Strasne pomaly pocitac

[george.clunkers]

Zdravim, posledni dobou je pocitac strasne pomaly. Disk ma skoro porad zatez 100%. Pocitac je nutne spustit 2x. Pri prvnim startu se OS zasekne pri nabihani, az po restartu OS nabehne.

Predem dekuji za pomoc.

Prikladam log:

Logfile of random's system information tool 1.16 (written by random/random)
Run by sabina at 2017-06-03 16:23:39
Microsoft Windows 10 Home
System drive C: has 22 GB (14%) free of 153 GB
Total RAM: 3839 MB (50% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:24:00, on 3.6.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal

Running processes:
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Users\sabina\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\sabina\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
C:\Program Files\trend micro\sabina_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\sabina\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem8.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8024 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\viakaraokesrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\dashost.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Windows\PixArt\Pac207\Monitor.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Users\sabina\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Program Files\Windows Defender\MpCmdRun.exe
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\sabina\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=58.0.3029.110 --initial-client-data=0x1a0,0x1a4,0x1a8,0x19c,0x1ac,0x7fff133c2968,0x7fff133c2980,0x7fff133c2990
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1208 --on-initialized-event-handle=560 --parent-handle=564 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1392 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,19,20,23,26,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x9710 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.9001 --gpu-driver-date=1-13-2015 --service-request-channel-token=D3233A854BF77FE82793DB91BF55FA6E --mojo-platform-channel-handle=1404 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1392 --primordial-pipe-token=15766095EEE04A1E177B3D0CF2490A8A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=15766095EEE04A1E177B3D0CF2490A8A --renderer-client-id=6 --mojo-platform-channel-handle=2508 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1392 --primordial-pipe-token=8C4BA04014B5DAC47EE6B0C7C768F87A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=8C4BA04014B5DAC47EE6B0C7C768F87A --renderer-client-id=8 --mojo-platform-channel-handle=5536 /prefetch:1
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
"C:\WINDOWS\system32\wuauclt.exe" /RunHandlerComServer
C:\WINDOWS\system32\MpSigStub.exe /stub 1.1.13850.0 /payload 1.1.13804.0 /MpWUStub /program C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Engine_Patch_1.1.13704.0.exe
"C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta.exe" WD /q
C:\WINDOWS\system32\AUDIODG.EXE 0x304
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1392 --primordial-pipe-token=93B3E393C19C457155B200795195EDC7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=93B3E393C19C457155B200795195EDC7 --renderer-client-id=15 --mojo-platform-channel-handle=5932 /prefetch:1
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8107.7600.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
C:\WINDOWS\system32\compattelrunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ZwcSBO1N7kOvpr/K.1
C:\Users\sabina\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1392 --primordial-pipe-token=75F4795D3EDFFE244C2F9C3D6D80F580 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=75F4795D3EDFFE244C2F9C3D6D80F580 --renderer-client-id=16 --mojo-platform-channel-handle=4844 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe" -background
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 640 644 652 8192 648
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe"
"C:\Program Files\Internet Explorer\IELowutil.exe" -PID:123
C:\WINDOWS\system32\BackgroundTransferHost.exe
"C:\log\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\sabina\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{0FBAC410-C0CD-42CB-B32C-5E33149EF656} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-1620619216-4200928751-919724808-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask - %SystemRoot%\System32\GWX\GWXUXWorker.exe /UpgradeNow
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan - C:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task

=========Google Chrome=========

C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5817.313.0.5
Homepage:
default_search_provider.search_url:
C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-04-28 631808]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-01-19 176440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\sabina\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-04-26 1518808]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-03-14 27545048]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-06-03 16:23:40 ----D---- C:\Program Files\trend micro
2017-06-03 16:23:39 ----D---- C:\rsit
2017-06-03 16:22:20 ----D---- C:\log
2017-05-11 20:13:56 ----SHD---- C:\Config.Msi
2017-05-11 19:59:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 19:59:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-05-11 19:59:55 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-05-11 19:59:54 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2017-05-11 19:59:54 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-05-11 19:59:53 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-05-11 19:59:52 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-05-11 19:59:52 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2017-05-11 19:59:51 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2017-05-11 19:59:51 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-05-11 19:59:51 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2017-05-11 19:59:50 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-05-11 19:59:50 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-05-11 19:59:50 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2017-05-11 19:59:49 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2017-05-11 19:59:49 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-05-11 19:59:49 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2017-05-11 19:59:49 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-05-11 19:59:49 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-05-11 19:59:48 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2017-05-11 19:59:48 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-05-11 19:59:48 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-05-11 19:59:48 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-05-11 19:59:48 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-05-11 19:59:47 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2017-05-11 19:59:47 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-05-11 19:59:47 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2017-05-11 19:59:47 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2017-05-11 19:59:47 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2017-05-11 19:59:46 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-05-11 19:59:46 ----A---- C:\WINDOWS\SYSWOW64\wsp_sr.dll
