Kontrola logu

[frantisek.sitner]

Dobrý den, chtěl bych vás poprosit o kontrolu logu. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by sitnefr1-locadm at 2018-03-02 20:07:00
Microsoft Windows 10 Pro
System drive C: has 129 GB (57%) free of 226 GB
Total RAM: 8071 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:07:09, on 02.03.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Franta\AppData\Local\JetBrains\Toolbox\bin\jetbrains-toolbox.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Franta\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\WindowsApps\9E2F88E3.Twitter_5.8.1.0_x86__wgeqdkkx372wm\Twitter.Windows.exe
C:\Program Files\WindowsApps\Facebook.Facebook_140.1268.45465.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
C:\Program Files\trend micro\sitnefr1-locadm.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPNotifications] C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe
O4 - HKLM\..\Run: [HPRadioMgr] C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\RunOnce: [{8060a69f-ee27-444b-b126-775f861232ea}] "C:\ProgramData\Package Cache\{8060a69f-ee27-444b-b126-775f861232ea}\Setup.exe" /burn.log.append "C:\WINDOWS\TEMP\Intel®_PROSet_Wireless_Software_20180113124300.log" /quiet -wumode /burn.runonce
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [SideSync] C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
O4 - HKCU\..\Run: [Docker for Windows] C:\Program Files\Docker\Docker\Docker for Windows.exe
O4 - HKCU\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2830779331-3592222151-1840298108-1006\..\Run: [com.squirrel.slack.slack] "C:\Users\Franta\AppData\Local\slack\Update.exe" --processStart "slack.exe" --process-start-args "--startup" (User 'Franta')
O4 - HKUS\S-1-5-21-2830779331-3592222151-1840298108-1006\..\Run: [Spotify] C:\Users\Franta\AppData\Roaming\Spotify\Spotify.exe --autostart (User 'Franta')
O4 - HKUS\S-1-5-21-2830779331-3592222151-1840298108-1006\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart (User 'Franta')
O4 - HKUS\S-1-5-21-2830779331-3592222151-1840298108-1006\..\Run: [Spotify Web Helper] C:\Users\Franta\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart (User 'Franta')
O4 - Global Startup: vpngui.exe.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lan.cortex.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lan.cortex.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = cortex.cz,lan.cortex.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = cortex.cz,lan.cortex.cz
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem34.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service (ApHidMonitorService) - Alps Electric Co., Ltd. - C:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
O23 - Service: Docker for Windows Service (com.docker.service) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: CxMonSvc - Conexant Systems, Inc - C:\WINDOWS\CxSvc\CxMonSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\WINDOWS\CxSvc\CxUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
O23 - Service: @oem62.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Unknown owner - C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP Hotkey Service - HP - C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
O23 - Service: HP MAC Address Manager Service (HPMAMSrv) - HP - C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - HP - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @oem104.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LAN/WLAN Switching Service (LanWlanSwitchingService) - HP - C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Thunderbolt(TM) Service (ThunderboltService) - Intel Corporation - c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmcompute.exe,-100 (vmcompute) - Unknown owner - C:\WINDOWS\system32\vmcompute.exe (file missing)
O23 - Service: @%systemroot%\system32\vmms.exe,-10 (vmms) - Unknown owner - C:\WINDOWS\system32\vmms.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom ISD Service (WTabletServiceISD) - Wacom Technology, Corp. - C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 13942 bytes

======Listing Processes======









winlogon.exe
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k networkservice -s TermService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s HvHost
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservice -s W32Time
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s UmRdpService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder

c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-cf236e5e-0a2c-44ff-9f00-9c830fc4d56b -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a9726d94-681f-4497-90fc-cd7a57368eb9 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-37ad314b-075b-454c-9e84-ea722429d980 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f9bf5f2a-16d5-47e1-93ba-1663eb88a4ef -LifetimeId:92f4cd3b-9555-4c0b-a38f-85bd5e351f81 -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -p -s SessionEnv
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
"C:\Program Files\Tablet\ISD\WTabletServiceISD.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-bc04edf5-7360-4ed1-a93b-090e94f3f08d -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1abfffd6-3330-4cc8-aaa6-e0a80b171a17 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b80f50fc-d670-47c6-86dc-75f40a0a15e5 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b828b6ba-4e7a-4306-9369-dd50189b1a37 -LifetimeId:2aee7413-8f09-4a6c-8b4d-c49fd7d5a637 -DeviceGroupId:
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SensrSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe" -service
"C:\Program Files\Docker\Docker\com.docker.service"
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\WINDOWS\CxSvc\CxMonSvc.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\WINDOWS\CxSvc\CxUtilSvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe
"C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe"
"C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe"
C:\WINDOWS\system32\ibtsiva
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\vmms.exe
dashost.exe {a063a03f-c3ba-4627-9ca96818eaf0e1e5}
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
"C:\Program Files (x86)\HP\Shared\hpqwmiex.exe"
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vmcompute.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s hns
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -p -s SharedAccess
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
"C:\Program Files\Alps\GlidePoint\Apntex.exe"
Apoint.exe
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe"
"C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\MicTray64.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files\Alps\GlidePoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxEM.exe"
"C:\Program Files\Alps\GlidePoint\HidFind.exe"
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.0.5.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe" -ServerName:App.AppX495fygk72hjw82j58ny5h3nr8hpsd8vs.mca
"C:\Program Files\Tablet\ISD\ISD_TabletUser.exe"
"C:\Program Files\Tablet\ISD\WacomHost.exe" "C:\Program Files\Tablet\ISD\ISD_Tablet.exe" au
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Tablet\ISD\ISD_Tablet.exe" au
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
/QuitInfo:000000000000024C;000000000000025C;
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
/loadhooks /Parent:0000000000002648
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Conexant\SA3\HP-NB-AIO\SmartAudio3.exe" /sa3 /cadr /nv:3.0+ /uid:HP-NB-AIO /s /dne
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide /waitservice
"C:\Users\Franta\AppData\Local\slack\app-3.0.5\slack.exe" --startup
"C:\Users\Franta\AppData\Local\JetBrains\Toolbox\bin\jetbrains-toolbox.exe" --minimize
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Franta\AppData\Local\slack\app-3.0.5\slack.exe" --type=gpu-process --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,20,24,43,63,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x5916 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=22.20.16.4771 --gpu-driver-date=8-13-2017 --service-request-channel-token=879E2A867CCC2CF12AC49DD7A5E5E4B9 --mojo-platform-channel-handle=1688 /prefetch:2
C:\Users\Franta\AppData\Local\slack\app-3.0.5\slack.exe --reporter-url=https://slack.com/apps/breakpad?instanc ... annel=prod --application-name=Slack "--crashes-directory=C:\Users\Franta\AppData\Roaming\Slack\temp\Slack Crashes" --v=1
"C:\Users\Franta\AppData\Local\slack\app-3.0.5\slack.exe" --type=renderer --disable-pinch --no-sandbox --primordial-pipe-token=970A609A6CD71FC1F21F1CEB221CF6C4 --lang=cs --standard-schemes=slack-resources,slack-sounds,slack-webapp-dev --app-user-model-id=com.squirrel.slack.slack --app-path="C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar" --node-integration=true --webview-tag=true --no-sandbox --preload="C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar\src\static\index.js" --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=970A609A6CD71FC1F21F1CEB221CF6C4 --renderer-client-id=8 --mojo-platform-channel-handle=2300 /prefetch:1
"C:\Users\Franta\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe"
"C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe"
"C:\Users\Franta\AppData\Local\slack\app-3.0.5\slack.exe" --type=renderer --disable-pinch --no-sandbox --primordial-pipe-token=F00021E956C1F21A802D0227D1ABA2B5 --lang=cs --standard-schemes=slack-resources,slack-sounds,slack-webapp-dev --app-user-model-id=com.squirrel.slack.slack --app-path="C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar" --enable-experimental-web-platform-features --node-integration=false --webview-tag=false --no-sandbox --preload="C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar\src\static\ssb-interop.js" --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=F00021E956C1F21A802D0227D1ABA2B5 --renderer-client-id=9 --mojo-platform-channel-handle=3872 /prefetch:1
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Conexant\Flow\Flow.exe" /sa3 /uid:FLOW /delay:30
"C:\Program Files\HPCommRecovery\HPCommRecovery.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.21675.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.21675.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\9E2F88E3.Twitter_5.8.1.0_x86__wgeqdkkx372wm\Twitter.Windows.exe" -ServerName:x554f661dyd360y462cy8743yf8a99b7d41dbx.AppX6ks60wd4jgx5v0qxmfeghrzez8gaev27.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Facebook.Facebook_140.1268.45465.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe" -ServerName:App.AppXeh7z49cqrvacqjcq0cdjmqt7arbvjen7.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.21675.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe" -ServerName:microsoft.windowslive.calendar.AppXg9pag83k0brz0hvt3yj6hxda2h2y7w14.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\Windows\System32\smartscreen.exe -Embedding

"C:\Program Files\Opera\51.0.2830.34\opera.exe" --ran-launcher --started-from-shortcut
"C:\Program Files\Opera\51.0.2830.34\opera_crashreporter.exe" --ran-launcher --started-from-shortcut --crash-reporter-parent-id=9356
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=gpu-process --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --gpu-vendor-id=0x8086 --gpu-device-id=0x5916 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=22.20.16.4771 --gpu-driver-date=8-13-2017 --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --service-request-channel-token=6889AC6BD736A9CAE7FB46C9B96147B1 --mojo-platform-channel-handle=1860 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=renderer --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --service-pipe-token=65B9A0EBE9E9F9E4FE738B1415738976 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=65B9A0EBE9E9F9E4FE738B1415738976 --renderer-client-id=3 --mojo-platform-channel-handle=3308 /prefetch:1
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=renderer --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --service-pipe-token=DC07BDDCFA6358AA4B589C8120C2A7FC --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=DC07BDDCFA6358AA4B589C8120C2A7FC --renderer-client-id=8 --mojo-platform-channel-handle=3560 /prefetch:1
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=renderer --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --service-pipe-token=3A23F557471273FE8D0CC9979EFA44AA --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=3A23F557471273FE8D0CC9979EFA44AA --renderer-client-id=10 --mojo-platform-channel-handle=4916 /prefetch:1
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=renderer --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --service-pipe-token=D8ACD13F072DC454288F2B36E7DC3C95 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=D8ACD13F072DC454288F2B36E7DC3C95 --renderer-client-id=12 --mojo-platform-channel-handle=5548 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=renderer --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --service-pipe-token=4B62FF79CEF7A1EACDDFACF6797375BE --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=4B62FF79CEF7A1EACDDFACF6797375BE --renderer-client-id=15 --mojo-platform-channel-handle=8180 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 740 744 752 8192 748
C:\WINDOWS\system32\AUDIODG.EXE 0x564
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Franta\Downloads\RSITx64.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

======Scheduled tasks folder======

C:\WINDOWS\tasks\HPCeeScheduleForFranta.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForFranta (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-26 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-26 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-10-12 440680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-10-12 416104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RtsCM"=C:\WINDOWS\RTSCM64.EXE [2017-09-17 225280]
"egui"=C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [2012-07-04 4133072]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"CxProper"=C:\Program Files\Conexant\SSPConfig\CxProper.exe [2016-05-03 1763328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2017-09-29 20488312]
"SideSync"=C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [2017-10-26 12477600]
"Docker for Windows"=C:\Program Files\Docker\Docker\Docker for Windows.exe [2018-01-14 1815512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WAB Migrate"=C:\Program Files\Windows Mail\wab.exe [2017-09-29 519680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPNotifications"=C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [2016-10-07 1396544]
"HPRadioMgr"=C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [2016-08-02 324488]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"{8060a69f-ee27-444b-b126-775f861232ea}"=C:\ProgramData\Package Cache\{8060a69f-ee27-444b-b126-775f861232ea}\Setup.exe [2018-01-13 1668128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\WINDOWS\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=HPPwdFilter
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-03-02 20:07:00 ----D---- C:\rsit
2018-03-02 20:07:00 ----D---- C:\Program Files\trend micro
2018-02-20 21:36:54 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2018-02-20 07:40:21 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2018-02-20 07:40:15 ----D---- C:\ProgramData\Malwarebytes
2018-02-20 07:40:15 ----D---- C:\Program Files\Malwarebytes
2018-02-14 18:01:09 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-14 18:01:08 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-02-14 18:01:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-02-14 18:01:06 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-02-14 18:01:06 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-02-14 18:01:05 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-02-14 18:01:05 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-02-14 18:01:05 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-02-14 18:01:04 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-02-14 18:01:02 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-02-14 18:01:02 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-02-14 18:01:02 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-02-14 18:01:01 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-02-14 18:01:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-02-14 18:01:00 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\system32\audiosrv.dll
2018-02-14 18:00:58 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-02-14 18:00:58 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-02-14 18:00:58 ----A---- C:\WINDOWS\system32\hal.dll
2018-02-14 18:00:58 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-02-14 18:00:57 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2018-02-14 18:00:57 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-02-14 18:00:57 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2018-02-14 18:00:57 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2018-02-14 18:00:57 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-02-14 18:00:56 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-02-14 18:00:56 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-02-14 18:00:55 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-02-14 18:00:54 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-02-14 18:00:54 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-02-14 18:00:54 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-02-14 18:00:53 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-02-14 18:00:53 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2018-02-14 18:00:53 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2018-02-14 18:00:53 ----A---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-14 18:00:53 ----A---- C:\WINDOWS\system32\evr.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-02-14 18:00:52 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\system32\audiodg.exe
2018-02-14 18:00:51 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-02-14 18:00:51 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2018-02-14 18:00:51 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2018-02-14 18:00:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2018-02-14 18:00:50 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-02-14 18:00:50 ----A---- C:\WINDOWS\system32\winhttp.dll
2018-02-14 18:00:50 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-02-14 18:00:50 ----A---- C:\WINDOWS\system32\d3d11.dll
2018-02-14 18:00:49 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-14 18:00:49 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-02-14 18:00:48 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-02-14 18:00:48 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-02-14 18:00:47 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-02-14 18:00:47 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-02-14 18:00:45 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-02-14 18:00:44 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-02-14 18:00:44 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-02-14 18:00:43 ----A---- C:\WINDOWS\system32\jscript.dll
2018-02-14 18:00:42 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-02-14 18:00:42 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2018-02-14 18:00:42 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-02-14 18:00:41 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-02-14 18:00:41 ----A---- C:\WINDOWS\system32\AudioEng.dll
2018-02-14 18:00:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-02-14 18:00:40 ----A---- C:\WINDOWS\system32\mfsvr.dll
2018-02-14 18:00:40 ----A---- C:\WINDOWS\system32\actxprxy.dll
2018-02-14 18:00:39 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-02-14 18:00:39 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-02-14 18:00:39 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2018-02-14 18:00:39 ----A---- C:\WINDOWS\system32\dnsapi.dll
2018-02-14 18:00:38 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-02-14 18:00:38 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-02-14 18:00:38 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2018-02-14 18:00:37 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2018-02-14 18:00:37 ----A---- C:\WINDOWS\system32\AudioSes.dll
2018-02-14 18:00:36 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2018-02-14 18:00:36 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-02-14 18:00:36 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-02-14 18:00:35 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-02-14 18:00:35 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-02-14 18:00:35 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-02-14 18:00:35 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2018-02-14 18:00:34 ----A---- C:\WINDOWS\system32\wwansvc.dll
2018-02-14 18:00:34 ----A---- C:\WINDOWS\system32\wlansec.dll
2018-02-14 18:00:34 ----A---- C:\WINDOWS\system32\wininet.dll
2018-02-14 18:00:34 ----A---- C:\WINDOWS\system32\msIso.dll
2018-02-14 18:00:34 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-02-14 18:00:31 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-02-14 18:00:27 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-02-14 18:00:27 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-02-14 18:00:26 ----A---- C:\WINDOWS\system32\wmp.dll
2018-02-14 18:00:25 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-02-14 18:00:24 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-14 18:00:23 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-02-14 18:00:21 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-02-14 18:00:20 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2018-02-14 18:00:20 ----A---- C:\WINDOWS\system32\wuauclt.exe
2018-02-14 18:00:20 ----A---- C:\WINDOWS\system32\runexehelper.exe
2018-02-14 18:00:20 ----A---- C:\WINDOWS\system32\ISM.dll
2018-02-14 18:00:20 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-14 18:00:20 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-14 18:00:19 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-02-14 18:00:19 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2018-02-14 18:00:19 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-14 18:00:18 ----A---- C:\WINDOWS\system32\StartTileData.dll
2018-02-14 18:00:17 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-02-14 18:00:17 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2018-02-14 18:00:17 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2018-02-14 18:00:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2018-02-14 18:00:16 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2018-02-14 18:00:15 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-02-14 18:00:14 ----A---- C:\WINDOWS\system32\services.exe
2018-02-14 18:00:14 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-14 18:00:14 ----A---- C:\WINDOWS\system32\comdlg32.dll
2018-02-14 18:00:13 ----A---- C:\WINDOWS\system32\twinui.dll
2018-02-14 18:00:13 ----A---- C:\WINDOWS\system32\sppsvc.exe
2018-02-14 18:00:12 ----A---- C:\WINDOWS\system32\wow64.dll
2018-02-14 18:00:12 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-14 18:00:12 ----A---- C:\WINDOWS\system32\sspicli.dll
2018-02-14 18:00:12 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-02-14 18:00:11 ----A---- C:\WINDOWS\explorer.exe
2018-02-14 18:00:10 ----A---- C:\WINDOWS\system32\shell32.dll
2018-02-14 18:00:09 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-02-14 18:00:08 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-02-14 18:00:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-14 18:00:06 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-14 17:59:54 ----A---- C:\WINDOWS\system32\usocore.dll
2018-02-14 17:59:54 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2018-02-14 17:59:54 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-02-14 17:59:48 ----A---- C:\WINDOWS\system32\vac.exe
2018-02-14 17:59:45 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2018-02-14 17:59:45 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2018-02-14 17:59:45 ----A---- C:\WINDOWS\system32\SRH.dll
2018-02-14 17:59:45 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-14 17:59:44 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-14 17:59:44 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-14 17:59:43 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-14 17:59:43 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-14 17:59:41 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-02-14 17:59:40 ----A---- C:\WINDOWS\system32\vmms.exe
2018-02-14 17:59:40 ----A---- C:\WINDOWS\system32\vmchipset.dll
2018-02-14 17:59:40 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-02-14 17:59:36 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-02-14 17:59:36 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2018-02-14 17:59:36 ----A---- C:\WINDOWS\system32\wimserv.exe
2018-02-14 17:59:36 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-02-14 17:59:36 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-02-14 17:59:35 ----A---- C:\WINDOWS\system32\wimgapi.dll
2018-02-14 17:59:35 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2018-02-14 17:59:35 ----A---- C:\WINDOWS\system32\reseteng.dll
2018-02-14 17:59:35 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-14 17:59:34 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2018-02-14 17:59:34 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-02-14 17:59:33 ----A---- C:\WINDOWS\system32\devinv.dll
2018-02-14 17:59:33 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-14 17:59:33 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-02-14 17:59:32 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-02-14 17:59:27 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-14 17:59:27 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2018-02-14 17:59:27 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2018-02-14 17:59:26 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2018-02-14 17:59:26 ----A---- C:\WINDOWS\system32\HostNetSvc.dll
2018-02-14 17:59:26 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2018-02-14 17:59:26 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-02-14 17:59:25 ----A---- C:\WINDOWS\system32\sppobjs.dll
2018-02-14 17:59:25 ----A---- C:\WINDOWS\system32\InstallService.dll
2018-02-14 17:59:24 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-02-14 17:59:24 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-02-14 17:59:23 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-02-14 17:59:23 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2018-02-14 17:59:22 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-02-14 17:59:22 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-02-14 17:59:20 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-02-14 17:59:20 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-02-14 17:59:20 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-02-14 17:59:20 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-14 17:59:20 ----A---- C:\WINDOWS\system32\ci.dll
2018-02-14 17:59:19 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2018-02-14 17:59:19 ----A---- C:\WINDOWS\system32\usercpl.dll
2018-02-14 17:59:19 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-02-14 17:59:19 ----A---- C:\WINDOWS\system32\rtmpltfm.dll
2018-02-14 17:59:19 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-02-14 17:59:18 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2018-02-14 17:59:18 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2018-02-14 17:59:18 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-14 17:59:18 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-02-14 17:59:17 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-02-14 17:59:17 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2018-02-14 17:59:16 ----A---- C:\WINDOWS\system32\winload.exe
2018-02-14 17:59:16 ----A---- C:\WINDOWS\system32\tquery.dll
2018-02-14 17:59:16 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-02-14 17:59:16 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-02-14 17:59:15 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2018-02-14 17:59:15 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-14 17:59:15 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-14 17:59:15 ----A---- C:\WINDOWS\system32\AppVClient.exe
2018-02-14 17:59:14 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-02-14 17:59:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-14 17:59:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-02-14 17:59:13 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-14 17:59:12 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2018-02-14 17:59:12 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-02-14 17:59:11 ----A---- C:\WINDOWS\SYSWOW64\rtmpltfm.dll
2018-02-14 17:59:11 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2018-02-14 17:59:11 ----A---- C:\WINDOWS\system32\provhandlers.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\vmwp.exe
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\vmusrv.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\VmEmulatedStorage.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\provtool.exe
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\provengine.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2018-02-14 17:59:09 ----A---- C:\WINDOWS\system32\Wpc.dll
2018-02-14 17:59:09 ----A---- C:\WINDOWS\system32\sppwinob.dll
2018-02-14 17:59:08 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-14 17:59:08 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2018-02-14 17:59:07 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2018-02-14 17:59:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2018-02-14 17:59:06 ----A---- C:\WINDOWS\system32\FSClient.dll
2018-02-14 17:59:06 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-02-14 17:59:05 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-02-14 17:59:05 ----A---- C:\WINDOWS\system32\vmcompute.exe
2018-02-14 17:59:05 ----A---- C:\WINDOWS\system32\mf.dll
2018-02-14 17:59:05 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2018-02-14 17:59:04 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2018-02-14 17:59:04 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-02-14 17:59:04 ----A---- C:\WINDOWS\system32\InputService.dll
2018-02-14 17:59:04 ----A---- C:\WINDOWS\system32\D3D12.dll
2018-02-14 17:59:04 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2018-02-14 17:59:03 ----A---- C:\WINDOWS\system32\wpncore.dll
2018-02-14 17:59:03 ----A---- C:\WINDOWS\system32\rdvgm.exe
2018-02-14 17:59:03 ----A---- C:\WINDOWS\system32\mmc.exe
2018-02-14 17:59:02 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-14 17:59:02 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-02-14 17:59:02 ----A---- C:\WINDOWS\system32\aepic.dll
2018-02-14 17:59:01 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2018-02-14 17:59:01 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-02-14 17:59:01 ----A---- C:\WINDOWS\system32\VSSVC.exe
2018-02-14 17:59:01 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-02-14 17:59:01 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-14 17:59:01 ----A---- C:\WINDOWS\system32\invagent.dll
2018-02-14 17:59:00 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-02-14 17:59:00 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-02-14 17:59:00 ----A---- C:\WINDOWS\system32\rtmpal.dll
2018-02-14 17:59:00 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-02-14 17:58:59 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-02-14 17:58:59 ----A---- C:\WINDOWS\system32\WpcMon.exe
2018-02-14 17:58:59 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-14 17:58:59 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-02-14 17:58:58 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-02-14 17:58:58 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2018-02-14 17:58:58 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2018-02-14 17:58:58 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-14 17:58:58 ----A---- C:\WINDOWS\system32\FntCache.dll
2018-02-14 17:58:57 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-02-14 17:58:57 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-14 17:58:57 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\system32\drivers\bam.sys
2018-02-14 17:58:56 ----A---- C:\WINDOWS\system32\CPFilters.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-02-14 17:58:55 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2018-02-14 17:58:55 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-02-14 17:58:55 ----A---- C:\WINDOWS\system32\PeerDistSvc.dll
2018-02-14 17:58:55 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-02-14 17:58:54 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-02-14 17:58:54 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-02-14 17:58:54 ----A---- C:\WINDOWS\system32\ole32.dll
2018-02-14 17:58:54 ----A---- C:\WINDOWS\system32\EncDec.dll
2018-02-14 17:58:54 ----A---- C:\WINDOWS\system32\authui.dll
2018-02-14 17:58:53 ----A---- C:\WINDOWS\SYSWOW64\mmcndmgr.dll
2018-02-14 17:58:53 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-14 17:58:53 ----A---- C:\WINDOWS\system32\UserDataService.dll
2018-02-14 17:58:53 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2018-02-14 17:58:52 ----A---- C:\WINDOWS\SYSWOW64\mmc.exe
2018-02-14 17:58:52 ----A---- C:\WINDOWS\system32\shutdownux.dll
2018-02-14 17:58:52 ----A---- C:\WINDOWS\system32\rtmcodecs.dll
2018-02-14 17:58:52 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-02-14 17:58:52 ----A---- C:\WINDOWS\system32\ieui.dll
2018-02-14 17:58:52 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-02-14 17:58:51 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2018-02-14 17:58:51 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2018-02-14 17:58:51 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-02-14 17:58:51 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-14 17:58:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-14 17:58:50 ----A---- C:\WINDOWS\system32\winresume.exe
2018-02-14 17:58:49 ----A---- C:\WINDOWS\SYSWOW64\rtmpal.dll
2018-02-14 17:58:49 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-14 17:58:49 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-02-14 17:58:49 ----A---- C:\WINDOWS\system32\usermgr.dll
2018-02-14 17:58:49 ----A---- C:\WINDOWS\system32\TransportDSA.dll
2018-02-14 17:58:48 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-02-14 17:58:48 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-02-14 17:58:48 ----A---- C:\WINDOWS\system32\Windows.Payments.dll
2018-02-14 17:58:48 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-02-14 17:58:48 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-14 17:58:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2018-02-14 17:58:47 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2018-02-14 17:58:47 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-02-14 17:58:47 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-14 17:58:47 ----A---- C:\WINDOWS\system32\efswrt.dll
2018-02-14 17:58:46 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2018-02-14 17:58:46 ----A---- C:\WINDOWS\system32\setupapi.dll
2018-02-14 17:58:46 ----A---- C:\WINDOWS\system32\efscore.dll
2018-02-14 17:58:46 ----A---- C:\WINDOWS\system32\drivers\lxcore.sys
2018-02-14 17:58:46 ----A---- C:\WINDOWS\system32\DbgModel.dll
2018-02-14 17:58:45 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-02-14 17:58:45 ----A---- C:\WINDOWS\system32\vmuidevices.dll
2018-02-14 17:58:45 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-02-14 17:58:45 ----A---- C:\WINDOWS\system32\policymanager.dll
2018-02-14 17:58:45 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-02-14 17:58:44 ----A---- C:\WINDOWS\SYSWOW64\EncDec.dll
2018-02-14 17:58:44 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2018-02-14 17:58:44 ----A---- C:\WINDOWS\system32\vmcompute.dll
2018-02-14 17:58:44 ----A---- C:\WINDOWS\system32\uDWM.dll
2018-02-14 17:58:44 ----A---- C:\WINDOWS\system32\localspl.dll
2018-02-14 17:58:44 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2018-02-14 17:58:43 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\vmpmem.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\vmicvdev.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\VmEmulatedNic.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\ncsi.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-02-14 17:58:42 ----A---- C:\WINDOWS\system32\rasdlg.dll
2018-02-14 17:58:42 ----A---- C:\WINDOWS\system32\lsm.dll
2018-02-14 17:58:42 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-14 17:58:42 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\rtmcodecs.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeManagerObj.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-02-14 17:58:41 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-14 17:58:40 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2018-02-14 17:58:40 ----A---- C:\WINDOWS\system32\wifitask.exe
2018-02-14 17:58:40 ----A---- C:\WINDOWS\system32\vmemulateddevices.dll
2018-02-14 17:58:40 ----A---- C:\WINDOWS\system32\mspaint.exe
2018-02-14 17:58:39 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-02-14 17:58:39 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-02-14 17:58:39 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-14 17:58:39 ----A---- C:\WINDOWS\system32\Magnify.exe
2018-02-14 17:58:39 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\winbrand.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\vmsynthstor.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\VmDataStore.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\systemreset.exe
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\SettingSync.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\PrivateCloudHNSPlugin.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-02-14 17:58:37 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-14 17:58:37 ----A---- C:\WINDOWS\system32\vmsynth3dvideo.dll
2018-02-14 17:58:37 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Payments.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\webio.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\vssapi.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\vmserial.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\FrameServer.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2018-02-14 17:58:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-02-14 17:58:35 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2018-02-14 17:58:35 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 17:58:35 ----A---- C:\WINDOWS\system32\VmSynthNic.dll
2018-02-14 17:58:35 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2018-02-14 17:58:35 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-14 17:58:35 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2018-02-14 17:58:34 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2018-02-14 17:58:34 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-02-14 17:58:34 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-02-14 17:58:34 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-14 17:58:34 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\vmsmb.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\srcore.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\rastls.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\mfps.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-02-14 17:58:32 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\NaturalAuth.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\FsIso.exe
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\AppVShNotify.exe
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\gpupvdev.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\gameux.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\container.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\SYSWOW64\WMVXENCD.DLL
2018-02-14 17:58:30 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\skci.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\rasgcw.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\SYSWOW64\sppcomapi.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\wldp.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\vpcievdev.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\vmdynmem.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\SCardSvr.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-02-14 17:58:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\vmsynthfcvdev.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\Unistore.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\cscui.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\aclui.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\SYSWOW64\rtmmvrortc.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\SYSWOW64\ortcengine.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\SYSWOW64\Magnify.exe
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\ortcengine.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\edputil.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2018-02-14 17:58:26 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\drivers\vmswitch.sys
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\AppManagementConfiguration.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\hvsicontainerservice.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\edputil.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\DeviceReactivation.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\AppVClientPS.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\system32\vmicrdv.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\system32\twinapi.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\system32\AppVClientPS.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\vssapi.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2018-02-14 17:58:24 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\wscapi.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\sud.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\nshhttp.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\netlogon.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\APHostService.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\WebClnt.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\p2psvc.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\mmcbase.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\drivers\Diskdump.sys
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\WMVSENCD.DLL
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\WcnApi.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\SyncController.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\icfupgd.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\cldapi.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\CCG.exe
2018-02-14 17:58:20 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\SYSWOW64\AppManagementConfiguration.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\srchadmin.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\hgcpl.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\davclnt.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\CCGLaunchPad.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-02-14 17:58:19 ----A---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\themecpl.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\shsetup.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\SCardDlg.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\P2P.dll
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\wlansvc.dll
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\wcncsvc.dll
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\SensorService.dll
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\ListSvc.dll
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\drivers\vfpext.sys
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\authz.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\SYSWOW64\shsetup.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\system32\webcheck.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\system32\stobject.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\system32\nlaapi.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\system32\netplwiz.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2018-02-14 17:58:14 ----A---- C:\WINDOWS\SYSWOW64\setup16.exe
2018-02-14 17:58:14 ----A---- C:\WINDOWS\SYSWOW64\P2P.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\system32\RdvgmProxy.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\system32\FontProvider.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2018-02-14 17:58:13 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2018-02-14 17:58:13 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2018-02-14 17:58:13 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2018-02-14 17:58:13 ----A---- C:\WINDOWS\system32\themeui.dll
2018-02-14 17:58:13 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2018-02-14 17:58:13 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\system32\msoert2.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\system32\bootux.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\system32\ntshrui.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\system32\drivers\vmbusr.sys
2018-02-14 17:58:11 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\SYSWOW64\RdvgmProxy.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\wscproxystub.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\spoolsv.exe
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\regsvr32.exe
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\drivers\Dumpstorport.sys
2018-02-14 17:58:09 ----A---- C:\WINDOWS\SYSWOW64\regsvr32.exe
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\vfpctrl.exe
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\rshx32.dll
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\provdatastore.dll
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\fontext.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\sendmail.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\rfxvmt.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\rasauto.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\convertvhd.exe
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\wscproxystub.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\msoert2.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\EnterpriseAppMgmtClient.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\system32\taskcomp.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\system32\LockScreenContent.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\system32\appinfo.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\SYSWOW64\mmcbase.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\twext.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\dsreg.dll
2018-02-14 17:58:05 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\synth3dvideoproxy.dll
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\rstrui.exe
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\srchadmin.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeHelper.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\wups2.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\winsrv.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\winsku.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\vmsif.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\virtdisk.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\tzres.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\iepeers.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\hnsproxy.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\hgclientserviceps.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2018-02-14 17:58:03 ----A---- C:\WINDOWS\SYSWOW64\user.exe
2018-02-14 17:58:03 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2018-02-14 17:58:03 ----A---- C:\WINDOWS\system32\atmlib.dll
2018-02-04 19:10:35 ----D---- C:\Program Files\paint.net

[frantisek.sitner]

Druhá část

======List of files/folders modified in the last 1 month======

2018-03-02 20:07:00 ----RD---- C:\Program Files
2018-03-02 20:06:19 ----D---- C:\WINDOWS\Temp
2018-03-02 20:03:13 ----D---- C:\WINDOWS\system32\Tasks
2018-03-02 20:03:13 ----AD---- C:\Program Files\Opera
2018-03-02 19:15:54 ----D---- C:\WINDOWS\System32
2018-03-02 19:15:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-02 19:15:34 ----HD---- C:\Program Files\WindowsApps
2018-03-02 19:15:32 ----D---- C:\WINDOWS\DeliveryOptimization
2018-03-02 19:13:06 ----D---- C:\WINDOWS\AppReadiness
2018-03-02 19:10:26 ----D---- C:\WINDOWS\Prefetch
2018-03-02 19:09:47 ----D---- C:\ProgramData\Docker
2018-02-26 22:04:19 ----D---- C:\WINDOWS\system32\sru
2018-02-26 21:22:44 ----D---- C:\WINDOWS\system32\FxsTmp
2018-02-25 22:32:38 ----D---- C:\WINDOWS\system32\SleepStudy
2018-02-24 23:36:33 ----D---- C:\WINDOWS\system32\drivers
2018-02-24 13:24:14 ----SHD---- C:\System Volume Information
2018-02-24 13:22:52 ----RD---- C:\WINDOWS\Microsoft.NET
2018-02-24 13:14:32 ----SHD---- C:\WINDOWS\Installer
2018-02-24 13:14:32 ----SHD---- C:\Config.Msi
2018-02-24 13:14:23 ----D---- C:\WINDOWS\SysWOW64
2018-02-20 22:36:54 ----D---- C:\WINDOWS\system32\NDF
2018-02-20 08:04:22 ----D---- C:\WINDOWS\system32\DriverStore
2018-02-20 08:04:22 ----D---- C:\WINDOWS\system32\config
2018-02-20 07:40:15 ----HD---- C:\ProgramData
2018-02-18 20:11:29 ----D---- C:\WINDOWS\system32\catroot2
2018-02-18 19:46:18 ----D---- C:\WINDOWS\WinSxS
2018-02-18 19:42:58 ----D---- C:\WINDOWS\rescache
2018-02-18 19:42:05 ----RSD---- C:\WINDOWS\assembly
2018-02-18 08:39:00 ----D---- C:\WINDOWS\INF
2018-02-17 12:22:54 ----D---- C:\WINDOWS\CbsTemp
2018-02-14 20:21:50 ----D---- C:\WINDOWS\TextInput
2018-02-14 20:21:50 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-02-14 20:21:49 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-02-14 20:21:49 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-02-14 20:21:49 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-02-14 20:21:41 ----D---- C:\WINDOWS\system32\wbem
2018-02-14 20:21:36 ----SD---- C:\WINDOWS\system32\lxss
2018-02-14 20:21:36 ----SD---- C:\WINDOWS\system32\F12
2018-02-14 20:21:36 ----D---- C:\WINDOWS\system32\oobe
2018-02-14 20:21:36 ----D---- C:\WINDOWS\system32\migwiz
2018-02-14 20:21:36 ----D---- C:\WINDOWS\system32\migration
2018-02-14 20:21:35 ----D---- C:\WINDOWS\system32\Dism
2018-02-14 20:21:35 ----D---- C:\WINDOWS\system32\Boot
2018-02-14 20:21:35 ----D---- C:\WINDOWS\system32\appraiser
2018-02-14 20:21:23 ----D---- C:\WINDOWS\ShellExperiences
2018-02-14 20:21:23 ----D---- C:\WINDOWS\Provisioning
2018-02-14 20:21:23 ----D---- C:\WINDOWS\PolicyDefinitions
2018-02-14 20:21:19 ----RSD---- C:\WINDOWS\Fonts
2018-02-14 20:21:18 ----D---- C:\WINDOWS\bcastdvr
2018-02-14 20:21:18 ----D---- C:\WINDOWS\apppatch
2018-02-14 20:21:18 ----D---- C:\Windows
2018-02-14 20:21:18 ----D---- C:\Program Files\internet explorer
2018-02-14 20:21:18 ----D---- C:\Program Files (x86)\Internet Explorer
2018-02-14 20:20:53 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-02-14 18:35:17 ----D---- C:\WINDOWS\system32\MRT
2018-02-14 18:10:10 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 18:10:05 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-02-09 19:22:17 ----D---- C:\Intel
2018-02-06 03:49:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-02-04 13:14:48 ----RD---- C:\Program Files (x86)
2018-02-04 13:11:52 ----D---- C:\Program Files (x86)\Google
2018-02-04 13:11:51 ----D---- C:\Program Files\Common Files
2018-02-04 13:11:51 ----D---- C:\Program Files (x86)\Intel

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2012-07-10 179920]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 lxss;@%SystemRoot%\system32\drivers\lxss.sys,-100; C:\WINDOWS\system32\drivers\lxss.sys [2017-12-07 15768]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2017-09-30 293272]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 DNE;@oem58.inf,%DneLwf_Desc%;DNE LightWeight Filter; C:\WINDOWS\system32\DRIVERS\dnelwf64.sys [2013-02-20 119120]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2012-07-10 213416]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-03-29 152136]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2012-03-29 140752]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R3 ApHidfiltrService;@oem34.inf,%HidFilter.SvcDesc%;Alps GlidePoint HID Filter Driver; C:\WINDOWS\system32\DRIVERS\ApHidFiltr.sys [2017-08-22 278528]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 CnxtHdAudService;@oem74.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [2017-05-14 1660448]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2016-10-25 72592]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2016-10-25 67984]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2016-10-25 355216]
R3 HID_PCI;@oem53.inf,%HID_PCI%;HID PCI Minidriver for ISS; C:\WINDOWS\System32\drivers\HID_PCI.sys [2016-08-10 31328]
R3 HidEventFilter;@oem0.inf,%HidEventFilter%;Intel(R) HID Event Filter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [2016-08-16 54800]
R3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
R3 hvsocketcontrol;hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [2017-12-07 26112]
R3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
R3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
R3 ibtusb;@oem104.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-12-06 136128]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igdkmd64.sys [2017-09-07 12842992]
R3 IntcAudioBus;@oem1.inf,%IntcAudioBus.SVCDESC%;Sběrnice technologie Intel(R) Smart Sound; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [2017-02-22 238176]
R3 IntcDAud;@oem101.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-07-24 825376]
R3 IntcOED;@oem9.inf,%IntcOED.SVCDESC%;Technologie Intel(R) Smart Sound OED; C:\WINDOWS\System32\drivers\IntcOED.sys [2017-02-22 750176]
R3 ISH;@oem16.inf,%TEE_SvcDesc%;Intel(R) Integrated Sensor Solution ; C:\WINDOWS\System32\drivers\ISH.sys [2016-09-19 143984]
R3 ISH_BusDriver;@oem54.inf,%ISH_BusDriver.SVCDESC%; ISS Bus Enumerator; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [2016-08-18 80496]
R3 MEIx64;@oem8.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-12-02 204920]
R3 Netwtw06;@oem103.inf,%NIC_Service_DispName_WINT_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwtw06.sys [2018-01-25 8623512]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2017-09-30 126872]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2017-09-30 158616]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2017-09-30 143768]
S3 asmthub3;ASMedia USB3.1 Hub Service; C:\WINDOWS\System32\drivers\asmthub3.sys [2017-01-13 150904]
S3 asmtxhci;ASMedia XHCI Service; C:\WINDOWS\System32\drivers\asmtxhci.sys [2017-01-13 456568]
S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\basp.sys [2016-07-08 150024]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-09-29 191488]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2017-09-29 46592]
S3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-02-10 1015296]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\WINDOWS\System32\drivers\CVirtA64.sys [2010-02-08 14992]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2_SPI;Intel(R) Serial IO SPI Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_SPI.sys [2016-08-30 151352]
S3 iaLPSS2_UART2;Intel(R) Serial IO UART Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [2016-08-30 282424]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 lunparser;@%systemroot%\system32\drivers\lunparser.sys,-10010; C:\WINDOWS\system32\drivers\lunparser.sys [2017-12-07 23040]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2018-02-24 253880]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 Netwtw04;Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [2017-01-24 7932160]
S3 nhi;Thunderbolt(TM) Controller; C:\WINDOWS\System32\drivers\tbt81x.sys [2016-11-21 129608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 passthruparser;@%systemroot%\system32\drivers\passthruparser.sys,-10010; C:\WINDOWS\system32\drivers\passthruparser.sys [2017-12-07 24064]
S3 pcip;@wpcip.inf,%pcip.SVCDESC%;PCI Proxy driver; C:\WINDOWS\System32\drivers\pcip.sys [2017-12-07 48128]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 pvhdparser;@%systemroot%\system32\drivers\pvhdparser.sys,-10010; C:\WINDOWS\system32\drivers\pvhdparser.sys [2017-12-07 51712]
S3 ramparser;@%systemroot%\system32\drivers\ramparser.sys,-10010; C:\WINDOWS\system32\drivers\ramparser.sys [2017-12-07 31744]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 RTSPER;@oem55.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2016-08-05 779232]
S3 RTSUER;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-08-05 418784]
S3 rtsuvc;HP Universal Camera Driver; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2017-09-17 3222016]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-01-17 83984]
R2 ApHidMonitorService;@oem34.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service; C:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe [2017-08-22 178776]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BrcmMgmtAgent;Broadcom Management Agent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2014-08-13 215040]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_a0163;Uživatelská služba platformy připojených zařízení_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 com.docker.service;Docker for Windows Service; C:\Program Files\Docker\Docker\com.docker.service [2018-01-14 15872]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe [2017-09-07 613360]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 CxMonSvc;CxMonSvc; C:\WINDOWS\CxSvc\CxMonSvc.exe [2016-12-20 30840]
R2 CxUtilSvc;CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [2017-02-16 148600]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2012-07-04 999704]
R2 esifsvc;@oem62.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2016-11-09 2211448]
R2 HP Comm Recover;HP Comm Recovery; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [2016-10-07 1309184]
R2 HP Hotkey Service;HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [2017-04-11 966136]
R2 HPMAMSrv;HP MAC Address Manager Service; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [2016-10-28 537592]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-04-07 33640]
R2 ibtsiva;@oem104.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe [2017-09-07 415208]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-12-05 177440]
R2 LanWlanSwitchingService;LAN/WLAN Switching Service; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [2017-04-11 593400]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-12-05 419616]
R2 OneSyncSvc_a0163;Hostitel synchronizace_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-02-10 519144]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe [2017-09-07 397296]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-09-28 43648]
R3 hns;@%systemroot%\system32\HostNetSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-09-28 1077752]
R3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_a0163;Data kontaktů_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-26 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-09-29 52856]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_a0163;Tok zařízení_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [2012-07-04 35720]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2012-07-04 190208]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-26 153752]
S3 HgClientService;@%SystemRoot%\System32\hgclientservice.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-10-19 1102560]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-10-13 630048]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 LxssManager;@%systemroot%\system32\lxss\LxssManager.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 6234056]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_a0163;Služba zasílání zpráv_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-10 175048]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_a0163;PrintWorkflow_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-12-07 4329952]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2018-02-10 819096]

-----------------EOF-----------------

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Scan (Skenovanie) a pockaj na dokoncenie
• Klikni na Clean (Cistenie) a potvrd kliknutim na OK
• AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
• Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

[frantisek.sitner]

Ahoj, asi jsem to pokazil, po restartu na mě nic nevyskočilo. Před restartem ano, ale to jsem si bohužel neuložil Mám to spustit znovu?

[Conder]

Log by mal byt ulozeny v zlozke C:/AdwCleaner pod nazvom AdwCleaner[C0].txt

[frantisek.sitner]

Super díky, tady je

# AdwCleaner 7.0.8.0 - Logfile created on Sat Mar 03 12:55:03 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

Deleted: C:\END


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [948 B] - [2018/3/3 12:15:21]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

[Conder]

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

[frantisek.sitner]

Ačkoliv mám FRST64.exe na ploše, tak při spuštění FRSTLauncher mi to řeklo, že tam není, tak jsem spustil scan samotného FRST.

[Conder]

FRST je nutne spustit pod administratorskym uctom.

[frantisek.sitner]

Omlouvám se, měl jsem za to že jsem to spouštěl jako administrator, teď by to již mělo být v pořádku.

[Conder]

V PC su nainstalovane zastarale verzie Javy, ktore odporucam odinstalovat:

• Java 8 Update 111
  Java 8 Update 131

Ak Javu potrebujes, nainstaluj aktualnu verziu - Java 8 Update 161 - https://java.com/en/download/

Tieto riadky mas v hosts nastavene umyselne?

127.0.0.1 cms
127.0.0.1 skolapropsy
127.0.0.1 atomic-file.localhost
127.0.0.1 di.localhost
127.0.0.1 ladygong.localhost

Poznas tento program?

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2017-12-08]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()

[frantisek.sitner]

Děkuji, novou Javu jsem nainstaloval a starou odinstaloval. Potřebuji ji pro běh IDE.

Ano v hosts mám tyto záznamy schválně, mám lokální webový server.

Ten vpngui je program Cisco vpn client, kterým se připojuji do pracovní vpnky.

[Conder]

OK. Inak vyzera to ciste, len precistime zopar zbytocnosti.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  ExportKey: HKLM\SOFTWARE\Policies\Google
  HKLM-x32\...\RunOnce: [{8060a69f-ee27-444b-b126-775f861232ea}] => C:\ProgramData\Package Cache\{8060a69f-ee27-444b-b126-775f861232ea}\Setup.exe [1668128 2018-01-13] (Intel Corporation) <==== ATTENTION
  HKU\S-1-5-21-2830779331-3592222151-1840298108-1005\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].tx
  2018-03-03 16:58 - 2018-03-03 16:58 - 000015327 _____ C:\Users\sitnefr1-locadm\Desktop\LM.bat
  2018-03-03 16:57 - 2018-03-03 16:28 - 000112640 _____ (forum.viry.cz) C:\Users\Franta\Desktop\FRSTLauncher.exe
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[frantisek.sitner]

Fix result of Farbar Recovery Scan Tool (x64) Version: 28.02.2018
Ran by sitnefr1-locadm (03-03-2018 18:23:08) Run:1
Running from C:\Users\Franta\Desktop
Loaded Profiles: sitnefr1-locadm & Franta (Available Profiles: sitnefr1-locadm & Franta & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKLM\SOFTWARE\Policies\Google
HKLM-x32\...\RunOnce: [{8060a69f-ee27-444b-b126-775f861232ea}] => C:\ProgramData\Package Cache\{8060a69f-ee27-444b-b126-775f861232ea}\Setup.exe [1668128 2018-01-13] (Intel Corporation) <==== ATTENTION
HKU\S-1-5-21-2830779331-3592222151-1840298108-1005\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].tx
2018-03-03 16:58 - 2018-03-03 16:58 - 000015327 _____ C:\Users\sitnefr1-locadm\Desktop\LM.bat
2018-03-03 16:57 - 2018-03-03 16:28 - 000112640 _____ (forum.viry.cz) C:\Users\Franta\Desktop\FRSTLauncher.exe
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Google]
[HKLM\SOFTWARE\Policies\Google\Chrome]
[HKLM\SOFTWARE\Policies\Google\Chrome\EnabledPlugins]
"1"="HP Client Security Manager"
[HKLM\SOFTWARE\Policies\Google\Update]
"UpdateDefault"="1"

=== End of ExportKey ===
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\{8060a69f-ee27-444b-b126-775f861232ea}" => removed successfully
"HKU\S-1-5-21-2830779331-3592222151-1840298108-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Report" => removed successfully
C:\Users\sitnefr1-locadm\Desktop\LM.bat => moved successfully
C:\Users\Franta\Desktop\FRSTLauncher.exe => moved successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2104856 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 197172171 B
Edge => 9216 B
Chrome => 56110943 B
Firefox => 0 B
Opera => 1114848 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 76706 B
NetworkService => 0 B
sitnefr1-locadm => 223790090 B
Franta => 137910144 B
Administrator => 39140 B
pdqdeploy => 10252 B
sitnefr1 => 243472 B

RecycleBin => 15983 B
EmptyTemp: => 597.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:23:59 ====

[Conder]

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

Skontroluj velkost plochy (C:\Users\Franta\Desktop a C:\Users\sitnefr1-locadm\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.