Prosím o preventivku

[kubi04]

Zdravím, prosím o preventivku.
Mám sice podezření na vadný zdroj, ale zase si začala bedna dělat svoje a ani po aktualizaci woken na v.2004, se to nevyřešilo na 100%.
Prostě si někdy začne využívat(ždímat by bylo přesnější) GK na 100% bez nějakého rozumného důvodu, občas se restartovala jen aby se neřeklo.Díky
(jen tak pro info: od jarní korona-situace, jsem pomáhal přes https://foldingathome.org/start-folding/ ,teď mám pauzu na chvíli, tak snad jsem tu moji chudinku moc nezadřel )

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-06-2020
# Duration: 00:00:15
# OS: Windows 10 Home
# Scanned: 31837
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[kubi04]

Logfile of random's system information tool 1.10 (written by random/random)
Run by kouba at 2020-08-06 13:48:34
Microsoft Windows 10 Home
System drive C: has 39 GB (34%) free of 114 GB
Total RAM: 16327 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:48:35, on 6.8.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
D:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files\trend micro\kouba.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.52\BHO\ie_to_edge_bho.dll
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [WDDriveAgent] C:\Program Files (x86)\Western Digital\WD Drive Agent\WDDriveAgent.exe
O4 - HKLM\..\Run: [WDDiscovery] C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe --autolaunch
O4 - HKLM\..\Run: [Leonvo Legion Startup] C:\Program Files (x86)\Lenovo\Lenovo Legion\legion_haw.exe --service
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = g
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = g
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O21 - SSODL: WDFSMountNotificator-wdfsconnect2017 - {17A98444-201F-4DBA-871B-E6D35C1F8B53} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {17A98444-201F-4DBA-871B-E6D35C1F8B53} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_4edc2 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.105\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11231 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-376ee909-e4cb-4f80-ba9d-5ecc7440a0f0 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9d8cc723-7e99-46d9-86df-9e1f20fe2147 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-655a288d-7ee6-463a-bbaa-0f63ce9ea98f -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b50689f7-94d5-4496-8f7b-ed4258a8269a -LifetimeId:59903e65-e07a-4aca-b8da-6e7effea0bed -DeviceGroupId:WudfDefaultDevicePool -HostArg:0
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-cc047f46-4618-44fa-97a3-e81960407b19 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-566c3567-de85-4c6a-8352-7e71224142cb -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-66748be7-d7ab-4f2e-80c7-28907dcf5f84 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-149d8be6-821a-4e07-b131-95ad7496f615 -LifetimeId:da7a8c20-2d73-4b1b-9880-3a34d393b68d -DeviceGroupId:WpdFsGroup -HostArg:0
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p

C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\NVDisplay.Container.exe" -f %ProgramData%\NVIDIA\DisplaySessionContainer%d.log -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\plugins\Session -r -l 3 -p 30000 -cfg NVDisplay.ContainerLocalSystem\Session -c
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
dashost.exe {c73a0e76-01f0-4c8e-8e547694fd8bc76e}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\system32\svchost.exe -k apphost -s AppHostSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe"
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Wecsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20071.95.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\AUDIODG.EXE 0x660
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files\ESET\ESET Smart Security\eguiproxy.exe" /hide
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2007.24723.0_x64__8wekyb3d8bbwe\Cortana.exe" -ServerName:App.AppX2y379sjp88wjq1y80217mddj3fargf2y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k AarSvcGroup -p -s AarSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe -Embedding
-BootProc
"C:\Program Files (x86)\Lenovo\Lenovo Legion\legion_haw.exe" --service
-BootProc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe" -ServerName:App.AppX2m6wj6jceb8yq7ppx1b3drf7yy51ha6f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"D:\Program Files (x86)\Winamp\winamp.exe"

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4668.0.190637880\47321322" -parentBuildID 20200720193547 -prefsHandle 1692 -prefMapHandle 1684 -prefsLen 1 -prefMapSize 243272 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4668 "\\.\pipe\gecko-crash-server-pipe.4668" 1772 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4668.13.763616845\1619681261" -childID 2 -isForBrowser -prefsHandle 4672 -prefMapHandle 4668 -prefsLen 6551 -prefMapSize 243272 -parentBuildID 20200720193547 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4668 "\\.\pipe\gecko-crash-server-pipe.4668" 4680 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4668.20.795790904\1551962579" -childID 3 -isForBrowser -prefsHandle 5340 -prefMapHandle 5324 -prefsLen 7387 -prefMapSize 243272 -parentBuildID 20200720193547 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4668 "\\.\pipe\gecko-crash-server-pipe.4668" 5004 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4668.27.1717484519\1715019362" -childID 4 -isForBrowser -prefsHandle 5408 -prefMapHandle 5636 -prefsLen 7387 -prefMapSize 243272 -parentBuildID 20200720193547 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4668 "\\.\pipe\gecko-crash-server-pipe.4668" 5604 tab
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4668.48.754421331\2130123192" -childID 7 -isForBrowser -prefsHandle 10032 -prefMapHandle 2216 -prefsLen 7774 -prefMapSize 243272 -parentBuildID 20200720193547 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4668 "\\.\pipe\gecko-crash-server-pipe.4668" 4504 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4668.55.946559801\756228284" -childID 8 -isForBrowser -prefsHandle 9720 -prefMapHandle 4868 -prefsLen 7774 -prefMapSize 243272 -parentBuildID 20200720193547 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4668 "\\.\pipe\gecko-crash-server-pipe.4668" 5000 tab
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\log.txt


"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1384008443-1613463805-864836974-10005_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1384008443-1613463805-864836974-10005 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 796 800 808 8192 804 780
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\kouba\Desktop\RSITx64(1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\kouba\AppData\Roaming\Mozilla\Firefox\Profiles\8cxbsnre.default-1510941565429

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.403 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.10]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.403 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
npPDFXCviewNPPlugin.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.52\BHO\ie_to_edge_bho_64.dll [2020-08-01 488344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.52\BHO\ie_to_edge_bho.dll [2020-08-01 384920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-08-12 8492800]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [2020-07-31 185648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2020-07-09 29262520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GalaxyClient]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2013-12-27 570880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2020-06-23 2754024]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2011-04-20 139264]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2010-06-10 2621440]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2013-12-27 570880]
"WDDriveAgent"=C:\Program Files (x86)\Western Digital\WD Drive Agent\WDDriveAgent.exe [2018-03-26 2379096]
"WDDiscovery"=C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [2019-09-21 81376496]
"Leonvo Legion Startup"=C:\Program Files (x86)\Lenovo\Lenovo Legion\legion_haw.exe [2019-10-24 1107640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WDFSMountNotificator-wdfsconnect2017 - {17A98444-201F-4DBA-871B-E6D35C1F8B53} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10 180224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {17A98444-201F-4DBA-871B-E6D35C1F8B53} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10 180224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"aux1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-08-06 13:48:34 ----D---- C:\rsit
2020-08-01 21:30:08 ----D---- C:\WINDOWS\LastGood.Tmp
2020-08-01 21:29:05 ----A---- C:\WINDOWS\system32\drivers\nvhdap64.dll
2020-08-01 21:25:48 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2020-08-01 21:25:48 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\OpenCL.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\nvml.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\nvidia-smi.exe
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\nvdebugdump.exe
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\nvcuda.dll
2020-08-01 21:25:47 ----A---- C:\WINDOWS\system32\MCU.exe
2020-08-01 21:22:34 ----D---- C:\WINDOWS\system32\drivers\NVIDIA Corporation
2020-08-01 21:22:09 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2020-08-01 21:22:09 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2020-08-01 21:22:09 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2020-08-01 21:22:09 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-08-01 21:22:09 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-08-01 21:22:09 ----A---- C:\WINDOWS\system32\nvcpl.dll
2020-08-01 21:22:09 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2020-08-01 21:22:09 ----A---- C:\WINDOWS\system32\nvapi64.dll
2020-08-01 21:17:48 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2020-08-01 21:17:48 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2020-08-01 21:17:48 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2020-08-01 21:17:44 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2020-08-01 21:17:43 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2020-08-01 21:17:43 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2020-08-01 21:17:41 ----A---- C:\WINDOWS\system32\WdfCoInstaller01011.dll
2020-08-01 21:17:41 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2020-08-01 21:17:41 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2020-08-01 21:17:41 ----A---- C:\WINDOWS\system32\drivers\NvModuleTracker.sys
2020-07-30 14:52:50 ----D---- C:\Program Files\Common Files\SpeechEngines
2020-07-30 14:51:56 ----AS---- C:\WINDOWS\bootstat.dat
2020-07-30 14:51:25 ----D---- C:\WINDOWS\system32\Microsoft
2020-07-30 14:51:25 ----D---- C:\WINDOWS\ServiceProfiles
2020-07-30 14:50:41 ----D---- C:\ProgramData\ssh
2020-07-30 14:48:43 ----A---- C:\WINDOWS\SYSWOW64\wmpdxm.dll
2020-07-30 14:48:43 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2020-07-30 14:48:43 ----A---- C:\WINDOWS\SYSWOW64\FXSCOMEX.dll
2020-07-30 14:48:43 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\SYSWOW64\ConsoleLogon.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\wmp.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\wbengine.exe
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\wbadmin.exe
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\TSSessionUX.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\msra.exe
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\fveapibase.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\fveapi.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\BdeUISrv.exe
2020-07-30 14:48:42 ----A---- C:\WINDOWS\system32\bdesvc.dll
2020-07-30 14:48:41 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2020-07-30 14:48:41 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-07-30 14:48:41 ----A---- C:\WINDOWS\system32\WalletService.dll
2020-07-30 14:48:41 ----A---- C:\WINDOWS\system32\notepad.exe
2020-07-30 14:48:41 ----A---- C:\WINDOWS\system32\cdp.dll
2020-07-30 14:48:41 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2020-07-30 14:48:41 ----A---- C:\WINDOWS\notepad.exe
2020-07-30 14:48:40 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2020-07-30 14:48:39 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll
2020-07-30 14:48:39 ----A---- C:\WINDOWS\system32\APHostService.dll
2020-07-30 14:48:39 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\WMNetMgr.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\wmidx.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\mswmdm.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\MSFlacEncoder.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\MSAudDecMFT.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\HoloShellRuntime.dll
2020-07-30 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\system32\MixedReality.Broker.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\system32\HoloSHExtensions.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\system32\HolographicRuntimes.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2020-07-30 14:48:35 ----A---- C:\WINDOWS\system32\Analog.Shell.Broker.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\WMNetMgr.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\wmidx.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\winmde.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\mswmdm.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\MSFlacEncoder.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\mfsvr.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\mfplat.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\mfmjpegdec.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\mfds.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\HoloShellRuntime.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2020-07-30 14:48:34 ----A---- C:\WINDOWS\system32\DMRServer.dll
2020-07-30 14:48:33 ----A---- C:\WINDOWS\SYSWOW64\PhotoScreensaver.scr
2020-07-30 14:48:33 ----A---- C:\WINDOWS\SYSWOW64\mqoa.dll
2020-07-30 14:48:33 ----A---- C:\WINDOWS\system32\PhotoScreensaver.scr
2020-07-30 14:48:33 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2020-07-30 14:48:33 ----A---- C:\WINDOWS\system32\mqoa.dll
2020-07-30 14:48:33 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-07-30 14:48:33 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2020-07-30 14:48:33 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-07-30 14:48:33 ----A---- C:\WINDOWS\system32\mf.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\wvc.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\wkspbrokerAx.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\WinSATAPI.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\wavemsp.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\VAN.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\termmgr.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\tapisrv.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\tapi3.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\SecurityCenterBrokerPS.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\psisdecd.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\PrintWSDAHost.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\devenum.dll
2020-07-30 14:48:31 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\WlanMM.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\mmcndmgr.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\mmc.exe
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\cic.dll
2020-07-30 14:48:30 ----A---- C:\WINDOWS\SYSWOW64\cdosys.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\wiatrace.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\wiadss.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\wiaaut.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\upnphost.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\upnpcont.exe
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\udhisapi.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\sti.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\srumsvc.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\srumapi.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiverExt.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\imapi2fs.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\imapi2.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\imapi.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\iassdo.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\iasrecst.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\iasnap.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\iasads.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\fdWSD.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\fdSSDP.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\dialclient.dll
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\dfrgui.exe
2020-07-30 14:48:29 ----A---- C:\WINDOWS\SYSWOW64\azroles.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\WorkFolders.exe
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\wkspbrokerAx.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\WinSATAPI.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\WinSAT.exe
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\VAN.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\tsmf.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\tsgqec.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\termsrv.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\sysmain.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\SrTasks.exe
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\srrstr.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\srcore.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\Spectrum.exe
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\rstrui.exe
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\recdisc.exe
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\RdpRelayTransport.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\rdbui.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\qedit.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\psisdecd.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\ProvSysprep.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\icsvcext.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\FileHistory.exe
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\dsregcmd.exe
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\DiagSvc.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-07-30 14:48:27 ----A---- C:\WINDOWS\system32\CPFilters.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\wvc.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\wsp_health.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\WlanMM.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\wavemsp.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\termmgr.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\tapisrv.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\tapi3.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\systemreset.exe
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\ResetEngine.exe
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\reseteng.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\rdpudd.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\rdpencom.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\rdpcore.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\rdpclip.exe
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\quartz.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\qdvd.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\PrintWSDAHost.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\odbcconf.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\nshwfp.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\nltest.exe
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\mstscax.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\msTextPrediction.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\msimsg.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\msi.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\mmc.exe
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\LocationApi.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\FsIso.exe
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\devenum.dll
2020-07-30 14:48:26 ----A---- C:\WINDOWS\system32\cic.dll
2020-07-30 14:48:25 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2020-07-30 14:48:25 ----A---- C:\WINDOWS\system32\jscript9.dll
2020-07-30 14:48:25 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-07-30 14:48:25 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2020-07-30 14:48:25 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2020-07-30 14:48:25 ----A---- C:\WINDOWS\system32\ieframe.dll
2020-07-30 14:48:25 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-07-30 14:48:25 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-07-30 14:48:25 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-07-30 14:48:25 ----A---- C:\WINDOWS\system32\cdosys.dll
2020-07-30 14:48:24 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2020-07-30 14:48:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-07-30 14:48:24 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2020-07-30 14:48:23 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2020-07-30 14:48:23 ----A---- C:\WINDOWS\system32\edgehtml.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\wsecedit.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\WinHvPlatform.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\WinHvEmulation.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\wiatrace.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\wiaservc.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\wiarpc.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\wiadss.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\wiaaut.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\werui.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\werconcpl.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\StorSvc.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\sti_ci.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\sti.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\mshtmled.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\MiracastReceiverExt.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\jscript.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\imapi2.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\imapi.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\iassdo.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\iasrecst.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\iasnap.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\iasads.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\fdWSD.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\easwrt.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\dxtrans.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\dialserver.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\dialclient.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\dfrgui.exe
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\defragsvc.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\Defrag.exe
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\DataExchangeHost.exe
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\ConsentUxClient.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\computestorage.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\computecore.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\ClipUp.exe
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\CBDHSvc.dll
2020-07-30 14:48:22 ----A---- C:\WINDOWS\system32\azroles.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\upnphost.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\upnpcont.exe
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\udhisapi.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\SgrmBroker.exe
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\securekernel.exe
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\sdshext.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\sdrsvc.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\sdengin2.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\sdclt.exe
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\resutils.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\NgcIsoCtnr.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\NgcIso.exe
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\hvloader.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\fdSSDP.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\diagperf.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\clusapi.dll
2020-07-30 14:48:21 ----A---- C:\WINDOWS\system32\CIDiag.exe
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\spwizeng.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\scrrun.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\scecli.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\rtutils.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\rtmpltfm.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\rtmpal.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\rtmmvrortc.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\rtmcodecs.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\rdpviewerax.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\printui.exe
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\ortcengine.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\findnetprinters.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\credssp.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\ConfigureExpandedStorage.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\WwanRadioManager.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\wwanmm.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\srumsvc.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\srumapi.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\DataUsageHandlers.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\csplte.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\CfgSPCellular.dll
2020-07-30 14:48:20 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\xpsservices.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\PrintWorkflowService.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\PrintWorkflowProxy.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\Print.Workflow.Source.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\npmproxy.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\nlmsprep.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\nlmproxy.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\netprofm.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\msaatext.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\MrmIndexer.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\KBDJPN.DLL
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\kbd106n.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\kbd106.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\kbd101.DLL
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\compstui.dll
2020-07-30 14:48:19 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\windowsperformancerecordercontrol.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Profile.RetailInfo.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Perception.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\WerEnc.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\Websocket.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\wdigest.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\sethc.exe
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\PickerPlatform.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\msimg32.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\keyiso.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\enterpriseresourcemanager.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\EaseOfAccessDialog.exe
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\DismApi.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\Dism.exe
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\cryptui.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\clfsw32.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2020-07-30 14:48:18 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Diagnostics.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Management.Workplace.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Devices.Sensors.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.LowLevel.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.AI.MachineLearning.Preview.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\vaultcli.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\msxml6r.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2020-07-30 14:48:17 ----A---- C:\WINDOWS\SYSWOW64\CapabilityAccessManagerClient.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\wpnclient.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.SystemManagement.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.Compression.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryCore.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Energy.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SerialCommunication.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Radios.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\DiagnosticInvoker.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\coreglobconfig.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollCtrl.exe
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2020-07-30 14:48:16 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Payments.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.PointOfService.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Wallet.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\WindowManagementAPI.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\TextShaping.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\TaskApis.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\socialapis.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\rdpsharercom.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\PhoneOm.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\PeopleAPIs.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\mscms.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\mbussdapi.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\mbsmsapi.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\LicenseManagerApi.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\InputHost.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\InkObjCore.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\icm32.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\coloradapterclient.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2020-07-30 14:48:15 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Perception.Stub.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Ocr.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.FaceAnalysis.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Preview.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.Phone.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.AllJoyn.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\windows.applicationmodel.datatransfer.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\useractivitybroker.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\ResourcePolicyClient.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\gamingtcui.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\ffbroker.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\CameraCaptureUI.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\AppExtension.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\ApiSetHost.AppExecutionAlias.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2020-07-30 14:48:14 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\WwaApi.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Usb.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Printers.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Haptics.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Core.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\SystemUWPLauncher.exe
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiver.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountWAMExtension.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\ExecModelClient.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\DataExchange.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRClient.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRBroker.dll
2020-07-30 14:48:13 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\windows.internal.shellcommon.AccountsControlExperience.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.XboxLive.Storage.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFiDirect.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\VoipRT.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\SystemSettings.DataModel.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\slcext.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\oleprn.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\InkEd.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\DeviceReactivation.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\CoreShellAPI.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\BTAGService.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\atlthunk.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\atl.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntimewindows.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntime.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\SYSWOW64\AarSvc.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\system32\spwizres.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\system32\spwizeng.dll
2020-07-30 14:48:12 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2020-07-30 14:48:11 ----A---- C:\WINDOWS\system32\TSpkg.dll
2020-07-30 14:48:11 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-07-30 14:48:11 ----A---- C:\WINDOWS\system32\rtmpltfm.dll
2020-07-30 14:48:11 ----A---- C:\WINDOWS\system32\rtmpal.dll
2020-07-30 14:48:11 ----A---- C:\WINDOWS\system32\rtmmvrortc.dll
2020-07-30 14:48:11 ----A---- C:\WINDOWS\system32\rtmcodecs.dll
2020-07-30 14:48:11 ----A---- C:\WINDOWS\system32\pku2u.dll
2020-07-30 14:48:11 ----A---- C:\WINDOWS\system32\ortcengine.dll
2020-07-30 14:48:11 ----A---- C:\WINDOWS\system32\efswrt.dll
2020-07-30 14:48:11 ----A---- C:\WINDOWS\system32\credssp.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\vpnike.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\shell32.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\scrrun.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\scecli.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\rdpviewerax.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\RASMM.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\rasdlg.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\icsunattend.exe
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2020-07-30 14:48:10 ----A---- C:\WINDOWS\system32\comdlg32.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\xpsservices.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\UIMgrBroker.exe
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\UIManagerBrokerps.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\tcpmon.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\taskschd.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\sxssrv.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\sppsvc.exe
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\sppobjs.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\sppcext.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\slcext.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\schedsvc.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_IME.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_Fonts.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\rtutils.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\rasapi32.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\puiobj.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\puiapi.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\PrintWorkflowService.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\PrintWorkflowProxy.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\printui.exe
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\Print.Workflow.Source.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\npmproxy.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\nlmsprep.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\nlmproxy.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\nlasvc.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\nlaapi.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\NetworkStatus.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\netshell.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\netprofm.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\ncsi.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\msaatext.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\InkEd.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\findnetprinters.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\Family.Client.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\Family.Authentication.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\DeviceReactivation.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\compstui.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\AudioHandlers.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\APMon.dll
2020-07-30 14:48:09 ----A---- C:\WINDOWS\system32\AboutSettingsHandlers.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\wlidcli.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\wininet.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\urlmon.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\MrmIndexer.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\lpremove.exe
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\lpksetup.exe
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\LockScreenData.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\LockHostingFramework.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\LockController.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\KBDJPN.DLL
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\kbd106n.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\kbd106.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\kbd101.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\jsproxy.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\edgeIso.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\DismApi.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\AxInstUI.exe
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\AxInstSv.dll
2020-07-30 14:48:08 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\wuuhext.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\winsrvext.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\usermgr.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\tdh.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\t2embed.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\msimg32.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\msctf.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\mf3216.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\lpk.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\LogonController.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\LocationFrameworkPS.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\gpsvc.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\gpapi.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\Geolocation.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\gdi32full.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\fontsub.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\Dism.exe
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\dciman32.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\DAMM.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\cryptui.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\cryptcatsvc.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\credprovs.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2020-07-30 14:48:07 ----A---- C:\WINDOWS\system32\configmanager2.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\wpr.exe
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\winhttp.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\wersvc.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\wermgr.exe
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\WerFault.exe
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\weretw.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\WerEnc.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\wer.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\Websocket.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\utcutil.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\schannel.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\sechost.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\runexehelper.exe
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\RpcEpMap.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\oleaut32.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\ntdll.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\msv1_0.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\lsasrv.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\keyiso.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\KernelBase.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\Faultrep.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\drivers\WdfLdr.sys
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\diagnosticdataquery.dll
2020-07-30 14:48:06 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\WinTypes.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\wincorlib.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\wimserv.exe
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\wimgapi.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\wdigest.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\uDWM.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\tzres.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\rpcss.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\profsvc.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\ole32.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\dcomp.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\crypt32.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\ConhostV1.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\conhost.exe
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\comsvcs.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\combase.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\ci.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\CaptureService.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\browserbroker.dll
2020-07-30 14:48:05 ----A---- C:\WINDOWS\system32\aepic.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\winresume.exe
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\winload.exe
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\SwitcherDataModel.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\SRH.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\SettingsHandlers_Display.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\sethc.exe
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\Narrator.exe
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\MtcModel.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\Magnify.exe
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\invagent.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\EoAExperiences.exe
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\EaseOfAccessDialog.exe
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\CredDialogBroker.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\ConstraintIndex.Search.dll
2020-07-30 14:48:04 ----A---- C:\WINDOWS\system32\clfsw32.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\wow64win.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\wow64.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\ReAgent.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\QuietHours.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\NotificationController.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2020-07-30 14:48:03 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\wups2.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\wups.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\wuaueng.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\wuauclt.exe
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\wuapi.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\Windows.Internal.CapturePicker.Desktop.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\VSSVC.exe
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\usosvc.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\UsoClient.exe
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\usoapi.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\upshared.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\swprv.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\SHCore.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\SettingsHandlers_OptionalFeatures.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\PickerPlatform.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\PeopleBand.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\MusNotification.exe
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2020-07-30 14:48:02 ----A---- C:\WINDOWS\system32\AppResolver.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\SensorService.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\daxexec.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\container.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2020-07-30 14:48:01 ----A---- C:\WINDOWS\system32\bindfltapi.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\WwaApi.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\wpnprv.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\wpncore.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\wpnclient.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\wpnapps.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\windows.storage.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\WindowManagementAPI.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\WindowManagement.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\win32u.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\win32k.sys
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\user32.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\rdpbase.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\psmsrv.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\profext.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\kerberos.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\coreglobconfig.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\BCP47Langs.dll
2020-07-30 14:48:00 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\Windows.Payments.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\UserDataService.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\TDLMigration.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\TaskApis.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\storewuauth.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\socialapis.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\rdpsharercom.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\PushToInstall.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\PhoneOm.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\PeopleAPIs.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\NPSM.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\moshostcore.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\mbussdapi.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\mbsmsapi.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\MapsStore.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\MapRouter.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\MapGeocoder.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\LicenseManagerApi.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\ISM.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\InstallService.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\InputHost.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\ChatApis.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\EmailApis.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\ContactApis.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\BingMaps.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2020-07-30 14:47:59 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\Windows.Graphics.Display.DisplayEnhancementOverride.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\tsf3gip.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\tquery.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\TextShaping.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\mssvp.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\mssrch.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\mssprxy.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\mssph.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\mssitlb.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\msscntrs.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\mscms.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\InkObjCore.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\icm32.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\HeatCore.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\dxgiadaptercache.exe
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\directxdatabaseupdater.exe
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\d3d9on12.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\d3d11on12.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2020-07-30 14:47:58 ----A---- C:\WINDOWS\system32\coloradapterclient.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\SEMgrSvc.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\NfcRadioMedia.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\FntCache.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\DWrite.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\dosvc.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\domgmt.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\ddisplay.dll
2020-07-30 14:47:57 ----A---- C:\WINDOWS\system32\d2d1.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Storage.Compression.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Internal.Devices.Sensors.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\Windows.AI.MachineLearning.Preview.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\vaultcli.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\msxml6r.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\msxml6.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\D3D12.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\cdd.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-07-30 14:47:54 ----A---- C:\WINDOWS\system32\bisrv.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Energy.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Devices.Radios.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\useractivitybroker.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\smartscreen.exe
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\ResourcePolicyServer.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\ResourcePolicyClient.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\qmgr.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\MSAJApi.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\CameraCaptureUI.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2020-07-30 14:47:53 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\wlidprov.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\UiaManager.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\gamingtcui.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\GameInput.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\ffbroker.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\dstokenclean.exe
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\dssvc.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\AppExtension.dll
2020-07-30 14:47:52 ----A---- C:\WINDOWS\system32\AppContracts.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\windowsudk.shellcommon.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\Windows.Devices.Printers.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\Windows.Devices.Haptics.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\SystemUWPLauncher.exe
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\ShareHost.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\msftedit.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\kernel32.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\ExecModelClient.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\DataExchange.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\CoreShellAPI.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\cdprt.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\BcastDVRClient.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\BcastDVRBroker.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\authui.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\atlthunk.dll
2020-07-30 14:47:51 ----A---- C:\WINDOWS\system32\atl.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wlansvc.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wlansec.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\WlanRadioManager.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wlanapi.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wksprt.exe
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\WindowsInternal.ComposableShell.ComposerFramework.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\Windows.Internal.Signals.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\windows.internal.shellcommon.AccountsControlExperience.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wifitask.exe
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wfdprov.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\UtcDecoderHost.exe
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\usbmon.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\twinui.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\twinapi.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\SystemSettingsBroker.exe
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\StartTileData.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\SettingsHandlers_Accessibility.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\provcore.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\localui.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\dot3mm.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\CoreShell.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\system32\ComposerFramework.dll
2020-07-30 14:47:50 ----A---- C:\WINDOWS\explorer.exe
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\WpcTok.exe
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\WpcMon.exe
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\WpcApi.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\Wpc.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\win32spl.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\spoolsv.exe
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\secproc_isv.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\provtool.exe
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\provpackageapidll.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\provops.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\provhandlers.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\provengine.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\provdatastore.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\oleprn.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\netman.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\NaturalAuth.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\localspl.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\EapTeapAuth.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-07-30 14:47:49 ----A---- C:\WINDOWS\system32\ApproveChildRequest.exe
2020-07-30 14:47:49 ----A---- C:\WINDOWS\splwow64.exe
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\XblGameSaveTask.exe
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\wwansvc.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\VoipRT.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\vac.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\umpo.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\SpatializerApo.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\PhoneService.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\MitigationClient.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\lpasvc.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\DTUHandler.exe
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\drivers\KNetPwrDepBroker.sys
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\CoreMas.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\BthAvrcp.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\BthAvctpSvc.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\BTAGService.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\autopilot.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\audiosrv.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\AudioSes.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\AudioEng.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\audiodg.exe
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\agentactivationruntime.dll
2020-07-30 14:47:48 ----A---- C:\WINDOWS\system32\AarSvc.dll
2020-07-30 14:47:47 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2020-07-30 14:47:47 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2020-07-30 14:47:47 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2020-07-30 14:47:47 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2020-07-30 14:47:47 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2020-07-30 14:47:47 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2020-07-30 14:47:47 ----A---- C:\WINDOWS\system32\drivers\HdAudio.sys
2020-07-30 14:44:49 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2020-07-30 14:44:49 ----A---- C:\WINDOWS\system32\prm0009.dll
2020-07-30 14:44:49 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2020-07-30 14:44:49 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2020-07-30 14:43:35 ----A---- C:\WINDOWS\SYSWOW64\XPSSHHDR.dll
2020-07-30 14:43:35 ----A---- C:\WINDOWS\SYSWOW64\XpsFilt.dll
2020-07-30 14:43:35 ----A---- C:\WINDOWS\system32\XPSSHHDR.dll
2020-07-30 14:43:35 ----A---- C:\WINDOWS\system32\XpsFilt.dll
2020-07-30 14:39:45 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2020-07-30 14:39:45 ----D---- C:\WINDOWS\SYSWOW64\BestPractices
2020-07-30 14:39:45 ----D---- C:\WINDOWS\system32\msmq
2020-07-30 14:39:44 ----D---- C:\WINDOWS\system32\BestPractices
2020-07-30 14:39:44 ----D---- C:\Program Files\Reference Assemblies
2020-07-30 14:39:44 ----D---- C:\Program Files\MSBuild
2020-07-30 14:39:44 ----D---- C:\Program Files (x86)\Reference Assemblies
2020-07-30 14:39:44 ----D---- C:\Program Files (x86)\MSBuild
2020-07-30 14:39:44 ----D---- C:\inetpub
2020-07-30 14:39:31 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2020-07-30 14:39:31 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2020-07-30 14:39:30 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-07-30 14:39:28 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2020-07-30 14:39:28 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2020-07-30 14:39:28 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2020-07-30 14:39:15 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2020-07-30 14:39:15 ----A---- C:\WINDOWS\system32\poqexec.exe
2020-07-30 14:06:09 ----D---- C:\ProgramData\Microsoft OneDrive
2020-07-30 14:04:01 ----SHD---- C:\Recovery
2020-07-30 13:58:25 ----ASH---- C:\hiberfil.sys
2020-07-30 13:57:31 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2020-07-30 13:56:46 ----SD---- C:\Users\kouba\AppData\Roaming\Microsoft
2020-07-30 13:56:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-30 13:55:15 ----D---- C:\WINDOWS\system32\SleepStudy
2020-07-30 13:55:15 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2020-07-30 13:55:13 ----D---- C:\WINDOWS\Prefetch
2020-07-30 09:30:38 ----DC---- C:\WINDOWS\Panther
2020-07-30 09:18:44 ----HD---- C:\$WinREAgent
2020-07-14 14:27:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2020-07-13 14:38:40 ----D---- C:\ProgramData\Ubisoft
2020-07-10 14:02:54 ----D---- C:\Program Files (x86)\Mozilla Firefox

[kubi04]

======List of files/folders modified in the last 1 month======

2020-08-06 13:48:35 ----D---- C:\Program Files\trend micro
2020-08-06 13:43:59 ----D---- C:\WINDOWS\Temp
2020-08-06 13:29:38 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-08-06 13:22:07 ----D---- C:\WINDOWS\System32
2020-08-06 13:22:07 ----D---- C:\WINDOWS\INF
2020-08-06 13:22:02 ----HD---- C:\Program Files\WindowsApps
2020-08-06 13:16:38 ----D---- C:\ProgramData\NVIDIA
2020-08-06 13:14:36 ----AD---- C:\Program Files (x86)\TeamViewer
2020-08-06 13:14:07 ----D---- C:\WINDOWS\system32\sru
2020-08-06 13:04:50 ----D---- C:\WINDOWS\system32\Tasks
2020-08-06 12:27:34 ----D---- C:\Users\kouba\AppData\Roaming\vlc
2020-08-05 21:12:50 ----D---- C:\Users\kouba\AppData\Roaming\SolSuite
2020-08-05 16:42:41 ----RD---- C:\WINDOWS\Microsoft.NET
2020-08-05 11:22:52 ----D---- C:\WINDOWS\AppReadiness
2020-08-04 17:47:39 ----D---- C:\Users\kouba\AppData\Roaming\RenPy
2020-08-02 14:47:56 ----SHD---- C:\System Volume Information
2020-08-02 14:47:50 ----D---- C:\WINDOWS\system32\restore
2020-08-02 14:47:50 ----D---- C:\WINDOWS\Logs
2020-08-02 09:58:59 ----A---- C:\WINDOWS\GPU-Z.INI
2020-08-02 09:44:49 ----D---- C:\WINDOWS\system32\LogFiles
2020-08-01 21:31:40 ----D---- C:\WINDOWS\system32\drivers
2020-08-01 21:31:33 ----D---- C:\Windows
2020-08-01 21:31:20 ----D---- C:\WINDOWS\system32\catroot2
2020-08-01 21:30:17 ----D---- C:\WINDOWS\system32\DriverStore
2020-08-01 21:30:15 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2020-08-01 21:30:13 ----D---- C:\ProgramData\NVIDIA Corporation
2020-08-01 21:30:10 ----D---- C:\WINDOWS\SysWOW64
2020-08-01 21:29:13 ----D---- C:\Program Files\NVIDIA Corporation
2020-08-01 21:23:03 ----D---- C:\ProgramData\Packages
2020-08-01 21:22:41 ----HD---- C:\ProgramData
2020-08-01 21:16:53 ----D---- C:\WINDOWS\system32\config
2020-08-01 21:03:17 ----D---- C:\WINDOWS\WinSxS
2020-08-01 20:56:15 ----D---- C:\WINDOWS\CbsTemp
2020-07-31 14:12:25 ----RD---- C:\WINDOWS\assembly
2020-07-31 08:58:04 ----D---- C:\Program Files (x86)\ASUS
2020-07-31 08:58:01 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2020-07-31 08:57:57 ----D---- C:\ProgramData\ASUS
2020-07-31 08:54:16 ----D---- C:\WINDOWS\appcompat
2020-07-31 08:46:01 ----D---- C:\WINDOWS\LiveKernelReports
2020-07-30 17:59:17 ----D---- C:\WINDOWS\system32\WDI
2020-07-30 14:54:54 ----SD---- C:\WINDOWS\SYSWOW64\F12
2020-07-30 14:54:54 ----RSD---- C:\WINDOWS\Fonts
2020-07-30 14:54:54 ----D---- C:\WINDOWS\twain_32
2020-07-30 14:54:54 ----D---- C:\WINDOWS\SYSWOW64\migration
2020-07-30 14:54:54 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2020-07-30 14:54:54 ----D---- C:\WINDOWS\SYSWOW64\IME
2020-07-30 14:54:54 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-07-30 14:54:54 ----D---- C:\WINDOWS\SYSWOW64\drivers
2020-07-30 14:54:54 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-07-30 14:54:54 ----D---- C:\WINDOWS\system32\WinBioDatabase
2020-07-30 14:54:54 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2020-07-30 14:54:54 ----D---- C:\WINDOWS\system32\drivers\etc
2020-07-30 14:54:53 ----SD---- C:\WINDOWS\system32\F12
2020-07-30 14:54:53 ----HDC---- C:\WINDOWS\Installer
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\zh-HK
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\SPReview
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\spool
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\NDF
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\migration
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\Macromed
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\IME
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\EventProviders
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\en-US
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2020-07-30 14:54:53 ----D---- C:\WINDOWS\system32\cs-CZ
2020-07-30 14:54:53 ----D---- C:\WINDOWS\schemas
2020-07-30 14:54:53 ----D---- C:\WINDOWS\ShellNew
2020-07-30 14:54:53 ----D---- C:\WINDOWS\ShellExperiences
2020-07-30 14:54:53 ----D---- C:\WINDOWS\ServiceState
2020-07-30 14:54:52 ----SHD---- C:\Program Files\Windows Sidebar
2020-07-30 14:54:52 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2020-07-30 14:54:52 ----RD---- C:\Program Files (x86)
2020-07-30 14:54:52 ----RD---- C:\Program Files
2020-07-30 14:54:52 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2020-07-30 14:54:52 ----D---- C:\WINDOWS\system32\MsDtc
2020-07-30 14:54:52 ----D---- C:\Program Files\Internet Explorer
2020-07-30 14:54:52 ----D---- C:\Program Files\Common Files\microsoft shared
2020-07-30 14:54:52 ----D---- C:\Program Files\Common Files
2020-07-30 14:54:52 ----D---- C:\Program Files (x86)\Microsoft.NET
2020-07-30 14:54:52 ----D---- C:\Program Files (x86)\Common Files
2020-07-30 14:54:52 ----AD---- C:\Program Files\UNP
2020-07-30 14:54:52 ----AD---- C:\Program Files\Intel
2020-07-30 14:54:45 ----D---- C:\WINDOWS\Setup
2020-07-30 14:53:07 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2020-07-30 14:52:56 ----D---- C:\WINDOWS\Resources
2020-07-30 14:52:54 ----D---- C:\WINDOWS\Help
2020-07-30 14:52:54 ----D---- C:\WINDOWS\ehome
2020-07-30 14:52:51 ----D---- C:\Program Files (x86)\Windows Mail
2020-07-30 14:52:50 ----D---- C:\Program Files\Windows Mail
2020-07-30 14:52:50 ----D---- C:\Program Files\Realtek
2020-07-30 14:52:50 ----D---- C:\Program Files\Microsoft Games
2020-07-30 14:52:50 ----D---- C:\Program Files\ASUS
2020-07-30 14:50:41 ----SD---- C:\WINDOWS\system32\UNP
2020-07-30 14:50:41 ----SD---- C:\WINDOWS\system32\DiagSvcs
2020-07-30 14:50:41 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2020-07-30 14:50:41 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2020-07-30 14:50:41 ----D---- C:\WINDOWS\SYSWOW64\wbem
2020-07-30 14:50:41 ----D---- C:\WINDOWS\SYSWOW64\oobe
2020-07-30 14:50:41 ----D---- C:\WINDOWS\SYSWOW64\Dism
2020-07-30 14:50:41 ----D---- C:\WINDOWS\SYSWOW64\Com
2020-07-30 14:50:41 ----D---- C:\WINDOWS\SYSWOW64\AdvancedInstallers
2020-07-30 14:50:41 ----D---- C:\WINDOWS\SystemResources
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\WinMetadata
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\ShellExperiences
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\PerceptionSimulation
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\migwiz
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\ja-jp
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\inetsrv
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\fr-FR
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\fr-CA
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\Dism
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\de-DE
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\Com
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\Boot
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\appraiser
2020-07-30 14:50:41 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2020-07-30 14:50:41 ----D---- C:\WINDOWS\ShellComponents
2020-07-30 14:50:41 ----D---- C:\WINDOWS\servicing
2020-07-30 14:50:41 ----D---- C:\WINDOWS\DiagTrack
2020-07-30 14:50:41 ----D---- C:\WINDOWS\bcastdvr
2020-07-30 14:50:41 ----D---- C:\WINDOWS\apppatch
2020-07-30 14:50:41 ----D---- C:\Program Files\Windows Photo Viewer
2020-07-30 14:50:41 ----D---- C:\Program Files\Windows Media Player
2020-07-30 14:50:41 ----D---- C:\Program Files\Common Files\System
2020-07-30 14:50:41 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2020-07-30 14:50:41 ----D---- C:\Program Files (x86)\Windows Media Player
2020-07-30 14:45:03 ----D---- C:\WINDOWS\OCR
2020-07-30 14:44:02 ----D---- C:\WINDOWS\en-US
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\fr-CA
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\es-MX
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2020-07-30 14:43:38 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\zh-TW
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\zh-CN
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\uk-UA
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\tr-TR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\th-TH
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\sv-SE
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\sl-SI
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\sk-SK
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\ru-RU
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\ro-RO
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\pt-PT
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\pt-BR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\pl-PL
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\nl-NL
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\nb-NO
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\lv-LV
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\lt-LT
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\ko-KR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\it-IT
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\hu-HU
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\hr-HR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\he-IL
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\fi-FI
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\et-EE
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\es-MX
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\es-ES
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\en-GB
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\el-GR
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\da-DK
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\bg-BG
2020-07-30 14:43:38 ----D---- C:\WINDOWS\system32\ar-SA
2020-07-30 14:43:19 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2020-07-30 14:43:19 ----D---- C:\WINDOWS\SYSWOW64\winrm
2020-07-30 14:43:19 ----D---- C:\WINDOWS\SYSWOW64\WCN
2020-07-30 14:43:19 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2020-07-30 14:43:19 ----D---- C:\WINDOWS\SYSWOW64\Printing_Admin_Scripts
2020-07-30 14:43:19 ----D---- C:\WINDOWS\SYSWOW64\en
2020-07-30 14:43:19 ----D---- C:\WINDOWS\SYSWOW64\drivers\en-US
2020-07-30 14:43:19 ----D---- C:\WINDOWS\system32\winrm
2020-07-30 14:43:19 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2020-07-30 14:43:19 ----D---- C:\WINDOWS\system32\WCN
2020-07-30 14:43:19 ----D---- C:\WINDOWS\system32\slmgr
2020-07-30 14:43:19 ----D---- C:\WINDOWS\system32\Printing_Admin_Scripts
2020-07-30 14:43:18 ----D---- C:\WINDOWS\system32\en
2020-07-30 14:43:18 ----D---- C:\WINDOWS\system32\drivers\en-US
2020-07-30 14:43:18 ----D---- C:\Program Files\Windows Defender
2020-07-30 14:43:18 ----D---- C:\Program Files (x86)\Windows Defender
2020-07-30 14:39:45 ----D---- C:\WINDOWS\SYSWOW64\MUI
2020-07-30 14:39:45 ----D---- C:\WINDOWS\system32\MUI
2020-07-30 14:24:02 ----SD---- C:\ProgramData\Microsoft
2020-07-30 14:18:48 ----RD---- C:\WINDOWS\PrintDialog
2020-07-30 14:04:53 ----D---- C:\ProgramData\USOPrivate
2020-07-30 14:04:09 ----D---- C:\WINDOWS\SoftwareDistribution
2020-07-30 14:04:06 ----D---- C:\WINDOWS\system32\oobe
2020-07-30 14:04:03 ----D---- C:\WINDOWS\Registration
2020-07-30 14:04:01 ----D---- C:\Program Files\Windows NT
2020-07-30 14:03:50 ----D---- C:\WINDOWS\Tasks
2020-07-30 14:00:37 ----D---- C:\WINDOWS\system32\wbem
2020-07-30 14:00:25 ----RSD---- C:\WINDOWS\Media
2020-07-30 13:56:46 ----RD---- C:\Users
2020-07-30 13:56:31 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2020-07-30 13:55:55 ----D---- C:\WINDOWS\system32\DAX2
2020-07-30 13:55:52 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2020-07-30 13:55:44 ----D---- C:\WINDOWS\system32\drivers\UMDF
2020-07-30 13:55:26 ----D---- C:\WINDOWS\system32\Recovery
2020-07-30 13:55:15 ----D---- C:\WINDOWS\debug
2020-07-29 20:42:55 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-24 16:24:54 ----D---- C:\Users\kouba\AppData\Roaming\FAHClient
2020-07-18 07:35:52 ----D---- C:\Users\kouba\AppData\Roaming\Skype
2020-07-17 22:08:48 ----D---- C:\ProgramData\Origin
2020-07-17 22:08:45 ----D---- C:\Users\kouba\AppData\Roaming\Origin
2020-07-17 22:06:44 ----AD---- C:\Program Files (x86)\Origin
2020-07-12 10:29:29 ----D---- C:\Users\kouba\AppData\Roaming\Urban Voyeur - Gold Version

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2020-07-08 106640]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-12-07 57360]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-12-07 41984]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2014-01-28 15232]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2019-12-07 91136]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2020-07-08 159528]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2020-07-08 195456]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2020-07-08 79536]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2020-07-08 116488]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-07-30 143160]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-07-30 491520]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2020-07-08 53064]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-12-07 53248]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2019-12-07 184320]
R3 e1i65x64;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\System32\drivers\e1i65x64.sys [2019-12-07 553984]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-08-12 4504320]
R3 MEIx64;@oem62.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2019-12-07 322600]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2020-07-08 222112]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\nvlddmkm.sys [2020-07-07 24682384]
R3 NvModuleTracker;@oem28.inf,%ServiceName%;NvModuleTracker; C:\WINDOWS\System32\drivers\NvModuleTracker.sys [2020-03-04 50592]
R3 nvvad_WaveExtensible;@oem16.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2020-03-06 69840]
R3 nvvhci;@oem37.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2020-03-11 67456]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2019-06-05 15800]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-12-07 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-12-07 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-12-07 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-12-07 45568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-12-07 1548288]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-12-07 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-07-30 95032]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-12-07 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-12-07 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw64e.sys [2014-01-08 34568]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-12-07 206336]
S3 PcaSp60;@oem65.inf,%PCASP60_Desc%;Rawether NDIS 6.X SPR Protocol Driver; C:\WINDOWS\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-12-07 104456]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [2018-01-05 382424]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [2017-12-05 1340376]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
R2 CDPUserSvc_4edc2;CDPUserSvc_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2020-07-31 2371760]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2019-12-07 26112]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2020-05-07 874472]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edab19158bdd0d0a\Display.NvContainer\NVDisplay.Container.exe [2020-07-07 883096]
R2 OneSyncSvc_4edc2;OneSyncSvc_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
R3 AarSvc_4edc2;AarSvc_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
R3 cbdhsvc_4edc2;cbdhsvc_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
R3 PimIndexMaintenanceSvc_4edc2;PimIndexMaintenanceSvc_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-07-14 335416]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-05 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-08 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-12-07 139256]
S2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-12-07 139256]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-12-07 139256]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-12-07 55664]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 BcastDVRUserService_4edc2;BcastDVRUserService_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 BluetoothUserService_4edc2;BluetoothUserService_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 CaptureService_4edc2;CaptureService_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 ConsentUxUserSvc_4edc2;ConsentUxUserSvc_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-07-30 380632]
S3 CredentialEnrollmentManagerUserSvc_4edc2;CredentialEnrollmentManagerUserSvc_4edc2; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-07-30 380632]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 DeviceAssociationBrokerSvc_4edc2;DeviceAssociationBrokerSvc_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 DevicePickerUserSvc_4edc2;DevicePickerUserSvc_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 DevicesFlowUserSvc_4edc2;DevicesFlowUserSvc_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-07-30 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-05 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S3 GalaxyClientService;GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [2020-07-31 1677384]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2020-02-29 6821960]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.105\elevation_service.exe [2020-07-24 1309680]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-08 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 MessagingService_4edc2;MessagingService_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.52\elevation_service.exe [2020-08-01 1579920]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-07-29 244432]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2020-07-17 3460912]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2020-07-30 105984]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 PrintWorkflowUserSvc_4edc2;PrintWorkflowUserSvc_4edc2; C:\WINDOWS\system32\svchost.exe [2019-12-07 57368]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-12-07 57368]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2020-03-11 1314448]
S4 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
S4 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
S4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S4 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2014-02-05 259848]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-20 154584]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-20 398296]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2020-07-17 2509616]
S4 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-11-15 76152]

-----------------EOF-----------------

[Conder]

Ahoj

Logy z RSIT su v pripade Windows 10 nepouzitelne. Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

[kubi04]

Sorry, my bad,
nějak jsem přehlédl to "není dostačující" pro 10tky.
logy v příloze, díky

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Windows\SysWOW64\ASGT.exe
  ExportKey: HKLM\System\CurrentControlSet\Services\LMS
  ExportKey: HKLM\System\CurrentControlSet\Services\Stereo Service
  
  Task: {01697F1B-5064-452A-8D82-66319FBED408} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
  Task: {01858722-2094-4FBD-B276-CEE795DD70B7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {1A67389A-CB80-4A86-B1F4-D3D72C4209A5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
  Task: {1D005D56-FA4F-4F3D-ACE7-F7E52AC0DA21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  Task: {1EAA3180-389F-457B-B250-C75A429C90D8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {20FBAF86-FC8E-4B56-B1AC-D146CE2AA492} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {23D9B5B6-F6E7-43E2-A2A2-312E75463EDE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
  Task: {2893C46B-CAAD-4C92-8F8F-9024AEEC44F0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
  Task: {2AE4281F-CA9F-496C-8B7E-C65E7FCFD832} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
  Task: {3DC2BD6E-9873-4126-8AA1-9E50427BCB8A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {44AE1378-898E-4244-9E18-335D6492672C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
  Task: {4A5125F7-B4B1-44BB-8CEA-B1FAB2BB2526} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
  Task: {4ABBD818-DC76-47C4-8F65-05C3115D2543} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {642970EB-DC8E-40F9-87F5-FFE58869D208} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {7A462450-9651-41D7-BC74-87AEF4BEAFA5} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
  Task: {7C1F0E17-8E9C-44A6-96E6-8320238B8D95} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
  Task: {87F11997-EF8F-4DA9-8D22-30173A439717} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
  Task: {8E5D62B1-A17E-4A6D-9CD9-97B00B5D6947} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
  Task: {A72C8A21-ECAF-4526-8B83-850C37F08BAF} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
  Task: {AC956807-7AFF-402C-A8F4-80AACF422D48} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {BDDB787F-DF85-4205-9801-03002A10B269} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {C71F10EC-4E79-4791-B3DC-0613AD9D8A64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
  Task: {C7299DA5-26F1-40D7-B9D9-D967A1EEBAA7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
  Task: {CA155BAE-1469-44CA-92F9-28CA4057C57C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {D2232254-C72E-4816-9C40-0F70BDAADB07} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
  Task: {D53566DE-F77E-40C1-8C16-9532EEFBDB90} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {D8EB797A-8867-40E7-B4BF-E1F501105E32} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
  Task: {D9B0FC30-18CB-4BBD-9417-385561324EDC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {DDCDBD08-5A38-4DC9-A845-5E949A05DACF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
  Task: {E3501A52-961B-45F7-9451-540975384D59} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
  Task: {E5C74E69-7229-4B4E-9A63-3C63E01ADE83} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {EA8B2B4B-71E1-4499-85BE-D46FFB0F5317} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {EC87E606-FBDB-40E4-B103-A2E595CB5F99} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
  Task: {F44D7B65-FB29-4C64-8289-0CFF314C2582} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
  Task: {F54BE5C9-39AE-42B8-BB30-3A989886A923} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
  U3 idsvc; no ImagePath
  2020-08-06 13:48 - 2020-08-06 13:48 - 000000000 ____D C:\rsit
  2020-08-06 13:41 - 2020-08-06 13:41 - 001222144 _____ C:\Users\kouba\Desktop\RSITx64(1).exe
  2020-08-06 13:48 - 2015-02-18 11:38 - 000000000 ____D C:\Program Files\trend micro
  ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
  ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
  ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
  ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
  ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
  ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
  ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
  ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
  ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
  ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> [CC]{4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
  ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
  ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
  ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
  ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
  ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
  ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
  HKU\S-1-5-21-1384008443-1613463805-864836974-1000\...\StartupApproved\Run: => "Uninstall C:\Users\kouba\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[kubi04]

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-08-2020
Ran by kouba (10-08-2020 10:24:57) Run:1
Running from C:\Users\kouba\Desktop
Loaded Profiles: kouba
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\SysWOW64\ASGT.exe
ExportKey: HKLM\System\CurrentControlSet\Services\LMS
ExportKey: HKLM\System\CurrentControlSet\Services\Stereo Service

Task: {01697F1B-5064-452A-8D82-66319FBED408} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {01858722-2094-4FBD-B276-CEE795DD70B7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1A67389A-CB80-4A86-B1F4-D3D72C4209A5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D005D56-FA4F-4F3D-ACE7-F7E52AC0DA21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1EAA3180-389F-457B-B250-C75A429C90D8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {20FBAF86-FC8E-4B56-B1AC-D146CE2AA492} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {23D9B5B6-F6E7-43E2-A2A2-312E75463EDE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2893C46B-CAAD-4C92-8F8F-9024AEEC44F0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2AE4281F-CA9F-496C-8B7E-C65E7FCFD832} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3DC2BD6E-9873-4126-8AA1-9E50427BCB8A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {44AE1378-898E-4244-9E18-335D6492672C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {4A5125F7-B4B1-44BB-8CEA-B1FAB2BB2526} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4ABBD818-DC76-47C4-8F65-05C3115D2543} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {642970EB-DC8E-40F9-87F5-FFE58869D208} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A462450-9651-41D7-BC74-87AEF4BEAFA5} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {7C1F0E17-8E9C-44A6-96E6-8320238B8D95} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {87F11997-EF8F-4DA9-8D22-30173A439717} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8E5D62B1-A17E-4A6D-9CD9-97B00B5D6947} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A72C8A21-ECAF-4526-8B83-850C37F08BAF} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AC956807-7AFF-402C-A8F4-80AACF422D48} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDDB787F-DF85-4205-9801-03002A10B269} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C71F10EC-4E79-4791-B3DC-0613AD9D8A64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C7299DA5-26F1-40D7-B9D9-D967A1EEBAA7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CA155BAE-1469-44CA-92F9-28CA4057C57C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2232254-C72E-4816-9C40-0F70BDAADB07} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D53566DE-F77E-40C1-8C16-9532EEFBDB90} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8EB797A-8867-40E7-B4BF-E1F501105E32} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D9B0FC30-18CB-4BBD-9417-385561324EDC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DDCDBD08-5A38-4DC9-A845-5E949A05DACF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E3501A52-961B-45F7-9451-540975384D59} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E5C74E69-7229-4B4E-9A63-3C63E01ADE83} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EA8B2B4B-71E1-4499-85BE-D46FFB0F5317} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EC87E606-FBDB-40E4-B103-A2E595CB5F99} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F44D7B65-FB29-4C64-8289-0CFF314C2582} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F54BE5C9-39AE-42B8-BB30-3A989886A923} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
U3 idsvc; no ImagePath
2020-08-06 13:48 - 2020-08-06 13:48 - 000000000 ____D C:\rsit
2020-08-06 13:41 - 2020-08-06 13:41 - 001222144 _____ C:\Users\kouba\Desktop\RSITx64(1).exe
2020-08-06 13:48 - 2015-02-18 11:38 - 000000000 ____D C:\Program Files\trend micro
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> [CC]{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKU\S-1-5-21-1384008443-1613463805-864836974-1000\...\StartupApproved\Run: => "Uninstall C:\Users\kouba\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 74
Average :
Sum : 27500006
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Windows\SysWOW64\ASGT.exe ========================

C:\Windows\SysWOW64\ASGT.exe
File not signed
MD5: E536856E96A7605EBF580D62A868E5FE
Creation and modification date: 2012-01-17 12:24 - 2012-01-17 12:24
Size: 000055296
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/70d ... 1596281077

====== End of File: ======

================== ExportKey: ===================

[HKLM\System\CurrentControlSet\Services\LMS]
"DisplayName"="Intel(R) Management and Security Application Local Management Service"
"WOW64"="1"
"Description"="Intel(R) Management and Security Application Local Management Service - Provides OS-related Intel(R) ME functionality."
"DelayedAutostart"="1"
"Type"="16"
"Start"="4"
"ErrorControl"="1"
"ImagePath"=""C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe""
"DependOnService"="RPCSS"
"ObjectName"="LocalSystem"

=== End of ExportKey ===
================== ExportKey: ===================

"HKLM\System\CurrentControlSet\Services\Stereo Service" => not found

=== End of ExportKey ===
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01697F1B-5064-452A-8D82-66319FBED408}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01697F1B-5064-452A-8D82-66319FBED408}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01858722-2094-4FBD-B276-CEE795DD70B7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01858722-2094-4FBD-B276-CEE795DD70B7}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A67389A-CB80-4A86-B1F4-D3D72C4209A5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A67389A-CB80-4A86-B1F4-D3D72C4209A5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D005D56-FA4F-4F3D-ACE7-F7E52AC0DA21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D005D56-FA4F-4F3D-ACE7-F7E52AC0DA21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EAA3180-389F-457B-B250-C75A429C90D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EAA3180-389F-457B-B250-C75A429C90D8}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20FBAF86-FC8E-4B56-B1AC-D146CE2AA492}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20FBAF86-FC8E-4B56-B1AC-D146CE2AA492}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23D9B5B6-F6E7-43E2-A2A2-312E75463EDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23D9B5B6-F6E7-43E2-A2A2-312E75463EDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2893C46B-CAAD-4C92-8F8F-9024AEEC44F0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2893C46B-CAAD-4C92-8F8F-9024AEEC44F0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AE4281F-CA9F-496C-8B7E-C65E7FCFD832}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AE4281F-CA9F-496C-8B7E-C65E7FCFD832}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DC2BD6E-9873-4126-8AA1-9E50427BCB8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DC2BD6E-9873-4126-8AA1-9E50427BCB8A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44AE1378-898E-4244-9E18-335D6492672C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44AE1378-898E-4244-9E18-335D6492672C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A5125F7-B4B1-44BB-8CEA-B1FAB2BB2526}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A5125F7-B4B1-44BB-8CEA-B1FAB2BB2526}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4ABBD818-DC76-47C4-8F65-05C3115D2543}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ABBD818-DC76-47C4-8F65-05C3115D2543}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{642970EB-DC8E-40F9-87F5-FFE58869D208}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{642970EB-DC8E-40F9-87F5-FFE58869D208}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A462450-9651-41D7-BC74-87AEF4BEAFA5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A462450-9651-41D7-BC74-87AEF4BEAFA5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C1F0E17-8E9C-44A6-96E6-8320238B8D95}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C1F0E17-8E9C-44A6-96E6-8320238B8D95}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{87F11997-EF8F-4DA9-8D22-30173A439717}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87F11997-EF8F-4DA9-8D22-30173A439717}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E5D62B1-A17E-4A6D-9CD9-97B00B5D6947}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E5D62B1-A17E-4A6D-9CD9-97B00B5D6947}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A72C8A21-ECAF-4526-8B83-850C37F08BAF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A72C8A21-ECAF-4526-8B83-850C37F08BAF}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC956807-7AFF-402C-A8F4-80AACF422D48}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC956807-7AFF-402C-A8F4-80AACF422D48}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BDDB787F-DF85-4205-9801-03002A10B269}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDDB787F-DF85-4205-9801-03002A10B269}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C71F10EC-4E79-4791-B3DC-0613AD9D8A64}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C71F10EC-4E79-4791-B3DC-0613AD9D8A64}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7299DA5-26F1-40D7-B9D9-D967A1EEBAA7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7299DA5-26F1-40D7-B9D9-D967A1EEBAA7}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA155BAE-1469-44CA-92F9-28CA4057C57C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA155BAE-1469-44CA-92F9-28CA4057C57C}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2232254-C72E-4816-9C40-0F70BDAADB07}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2232254-C72E-4816-9C40-0F70BDAADB07}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D53566DE-F77E-40C1-8C16-9532EEFBDB90}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D53566DE-F77E-40C1-8C16-9532EEFBDB90}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D8EB797A-8867-40E7-B4BF-E1F501105E32}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8EB797A-8867-40E7-B4BF-E1F501105E32}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9B0FC30-18CB-4BBD-9417-385561324EDC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9B0FC30-18CB-4BBD-9417-385561324EDC}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDCDBD08-5A38-4DC9-A845-5E949A05DACF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDCDBD08-5A38-4DC9-A845-5E949A05DACF}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3501A52-961B-45F7-9451-540975384D59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3501A52-961B-45F7-9451-540975384D59}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5C74E69-7229-4B4E-9A63-3C63E01ADE83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5C74E69-7229-4B4E-9A63-3C63E01ADE83}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA8B2B4B-71E1-4499-85BE-D46FFB0F5317}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA8B2B4B-71E1-4499-85BE-D46FFB0F5317}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC87E606-FBDB-40E4-B103-A2E595CB5F99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC87E606-FBDB-40E4-B103-A2E595CB5F99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F44D7B65-FB29-4C64-8289-0CFF314C2582}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F44D7B65-FB29-4C64-8289-0CFF314C2582}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F54BE5C9-39AE-42B8-BB30-3A989886A923}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F54BE5C9-39AE-42B8-BB30-3A989886A923}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\StartRecording => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording" => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
C:\rsit => moved successfully
"C:\Users\kouba\Desktop\RSITx64(1).exe" => not found
C:\Program Files\trend micro => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKU\S-1-5-21-1384008443-1613463805-864836974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Uninstall C:\Users\kouba\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" => removed successfully
"HKU\S-1-5-21-1384008443-1613463805-864836974-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Uninstall C:\Users\kouba\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 81497186 B
Java, Flash, Steam htmlcache => 372842938 B
Windows/system/drivers => 47408 B
Edge => 66425 B
Chrome => 30330625 B
Firefox => 1227531254 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 39202 B
Users => 39202 B
ProgramData => 39202 B
Public => 39202 B
systemprofile => 39202 B
systemprofile32 => 39202 B
LocalService => 125160 B
NetworkService => 125160 B
kouba => 71155853 B
DefaultAppPool => 71195055 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:26:23 ====

[Conder]

Spusti kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  DISM.exe /Online /Cleanup-image /Restorehealth

• Po dokonceni skopiruj a spusti druhy prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

• Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC a napis ako sa chova PC

[kubi04]

Zatím dobré,
budu sledovat jak se to bude chovat.
(co jsem tak hledal různě ,na redditu- tam měli podobné problémy a to po té dubnové aktual. w10, nesmyslné zatížení GK procesem csrss.exe-Client Server Runtime Process, tak snad to mrkvosoft pošteluje)

[Conder]

Logy vyzeraju OK co sa tyka malware. Inak ano, mozu sa vyskytnut aj take pripady, ake popisujes, proces csrss.exe je systemova sucast Windowsu.