2017-05-11 19:59:46 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2017-05-11 19:59:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-05-11 19:59:46 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-05-11 19:59:45 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-05-11 19:59:45 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2017-05-11 19:59:45 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-05-11 19:59:45 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-05-11 19:59:45 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2017-05-11 19:59:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2017-05-11 19:59:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-05-11 19:59:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2017-05-11 19:59:44 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2017-05-11 19:59:44 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-05-11 19:59:44 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2017-05-11 19:59:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Perception.dll
2017-05-11 19:59:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2017-05-11 19:59:43 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-05-11 19:59:43 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-05-11 19:59:43 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-05-11 19:59:43 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2017-05-11 19:59:42 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2017-05-11 19:59:42 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2017-05-11 19:59:42 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2017-05-11 19:59:42 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-05-11 19:59:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2017-05-11 19:59:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-05-11 19:59:41 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2017-05-11 19:59:41 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-05-11 19:59:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2017-05-11 19:59:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2017-05-11 19:59:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2017-05-11 19:59:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2017-05-11 19:59:40 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-05-11 19:59:40 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-05-11 19:59:40 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2017-05-11 19:59:40 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2017-05-11 19:59:40 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-05-11 19:59:39 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2017-05-11 19:59:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2017-05-11 19:59:39 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-05-11 19:59:39 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-05-11 19:59:39 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2017-05-11 19:59:39 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-05-11 19:59:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2017-05-11 19:59:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-05-11 19:59:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2017-05-11 19:59:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SerialCommunication.dll
2017-05-11 19:59:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2017-05-11 19:59:38 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-05-11 19:59:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-05-11 19:59:37 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiver.dll
2017-05-11 19:59:37 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-05-11 19:59:37 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2017-05-11 19:59:37 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2017-05-11 19:59:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2017-05-11 19:59:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Usb.dll
2017-05-11 19:59:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.AllJoyn.dll
2017-05-11 19:59:36 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-05-11 19:59:36 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll
2017-05-11 19:59:36 ----A---- C:\WINDOWS\system32\drivers\scmbus.sys
2017-05-11 19:59:35 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2017-05-11 19:59:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-05-11 19:59:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2017-05-11 19:59:35 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2017-05-11 19:59:35 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2017-05-11 19:59:35 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2017-05-11 19:59:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2017-05-11 19:59:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.PointOfService.dll
2017-05-11 19:59:34 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-05-11 19:59:34 ----A---- C:\WINDOWS\SYSWOW64\mbsmsapi.dll
2017-05-11 19:59:34 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-05-11 19:59:34 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-05-11 19:59:34 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-05-11 19:59:34 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2017-05-11 19:59:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2017-05-11 19:59:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2017-05-11 19:59:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2017-05-11 19:59:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2017-05-11 19:59:33 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2017-05-11 19:59:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 19:59:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFiDirect.dll
2017-05-11 19:59:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.dll
2017-05-11 19:59:32 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2017-05-11 19:59:32 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2017-05-11 19:59:32 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2017-05-11 19:59:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2017-05-11 19:59:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.LowLevel.dll
2017-05-11 19:59:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-11 19:59:31 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2017-05-11 19:59:31 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2017-05-11 19:59:31 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2017-05-11 19:59:31 ----A---- C:\WINDOWS\SYSWOW64\adsnt.dll
2017-05-11 19:59:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-05-11 19:59:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2017-05-11 19:59:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 19:59:30 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-05-11 19:59:30 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2017-05-11 19:59:30 ----A---- C:\WINDOWS\SYSWOW64\dialclient.dll
2017-05-11 19:59:29 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2017-05-11 19:59:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2017-05-11 19:59:29 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2017-05-11 19:59:29 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-05-11 19:59:29 ----A---- C:\WINDOWS\SYSWOW64\CryptoWinRT.dll
2017-05-11 19:59:28 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2017-05-11 19:59:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Ocr.dll
2017-05-11 19:59:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2017-05-11 19:59:28 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-05-11 19:59:28 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2017-05-11 19:59:28 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2017-05-11 19:59:28 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-05-11 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\WinRtTracing.dll
2017-05-11 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.InkControls.dll
2017-05-11 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2017-05-11 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2017-05-11 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Radios.dll
2017-05-11 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2017-05-11 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2017-05-11 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2017-05-11 19:59:27 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2017-05-11 19:59:26 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2017-05-11 19:59:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.UserDeviceAssociation.dll
2017-05-11 19:59:26 ----A---- C:\WINDOWS\SYSWOW64\setupugc.exe
2017-05-11 19:59:26 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2017-05-11 19:59:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2017-05-11 19:59:25 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2017-05-11 19:59:25 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2017-05-11 19:59:25 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2017-05-11 19:59:25 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-05-11 19:59:25 ----A---- C:\WINDOWS\SYSWOW64\DeviceFlows.DataModel.dll
2017-05-11 19:59:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-11 19:59:24 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2017-05-11 19:59:24 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2017-05-11 19:59:24 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2017-05-11 19:59:24 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2017-05-11 19:59:23 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-05-11 19:59:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-11 19:59:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-05-11 19:59:23 ----A---- C:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2017-05-11 19:59:23 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2017-05-11 19:59:22 ----A---- C:\WINDOWS\SYSWOW64\WwaApi.dll
2017-05-11 19:59:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 19:59:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll
2017-05-11 19:59:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2017-05-11 19:59:22 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-05-11 19:59:22 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-05-11 19:59:22 ----A---- C:\WINDOWS\SYSWOW64\RADCUI.dll
2017-05-11 19:59:22 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2017-05-11 19:59:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-05-11 19:59:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.SystemManagement.dll
2017-05-11 19:59:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2017-05-11 19:59:21 ----A---- C:\WINDOWS\SYSWOW64\PrintDialogs.dll
2017-05-11 19:59:21 ----A---- C:\WINDOWS\SYSWOW64\ipsmsnap.dll
2017-05-11 19:59:21 ----A---- C:\WINDOWS\SYSWOW64\ipsecsnp.dll
2017-05-11 19:59:21 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2017-05-11 19:59:21 ----A---- C:\WINDOWS\SYSWOW64\apds.dll
2017-05-11 19:59:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll
2017-05-11 19:59:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-11 19:59:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Core.dll
2017-05-11 19:59:20 ----A---- C:\WINDOWS\SYSWOW64\ReInfo.dll
2017-05-11 19:59:20 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2017-05-11 19:59:20 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-05-11 19:59:20 ----A---- C:\WINDOWS\SYSWOW64\imapi2.dll
2017-05-11 19:59:20 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2017-05-11 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2017-05-11 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Energy.dll
2017-05-11 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\vaultcli.dll
2017-05-11 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2017-05-11 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2017-05-11 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\sbe.dll
2017-05-11 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2017-05-11 19:59:19 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll
2017-05-11 19:59:19 ----A---- C:\WINDOWS\system32\drivers\BasicDisplay.sys
2017-05-11 19:59:18 ----A---- C:\WINDOWS\SYSWOW64\XblAuthTokenBrokerExt.dll
2017-05-11 19:59:18 ----A---- C:\WINDOWS\SYSWOW64\XblAuthManagerProxy.dll
2017-05-11 19:59:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-05-11 19:59:18 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2017-05-11 19:59:18 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-05-11 19:59:18 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2017-05-11 19:59:18 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-05-11 19:59:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.HostName.dll
2017-05-11 19:59:17 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2017-05-11 19:59:17 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2017-05-11 19:59:17 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2017-05-11 19:59:17 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-05-11 19:59:17 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-05-11 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Diagnostics.dll
2017-05-11 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\PlayToReceiver.dll
2017-05-11 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-05-11 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-05-11 19:59:16 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-05-11 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.FaceAnalysis.dll
2017-05-11 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2017-05-11 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-05-11 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-05-11 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2017-05-11 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-05-11 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\CameraCaptureUI.dll
2017-05-11 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\BthTelemetry.dll
2017-05-11 19:59:15 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2017-05-11 19:59:14 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2017-05-11 19:59:14 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-05-11 19:59:10 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-05-11 19:59:08 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-05-11 19:59:08 ----A---- C:\WINDOWS\system32\usocore.dll
2017-05-11 19:59:08 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-05-11 19:59:07 ----A---- C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-11 19:59:07 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-05-11 19:59:06 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-05-11 19:59:06 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-05-11 19:59:04 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-05-11 19:59:02 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-11 19:58:59 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-05-11 19:58:56 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2017-05-11 19:58:56 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-11 19:58:55 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-11 19:58:54 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-05-11 19:58:54 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-11 19:58:54 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2017-05-11 19:58:53 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2017-05-11 19:58:53 ----A---- C:\WINDOWS\system32\WinRtTracing.dll
2017-05-11 19:58:53 ----A---- C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-11 19:58:53 ----A---- C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-11 19:58:53 ----A---- C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 19:58:53 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-11 19:58:52 ----A---- C:\WINDOWS\system32\WwaApi.dll
2017-05-11 19:58:52 ----A---- C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-05-11 19:58:52 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-11 19:58:52 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-05-11 19:58:51 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 19:58:49 ----A---- C:\WINDOWS\system32\shell32.dll
2017-05-11 19:58:48 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-05-11 19:58:47 ----A---- C:\WINDOWS\system32\mos.dll
2017-05-11 19:58:46 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2017-05-11 19:58:46 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-11 19:58:45 ----A---- C:\WINDOWS\system32\wmp.dll
2017-05-11 19:58:44 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-05-11 19:58:44 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-05-11 19:58:43 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2017-05-11 19:58:43 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-11 19:58:43 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-11 19:58:43 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-05-11 19:58:42 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-11 19:58:42 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-05-11 19:58:42 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-05-11 19:58:41 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-05-11 19:58:41 ----A---- C:\WINDOWS\system32\wpncore.dll
2017-05-11 19:58:41 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-05-11 19:58:41 ----A---- C:\WINDOWS\system32\services.exe
2017-05-11 19:58:40 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-05-11 19:58:40 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-05-11 19:58:40 ----A---- C:\WINDOWS\system32\mf.dll
2017-05-11 19:58:39 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 19:58:39 ----A---- C:\WINDOWS\system32\usercpl.dll
2017-05-11 19:58:39 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-05-11 19:58:39 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-05-11 19:58:39 ----A---- C:\WINDOWS\system32\mprddm.dll
2017-05-11 19:58:39 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-11 19:58:39 ----A---- C:\WINDOWS\system32\LsaIso.exe
2017-05-11 19:58:39 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-05-11 19:58:39 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-05-11 19:58:38 ----A---- C:\WINDOWS\system32\SpaceControl.dll
2017-05-11 19:58:38 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-05-11 19:58:38 ----A---- C:\WINDOWS\system32\rdpcore.dll
2017-05-11 19:58:38 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-11 19:58:38 ----A---- C:\WINDOWS\system32\mstsc.exe
2017-05-11 19:58:38 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-05-11 19:58:37 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-05-11 19:58:37 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-11 19:58:37 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-11 19:58:37 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2017-05-11 19:58:37 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-05-11 19:58:37 ----A---- C:\WINDOWS\system32\localspl.dll
2017-05-11 19:58:37 ----A---- C:\WINDOWS\system32\EmailApis.dll
2017-05-11 19:58:37 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2017-05-11 19:58:36 ----A---- C:\WINDOWS\system32\wiaservc.dll
2017-05-11 19:58:36 ----A---- C:\WINDOWS\system32\tsmf.dll
2017-05-11 19:58:36 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-11 19:58:36 ----A---- C:\WINDOWS\system32\mfps.dll
2017-05-11 19:58:36 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-05-11 19:58:35 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-11 19:58:35 ----A---- C:\WINDOWS\system32\msi.dll
2017-05-11 19:58:35 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2017-05-11 19:58:34 ----A---- C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-05-11 19:58:34 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-11 19:58:34 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-05-11 19:58:34 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-05-11 19:58:34 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-11 19:58:33 ----A---- C:\WINDOWS\system32\wscapi.dll
2017-05-11 19:58:33 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-11 19:58:33 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-05-11 19:58:33 ----A---- C:\WINDOWS\system32\mbsmsapi.dll
2017-05-11 19:58:33 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-05-11 19:58:32 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-11 19:58:32 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-11 19:58:31 ----A---- C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-11 19:58:31 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-05-11 19:58:31 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2017-05-11 19:58:31 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2017-05-11 19:58:30 ----A---- C:\WINDOWS\system32\wpnapps.dll
2017-05-11 19:58:30 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 19:58:17 ----A---- C:\WINDOWS\system32\PrintDialogs.dll
2017-05-11 19:58:13 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-11 19:58:13 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2017-05-11 19:58:13 ----A---- C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-11 19:58:13 ----A---- C:\WINDOWS\system32\fvewiz.dll
2017-05-11 19:58:13 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-11 19:58:12 ----A---- C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-05-11 19:58:12 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-05-11 19:58:12 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-05-11 19:58:12 ----A---- C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-11 19:58:12 ----A---- C:\WINDOWS\system32\fvecpl.dll
2017-05-11 19:58:11 ----A---- C:\WINDOWS\system32\wksprt.exe
2017-05-11 19:58:11 ----A---- C:\WINDOWS\system32\Unistore.dll
2017-05-11 19:58:11 ----A---- C:\WINDOWS\system32\RdpRelayTransport.dll
2017-05-11 19:58:11 ----A---- C:\WINDOWS\system32\rdpclip.exe
2017-05-11 19:58:11 ----A---- C:\WINDOWS\system32\rastlsext.dll
2017-05-11 19:58:11 ----A---- C:\WINDOWS\system32\rastls.dll
2017-05-11 19:58:10 ----A---- C:\WINDOWS\system32\wpninprc.dll
2017-05-11 19:58:10 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-11 19:58:10 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-11 19:58:10 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-05-11 19:58:10 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys
2017-05-11 19:58:10 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-11 19:58:08 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-05-11 19:58:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-05-11 19:58:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-11 19:58:04 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-05-11 19:58:03 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-05-11 19:58:02 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-05-11 19:58:01 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-05-11 19:58:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-05-11 19:58:00 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-05-11 19:57:59 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-05-11 19:57:58 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-05-11 19:57:58 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-05-11 19:57:57 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-05-11 19:57:57 ----A---- C:\WINDOWS\system32\wininet.dll
2017-05-11 19:57:56 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-05-11 19:57:55 ----A---- C:\WINDOWS\system32\dwmcore.dll
2017-05-11 19:57:54 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-11 19:57:54 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-11 19:57:54 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-05-11 19:57:53 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2017-05-11 19:57:53 ----A---- C:\WINDOWS\system32\ole32.dll
2017-05-11 19:57:53 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-05-11 19:57:53 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-05-11 19:57:53 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-05-11 19:57:52 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-05-11 19:57:52 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-05-11 19:57:52 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-05-11 19:57:52 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-05-11 19:57:51 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-05-11 19:57:51 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-05-11 19:57:51 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-05-11 19:57:51 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2017-05-11 19:57:50 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-11 19:57:50 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-05-11 19:57:50 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-05-11 19:57:50 ----A---- C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-11 19:57:50 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-05-11 19:57:49 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-05-11 19:57:49 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-05-11 19:57:49 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-11 19:57:49 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-11 19:57:49 ----A---- C:\WINDOWS\system32\quartz.dll
2017-05-11 19:57:49 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-05-11 19:57:49 ----A---- C:\WINDOWS\HelpPane.exe
2017-05-11 19:57:48 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-05-11 19:57:48 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-05-11 19:57:48 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-11 19:57:48 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-11 19:57:48 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-05-11 19:57:48 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-05-11 19:57:47 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-11 19:57:46 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-11 19:57:46 ----A---- C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-11 19:57:45 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-11 19:57:45 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-05-11 19:57:45 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-11 19:57:44 ----A---- C:\WINDOWS\system32\browser_broker.exe
2017-05-11 19:57:43 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-11 19:57:43 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-11 19:57:43 ----A---- C:\WINDOWS\system32\thumbcache.dll
2017-05-11 19:57:43 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2017-05-11 19:57:42 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2017-05-11 19:57:42 ----A---- C:\WINDOWS\system32\msdtctm.dll
2017-05-11 19:57:42 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 19:57:42 ----A---- C:\WINDOWS\system32\ConhostV2.dll
2017-05-11 19:57:41 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2017-05-11 19:57:41 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-11 19:57:41 ----A---- C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-11 19:57:41 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-05-11 19:57:41 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-05-11 19:57:41 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-11 19:57:41 ----A---- C:\WINDOWS\system32\asycfilt.dll
2017-05-11 19:57:40 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-11 19:57:40 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-11 19:57:39 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-05-11 19:57:39 ----A---- C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-11 19:57:39 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-05-11 19:57:38 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-05-11 19:57:38 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-11 19:57:38 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-11 19:57:38 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-05-11 19:57:37 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-05-11 19:57:37 ----A---- C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-05-11 19:57:36 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 19:57:36 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-05-11 19:57:36 ----A---- C:\WINDOWS\system32\dafpos.dll
2017-05-11 19:57:34 ----A---- C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-11 19:57:34 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2017-05-11 19:57:34 ----A---- C:\WINDOWS\system32\FontProvider.dll
2017-05-11 19:57:33 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-05-11 19:57:33 ----A---- C:\WINDOWS\system32\credprovhost.dll
2017-05-11 19:57:32 ----A---- C:\WINDOWS\system32\Geolocation.dll
2017-05-11 19:57:31 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-05-11 19:57:30 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-11 19:57:30 ----A---- C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-11 19:57:28 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2017-05-11 19:57:26 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-05-11 19:57:25 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-05-11 19:57:25 ----A---- C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-11 19:57:25 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-05-11 19:57:25 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-05-11 19:57:24 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2017-05-11 19:57:24 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2017-05-11 19:57:23 ----A---- C:\WINDOWS\system32\dialclient.dll
2017-05-11 19:57:22 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-05-11 19:57:21 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-11 19:57:21 ----A---- C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-05-11 19:57:19 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-05-11 19:57:19 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2017-05-11 19:57:18 ----A---- C:\WINDOWS\system32\shutdownux.dll
2017-05-11 19:57:18 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2017-05-11 19:57:18 ----A---- C:\WINDOWS\system32\catsrvps.dll
2017-05-11 19:57:17 ----A---- C:\WINDOWS\system32\Windows.Energy.dll
2017-05-11 19:57:17 ----A---- C:\WINDOWS\system32\DdcWnsListener.dll
2017-05-11 19:57:17 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-05-11 19:57:16 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2017-05-11 19:57:16 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-05-11 19:57:16 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-05-11 19:57:15 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-11 19:57:14 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-05-11 19:57:13 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2017-05-11 19:57:13 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-05-11 19:57:13 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-05-11 19:57:13 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-11 19:57:13 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-11 19:57:13 ----A---- C:\WINDOWS\system32\CastLaunch.dll
2017-05-11 19:57:13 ----A---- C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-11 19:57:12 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-11 19:57:01 ----A---- C:\WINDOWS\system32\twinui.dll
2017-05-11 19:57:00 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-05-11 19:57:00 ----A---- C:\WINDOWS\system32\combase.dll
2017-05-11 19:56:59 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-05-11 19:56:59 ----A---- C:\WINDOWS\system32\mispace.dll
2017-05-11 19:56:58 ----A---- C:\WINDOWS\system32\storagewmi.dll
2017-05-11 19:56:58 ----A---- C:\WINDOWS\explorer.exe
2017-05-11 19:56:57 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2017-05-11 19:56:57 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-11 19:56:56 ----A---- C:\WINDOWS\system32\usermgr.dll
2017-05-11 19:56:56 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-05-11 19:56:56 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-11 19:56:55 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2017-05-11 19:56:55 ----A---- C:\WINDOWS\system32\OpcServices.dll
2017-05-11 19:56:55 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-05-11 19:56:55 ----A---- C:\WINDOWS\system32\actxprxy.dll
2017-05-11 19:56:54 ----A---- C:\WINDOWS\system32\wsp_sr.dll
2017-05-11 19:56:54 ----A---- C:\WINDOWS\system32\wsp_health.dll
2017-05-11 19:56:54 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-11 19:56:54 ----A---- C:\WINDOWS\system32\crypt32.dll
2017-05-11 19:56:53 ----A---- C:\WINDOWS\system32\uReFS.dll
2017-05-11 19:56:53 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-11 19:56:53 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-05-11 19:56:52 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-05-11 19:56:52 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-05-11 19:56:51 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2017-05-11 19:56:51 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-11 19:56:51 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-05-11 19:56:51 ----A---- C:\WINDOWS\system32\kernel32.dll
2017-05-11 19:56:51 ----A---- C:\WINDOWS\system32\authui.dll
2017-05-11 19:56:50 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-11 19:56:50 ----A---- C:\WINDOWS\system32\resutils.dll
2017-05-11 19:56:50 ----A---- C:\WINDOWS\system32\dafBth.dll
2017-05-11 19:56:50 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-05-11 19:56:50 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-05-11 19:56:50 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 19:56:49 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-11 19:56:49 ----A---- C:\WINDOWS\system32\rpcss.dll
2017-05-11 19:56:48 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-05-11 19:56:48 ----A---- C:\WINDOWS\system32\securekernel.exe
2017-05-11 19:56:48 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-05-11 19:56:47 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-05-11 19:56:47 ----A---- C:\WINDOWS\system32\SpaceAgent.exe
2017-05-11 19:56:46 ----A---- C:\WINDOWS\system32\VSSVC.exe
2017-05-11 19:56:46 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-05-11 19:56:45 ----A---- C:\WINDOWS\system32\WinTypes.dll
2017-05-11 19:56:45 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-11 19:56:45 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-05-11 19:56:45 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2017-05-11 19:56:45 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-11 19:56:45 ----A---- C:\WINDOWS\system32\apprepsync.dll
2017-05-11 19:56:44 ----A---- C:\WINDOWS\system32\spwizeng.dll
2017-05-11 19:56:44 ----A---- C:\WINDOWS\system32\ShareHost.dll
2017-05-11 19:56:44 ----A---- C:\WINDOWS\system32\qedit.dll
2017-05-11 19:56:44 ----A---- C:\WINDOWS\system32\input.dll
2017-05-11 19:56:44 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2017-05-11 19:56:43 ----A---- C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-11 19:56:43 ----A---- C:\WINDOWS\system32\wimserv.exe
2017-05-11 19:56:43 ----A---- C:\WINDOWS\system32\wimgapi.dll
2017-05-11 19:56:43 ----A---- C:\WINDOWS\system32\sbe.dll
2017-05-11 19:56:43 ----A---- C:\WINDOWS\system32\dlnashext.dll
2017-05-11 19:56:43 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2017-05-11 19:56:42 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-05-11 19:56:42 ----A---- C:\WINDOWS\system32\wer.dll
2017-05-11 19:56:42 ----A---- C:\WINDOWS\system32\wbengine.exe
2017-05-11 19:56:42 ----A---- C:\WINDOWS\system32\msxml6.dll
2017-05-11 19:56:41 ----A---- C:\WINDOWS\system32\spaceman.exe
2017-05-11 19:56:41 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-05-11 19:56:41 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-05-11 19:56:41 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2017-05-11 19:56:41 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-11 19:56:40 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-11 19:56:40 ----A---- C:\WINDOWS\system32\virtdisk.dll
2017-05-11 19:56:40 ----A---- C:\WINDOWS\system32\ReAgent.dll
2017-05-11 19:56:40 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2017-05-11 19:56:40 ----A---- C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-05-11 19:56:39 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-11 19:56:39 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-11 19:56:39 ----A---- C:\WINDOWS\system32\psmsrv.dll
2017-05-11 19:56:39 ----A---- C:\WINDOWS\system32\invagent.dll
2017-05-11 19:56:39 ----A---- C:\WINDOWS\system32\devinv.dll
2017-05-11 19:56:39 ----A---- C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-11 19:56:39 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-05-11 19:56:38 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-11 19:56:38 ----A---- C:\WINDOWS\system32\CPFilters.dll
2017-05-11 19:56:38 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-11 19:56:38 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-05-11 19:56:37 ----A---- C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-05-11 19:56:37 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2017-05-11 19:56:37 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-11 19:56:37 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-11 19:56:37 ----A---- C:\WINDOWS\system32\bthserv.dll
2017-05-11 19:56:37 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-05-11 19:56:37 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-05-11 19:56:36 ----A---- C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-11 19:56:36 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-11 19:56:36 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-11 19:56:36 ----A---- C:\WINDOWS\system32\cryptui.dll
2017-05-11 19:56:36 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-05-11 19:56:35 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-11 19:56:35 ----A---- C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-11 19:56:35 ----A---- C:\WINDOWS\system32\Family.Client.dll
2017-05-11 19:56:35 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2017-05-11 19:56:35 ----A---- C:\WINDOWS\system32\apprepapi.dll
2017-05-11 19:56:34 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-05-11 19:56:34 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-11 19:56:34 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-11 19:56:34 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2017-05-11 19:56:33 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-11 19:56:32 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-05-11 19:56:32 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-11 19:56:32 ----A---- C:\WINDOWS\system32\LocationApi.dll
2017-05-11 19:56:31 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-05-11 19:56:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-11 19:56:31 ----A---- C:\WINDOWS\system32\imapi2.dll
2017-05-11 19:56:31 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2017-05-11 19:56:30 ----A---- C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-11 19:56:30 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-05-11 19:56:30 ----A---- C:\WINDOWS\system32\adsnt.dll
2017-05-11 19:56:29 ----A---- C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-05-11 19:56:29 ----A---- C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-05-11 19:56:29 ----A---- C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-05-11 19:56:29 ----A---- C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-11 19:56:29 ----A---- C:\WINDOWS\system32\vds.exe
2017-05-11 19:56:29 ----A---- C:\WINDOWS\system32\vaultcli.dll
2017-05-11 19:56:29 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2017-05-11 19:56:29 ----A---- C:\WINDOWS\system32\oleacc.dll
2017-05-11 19:56:29 ----A---- C:\WINDOWS\system32\appidsvc.dll
2017-05-11 19:56:28 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-05-11 19:56:28 ----A---- C:\WINDOWS\system32\ConsentUX.dll
2017-05-11 19:56:28 ----A---- C:\WINDOWS\system32\cdp.dll
2017-05-11 19:56:27 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-11 19:56:27 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-05-11 19:56:27 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2017-05-11 19:56:27 ----A---- C:\WINDOWS\system32\BthTelemetry.dll
2017-05-11 19:56:27 ----A---- C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-11 19:56:26 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-05-11 19:56:26 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-11 19:56:26 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2017-05-11 19:56:26 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-11 19:56:26 ----A---- C:\WINDOWS\system32\atmlib.dll

====== List of files/folders modified in the last 1 month ======

2017-06-03 16:23:52 ----D---- C:\WINDOWS\Prefetch
2017-06-03 16:23:40 ----RD---- C:\Program Files
2017-06-03 16:21:59 ----D---- C:\WINDOWS\Temp
2017-06-03 16:20:56 ----D---- C:\WINDOWS\AppReadiness
2017-06-03 16:19:31 ----D---- C:\WINDOWS\System32
2017-06-03 16:19:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-03 16:18:06 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-06-03 16:15:45 ----D---- C:\Users\sabina\AppData\Roaming\Skype
2017-06-03 16:12:41 ----D---- C:\WINDOWS\system32\config
2017-06-03 16:12:17 ----D---- C:\WINDOWS\system32\sru
2017-06-03 16:12:13 ----D---- C:\WINDOWS\system32\SleepStudy
2017-05-16 21:01:53 ----D---- C:\WINDOWS\system32\DriverStore
2017-05-16 21:01:49 ----D---- C:\WINDOWS\WinSxS
2017-05-16 20:46:09 ----D---- C:\WINDOWS\system32\catroot2
2017-05-16 20:17:23 ----RD---- C:\WINDOWS\Microsoft.NET
2017-05-16 19:33:32 ----SD---- C:\Users\sabina\AppData\Roaming\Microsoft
2017-05-16 19:03:15 ----D---- C:\WINDOWS\CbsTemp
2017-05-16 19:03:13 ----D---- C:\WINDOWS\system32\appraiser
2017-05-16 18:49:19 ----D---- C:\WINDOWS\INF
2017-05-16 18:41:41 ----D---- C:\WINDOWS\system32\drivers
2017-05-15 20:26:44 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-05-15 20:26:44 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-CS
2017-05-15 20:26:43 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-05-15 20:26:43 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-05-15 20:26:43 ----D---- C:\WINDOWS\SYSWOW64\migration
2017-05-15 20:26:43 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-05-15 20:26:43 ----D---- C:\WINDOWS\SYSWOW64\Dism
2017-05-15 20:26:43 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-05-15 20:26:43 ----D---- C:\WINDOWS\SysWOW64
2017-05-15 20:26:30 ----D---- C:\WINDOWS\system32\wbem
2017-05-15 20:26:30 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2017-05-15 20:26:30 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-05-15 20:26:29 ----D---- C:\WINDOWS\system32\setup
2017-05-15 20:26:29 ----D---- C:\WINDOWS\system32\oobe
2017-05-15 20:26:28 ----SD---- C:\WINDOWS\system32\F12
2017-05-15 20:26:28 ----D---- C:\WINDOWS\system32\migration
2017-05-15 20:26:28 ----D---- C:\WINDOWS\system32\en-US
2017-05-15 20:26:28 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2017-05-15 20:26:27 ----D---- C:\WINDOWS\system32\Dism
2017-05-15 20:26:27 ----D---- C:\WINDOWS\system32\cs-CZ
2017-05-15 20:26:27 ----D---- C:\WINDOWS\system32\Boot
2017-05-15 20:26:09 ----RD---- C:\WINDOWS\PrintDialog
2017-05-15 20:26:09 ----D---- C:\WINDOWS\ShellExperiences
2017-05-15 20:26:09 ----D---- C:\WINDOWS\Provisioning
2017-05-15 20:26:09 ----D---- C:\WINDOWS\PolicyDefinitions
2017-05-15 20:26:08 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-05-15 20:26:07 ----D---- C:\WINDOWS\bcastdvr
2017-05-15 20:26:07 ----D---- C:\WINDOWS\AppPatch
2017-05-15 20:26:07 ----D---- C:\Windows
2017-05-15 20:26:07 ----D---- C:\Program Files\Windows Photo Viewer
2017-05-15 20:26:07 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-05-15 20:26:07 ----D---- C:\Program Files (x86)\Windows Mail
2017-05-15 20:26:07 ----D---- C:\Program Files (x86)\Windows Defender
2017-05-15 20:26:07 ----D---- C:\Program Files (x86)\Internet Explorer
2017-05-15 20:26:06 ----RD---- C:\Program Files\Windows Defender
2017-05-15 20:26:06 ----D---- C:\Program Files\Windows Mail
2017-05-15 20:26:06 ----D---- C:\Program Files\Internet Explorer
2017-05-15 19:58:45 ----SHD---- C:\System Volume Information
2017-05-15 19:58:44 ----HD---- C:\Program Files\WindowsApps
2017-05-15 19:58:34 ----SHD---- C:\WINDOWS\Installer
2017-05-15 19:58:31 ----D---- C:\ProgramData\Microsoft Help
2017-05-11 20:16:42 ----D---- C:\WINDOWS\system32\MRT
2017-05-11 20:14:48 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-05-11 18:24:54 ----D---- C:\WINDOWS\system32\Tasks
2017-05-11 18:19:26 ----AD---- C:\Program Files\Microsoft Silverlight
2017-05-11 18:19:26 ----AD---- C:\Program Files (x86)\Microsoft Silverlight

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [2009-11-17 11576]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-01-13 11922944]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-01-13 359936]
R3 MTsensor;@oem10.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2013-05-17 17280]
R3 PAC207;@oem12.inf,%str_Description%;SoC PC-Camera; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-12-05 572416]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-07-16 589824]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2016-07-16 46592]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-04-28 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-30 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2016-07-16 108544]
S3 USBAAPL64;@oem4.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2015-06-10 54784]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-01-13 238080]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-09-22 83768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPUserSvc_399ab;CDPUserSvc_399ab; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 OneSyncSvc_399ab;Hostitel synchronizace_399ab; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-01-19 651576]
R3 PimIndexMaintenanceSvc_399ab;Data kontaktů_399ab; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\TimeBrokerServer.dll
R3 UnistoreSvc_399ab;Úložiště uživatelských dat_399ab; C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-02-27 317400]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_399ab;Služba zasílání zpráv_399ab; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[george.clunkers]

Zdravim, prikladam log:

# AdwCleaner v6.047 - Log vytvořen 03/06/2017 v 17:14:28
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-02.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : sabina - SABINA-PC
# Spuštěno z : C:\Users\sabina\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ratio.akcniceny.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.akcniceny.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ratio.akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.slunecnice.cz


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1887 Bajty] - [03/06/2017 17:14:28]
C:\AdwCleaner\AdwCleaner[S0].txt - [2322 Bajty] - [03/06/2017 17:14:11]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2033 Bajty] ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .