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_0.dll
2018-02-05 10:24:03 ----A---- C:\WINDOWS\SYSWOW64\xactengine3_0.dll
2018-02-05 10:24:03 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_3.dll
2018-02-05 10:24:03 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2018-02-05 10:24:03 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2018-02-05 10:24:03 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2018-02-05 10:24:02 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_37.dll
2018-02-05 10:24:02 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_37.dll
2018-02-05 10:24:02 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2018-02-05 10:24:02 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2018-02-05 10:24:00 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_10.dll
2018-02-05 10:24:00 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_37.dll
2018-02-05 10:24:00 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2018-02-05 10:24:00 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2018-02-05 10:23:59 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_36.dll
2018-02-05 10:23:59 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_36.dll
2018-02-05 10:23:59 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2018-02-05 10:23:59 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2018-02-05 10:23:57 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_9.dll
2018-02-05 10:23:57 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_36.dll
2018-02-05 10:23:57 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2018-02-05 10:23:57 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2018-02-05 10:23:56 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_35.dll
2018-02-05 10:23:56 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_35.dll
2018-02-05 10:23:56 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2018-02-05 10:23:56 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2018-02-05 10:23:55 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_35.dll
2018-02-05 10:23:55 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2018-02-05 10:23:54 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_8.dll
2018-02-05 10:23:54 ----A---- C:\WINDOWS\SYSWOW64\X3DAudio1_2.dll
2018-02-05 10:23:54 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2018-02-05 10:23:54 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2018-02-05 10:23:53 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_34.dll
2018-02-05 10:23:53 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_34.dll
2018-02-05 10:23:53 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2018-02-05 10:23:53 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2018-02-05 10:23:52 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_34.dll
2018-02-05 10:23:52 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2018-02-05 10:23:52 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2018-02-05 10:23:51 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_7.dll
2018-02-05 10:23:51 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_33.dll
2018-02-05 10:23:51 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_33.dll
2018-02-05 10:23:51 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2018-02-05 10:23:51 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2018-02-05 10:23:51 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2018-02-05 10:23:49 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2018-02-05 10:23:48 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_6.dll
2018-02-05 10:23:48 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_5.dll
2018-02-05 10:23:48 ----A---- C:\WINDOWS\SYSWOW64\d3dx10.dll
2018-02-05 10:23:48 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2018-02-05 10:23:48 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2018-02-05 10:23:48 ----A---- C:\WINDOWS\system32\d3dx10.dll
2018-02-05 10:23:46 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_4.dll
2018-02-05 10:23:46 ----A---- C:\WINDOWS\SYSWOW64\x3daudio1_1.dll
2018-02-05 10:23:46 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_32.dll
2018-02-05 10:23:46 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2018-02-05 10:23:46 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2018-02-05 10:23:46 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2018-02-05 10:23:44 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_3.dll
2018-02-05 10:23:44 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_31.dll
2018-02-05 10:23:44 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2018-02-05 10:23:44 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2018-02-05 10:23:43 ----A---- C:\WINDOWS\SYSWOW64\xinput1_2.dll
2018-02-05 10:23:43 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_2.dll
2018-02-05 10:23:43 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2018-02-05 10:23:43 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2018-02-05 10:23:35 ----A---- C:\WINDOWS\SYSWOW64\xactengine2_0.dll
2018-02-05 10:23:35 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2018-02-05 10:23:34 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_29.dll
2018-02-05 10:23:34 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2018-02-05 10:23:33 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_28.dll
2018-02-05 10:23:33 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2018-02-05 10:23:32 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_27.dll
2018-02-05 10:23:32 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2018-02-05 10:23:31 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_26.dll
2018-02-05 10:23:31 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2018-02-05 10:23:30 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_25.dll
2018-02-05 10:23:30 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2018-02-05 10:23:29 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_24.dll
2018-02-05 10:23:29 ----A---- C:\WINDOWS\system32\d3dx9_24.dll

======List of files/folders modified in the last 1 month======

2018-02-26 21:09:04 ----D---- C:\WINDOWS\Prefetch
2018-02-26 21:09:01 ----RD---- C:\Program Files
2018-02-26 21:08:21 ----D---- C:\WINDOWS\Temp
2018-02-26 21:08:02 ----D---- C:\WINDOWS\system32\sru
2018-02-26 18:49:48 ----D---- C:\WINDOWS\system32\SleepStudy
2018-02-26 18:09:02 ----HD---- C:\Program Files\WindowsApps
2018-02-26 18:09:00 ----D---- C:\WINDOWS\AppReadiness
2018-02-26 18:08:42 ----D---- C:\WINDOWS\DeliveryOptimization
2018-02-26 18:06:45 ----D---- C:\Program Files (x86)\Steam
2018-02-21 21:04:38 ----D---- C:\WINDOWS\system32\config
2018-02-21 20:30:00 ----D---- C:\Users\Martin\AppData\Roaming\Spotify
2018-02-21 20:13:21 ----D---- C:\WINDOWS\system32\DriverStore
2018-02-21 20:13:19 ----D---- C:\WINDOWS\WinSxS
2018-02-21 20:13:19 ----D---- C:\WINDOWS\INF
2018-02-21 18:00:01 ----D---- C:\WINDOWS\system32\LogFiles
2018-02-21 17:28:56 ----D---- C:\WINDOWS\Logs
2018-02-21 16:16:28 ----RD---- C:\WINDOWS\Microsoft.NET
2018-02-17 14:05:19 ----HD---- C:\ProgramData
2018-02-17 14:01:14 ----D---- C:\ProgramData\Battle.net
2018-02-16 17:23:33 ----D---- C:\WINDOWS\SoftwareDistribution
2018-02-16 17:23:33 ----D---- C:\Windows
2018-02-16 17:05:31 ----D---- C:\WINDOWS\system32\Tasks
2018-02-16 16:57:21 ----SHD---- C:\WINDOWS\Installer
2018-02-16 16:57:21 ----D---- C:\WINDOWS\SysWOW64
2018-02-16 16:57:18 ----D---- C:\ProgramData\Package Cache
2018-02-16 16:57:16 ----D---- C:\WINDOWS\System32
2018-02-16 15:20:36 ----RSD---- C:\WINDOWS\assembly
2018-02-16 14:38:37 ----D---- C:\WINDOWS\debug
2018-02-16 13:24:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-16 13:16:36 ----D---- C:\WINDOWS\system32\drivers
2018-02-15 14:19:09 ----D---- C:\WINDOWS\rescache
2018-02-14 22:13:31 ----D---- C:\WINDOWS\system32\catroot2
2018-02-14 22:11:57 ----D---- C:\WINDOWS\TextInput
2018-02-14 22:11:57 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-02-14 22:11:57 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-02-14 22:11:32 ----D---- C:\WINDOWS\system32\wbem
2018-02-14 22:11:31 ----D---- C:\WINDOWS\system32\oobe
2018-02-14 22:11:31 ----D---- C:\WINDOWS\system32\migration
2018-02-14 22:11:30 ----D---- C:\WINDOWS\system32\Boot
2018-02-14 22:11:30 ----D---- C:\WINDOWS\system32\appraiser
2018-02-14 22:11:05 ----D---- C:\WINDOWS\ShellExperiences
2018-02-14 22:10:55 ----D---- C:\WINDOWS\bcastdvr
2018-02-14 22:10:55 ----D---- C:\WINDOWS\apppatch
2018-02-14 22:10:35 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-02-14 21:33:38 ----D---- C:\WINDOWS\CbsTemp
2018-02-13 20:09:58 ----D---- C:\WINDOWS\system32\MRT
2018-02-13 20:03:01 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-13 20:02:54 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-02-11 23:00:19 ----D---- C:\Program Files (x86)\Common Files
2018-02-06 03:49:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-01-08 199448]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-01-08 343768]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-01-08 57696]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-02-16 84368]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-02-16 379448]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-02-16 192944]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-01-08 321512]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-02-16 190440]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-02-16 110328]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-02-16 1026696]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-02-16 459952]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-02-16 146648]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-02-16 205464]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-09-29 79872]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-16 21648880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-16 674288]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2017-09-29 4233728]
R3 AtiHDAudioService;@oem5.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-04-18 110096]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-23 4598528]
R3 MEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-01-19 202032]
R3 RSPCIESTOR;@oem1.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2015-09-04 384760]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-09-29 604160]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-09-21 51392]
R3 SynTP;@oem6.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-09-21 627392]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-10-25 45464]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-02-16 46968]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-09-29 191488]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2017-09-29 46592]
S3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Microsoft Bluetooth Protocol Support Driver; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2018-02-10 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
S3 tap0901;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2017-08-30 27136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-16 255472]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-02-16 300600]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_5c2be81;Connected Devices Platform User Service_5c2be81; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 OneSyncSvc_5c2be81;Sync Host_5c2be81; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; E:\Inštalácia programov\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; E:\Inštalácia programov\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-02-10 519144]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-09-21 255168]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-02-16 7564512]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_5c2be81;Kontaktné údaje_5c2be81; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-29 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-02-11 6971400]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_5c2be81;DevicesFlow_5c2be81; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2017-01-03 1369856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-11-20 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_5c2be81;MessagingService_5c2be81; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-13 194000]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_5c2be81;PrintWorkflow_5c2be81; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Odinstaluj Spybot - Search & Destroy, tento program je uz zastaraly.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Martin1
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 18 zář 2016 13:35

Re: Prosím o kontrolu

#3 Příspěvek od Martin1 »

Tu je ten log z Adwcleaneru,

# AdwCleaner 7.0.8.0 - Logfile created on Tue Feb 27 15:04:41 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2018/2/27 15:4:16]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Martin1
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 18 zář 2016 13:35

Re: Prosím o kontrolu

#5 Příspěvek od Martin1 »

V prílohe posielam FRST a Addition log.
Přílohy
FRST + Addition.rar
(21.22 KiB) Staženo 70 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#6 Příspěvek od Conder »

:arrow: Zapni obnovu systemu
  • Stlac Win+R, napis "sysdm.cpl" (bez uvodzoviek) a stlac enter
  • Klikni na kartu Ochrana systemu a potom na Konfigurovat
  • Vyber moznost Zapnut ochranu systemu a klikni na OK
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    HKU\S-1-5-21-3658169146-2647879922-1068650298-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-3658169146-2647879922-1068650298-1001\...\Policies\Explorer: [] 
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> [CC]{2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} =>  -> No File
    Task: {BFB46B8B-93C0-43E6-B658-8D82F0FD3869} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
    DeleteKey: HKU\S-1-5-21-3658169146-2647879922-1068650298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Martin1
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 18 zář 2016 13:35

Re: Prosím o kontrolu

#7 Příspěvek od Martin1 »

Fix prebehol v poriadku, tu je log.

Fix result of Farbar Recovery Scan Tool (x64) Version: 28.02.2018
Ran by Martin (28-02-2018 22:11:40) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: defaultuser0 & Martin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3658169146-2647879922-1068650298-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658169146-2647879922-1068650298-1001\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> [CC]{2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => -> No File
Task: {BFB46B8B-93C0-43E6-B658-8D82F0FD3869} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]
DeleteKey: HKU\S-1-5-21-3658169146-2647879922-1068650298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-3658169146-2647879922-1068650298-1001\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => removed successfully
"HKU\S-1-5-21-3658169146-2647879922-1068650298-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => key not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AcShellExtension.AcContextMenuHandler" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFB46B8B-93C0-43E6-B658-8D82F0FD3869} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFB46B8B-93C0-43E6-B658-8D82F0FD3869} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove key. ErrorCode1: 0x00000001
C:\Users\Public\AppData => ":CSM" ADS removed successfully
"HKU\S-1-5-21-3658169146-2647879922-1068650298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28857557 B
Java, Flash, Steam htmlcache => 410826308 B
Windows/system/drivers => 345 B
Edge => 14336 B
Chrome => 0 B
Firefox => 27263315 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
defaultuser0 => 6656 B
Martin => 15932681 B

RecycleBin => 130394010 B
EmptyTemp: => 591.9 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 28-02-2018 22:17:34)


Result of scheduled keys to remove after reboot:

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFB46B8B-93C0-43E6-B658-8D82F0FD3869}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFB46B8B-93C0-43E6-B658-8D82F0FD3869}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key removed successfully

==== End of Fixlog 22:17:35 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#8 Příspěvek od Conder »

:arrow: Skontroluj velkost plochy (C:\Users\Martin\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

:arrow: Vyzera to OK. Ak uz nie su ziadne problemy s PC, tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Martin1
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 18 zář 2016 13:35

Re: Prosím o kontrolu

#9 Příspěvek od Martin1 »

Všetko prebehlo v poriadku, ďakujem za pomoc.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#10 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno