Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Divné chování, zpomalení, divně fungující js

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
papperwing
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 13 bře 2013 20:34

Divné chování, zpomalení, divně fungující js

#1 Příspěvek od papperwing »

Dobrý den,

potřeboval bych pomoci s počítačem, u nějž mám podezření na havěť.

Rsit:
Logfile of random's system information tool 1.10 (written by random/random)
Run by helen at 2017-10-15 22:17:51
Microsoft Windows 10 Home
System drive C: has 278 GB (65%) free of 430 GB
Total RAM: 4002 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:17:52, on 15.10.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.1715)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\helen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe
C:\Users\helen\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
C:\Program Files\trend micro\helen.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [OneDrive] "C:\Users\helen\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\helen\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\helen\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [PhotoMasterImportAgent] "C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe" importagent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\helen\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\helen\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\helen\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_2\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\helen\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_2\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem24.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @oem89.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Biometric and Context Agent Service (IntelBCAsvc) - Intel(R) Corporation - C:\Program Files\Intel\BCA\pabeSvc64.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13598 bytes

======Listing Processes======







winlogon.exe


C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9ea3b59f-b3ca-42ff-a22d-5cda968cf36b -SystemEventPortName:HostProcess-2ec5f151-be7c-4fe5-81eb-ed398cfa4f78 -IoCancelEventPortName:HostProcess-33980cd7-f495-4f91-8993-8b578db93d2b -NonStateChangingEventPortName:HostProcess-ea75ed7a-836f-46c2-b9e6-7c18f21c5761 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a4e2c9a3-5a4d-4b17-8c18-eb60477997c6 -DeviceGroupId:WudfDefaultDevicePool
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7f6f9c8c-7bc7-4d43-a420-cfa289f98378 -SystemEventPortName:HostProcess-fb83a888-f97f-420b-a6f1-85a3533b1022 -IoCancelEventPortName:HostProcess-2c06c480-c116-47da-8fea-ae5a9fbd6ad3 -NonStateChangingEventPortName:HostProcess-68633ca9-bf25-4838-9749-91505fd74944 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:108e96ef-2e7f-4de3-8ef4-f9ed7685b6c2 -DeviceGroupId:
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k NetworkService
dashost.exe {fea218cc-5b5e-4003-90655ef9c8ba7e2c}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\Intel\BCA\pabeSvc64.exe"
"C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe"

"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe"

"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6624.0.1784645830\1620990183" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6624 "\\.\pipe\gecko-crash-server-pipe.6624" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6624.3.758596180\1430974991" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|33:20|34:10|43:128|44:10000|49:0|51:400|52:1|53:0|54:0|59:0|60:120|61:120|92:2|93:1|107:5000|118:0|120:0|131:10000|143:-1|148:128|149:10000|150:0|156:24|157:32768|159:0|160:0|168:5|172:1048576|173:100|174:5000|176:600|178:1|187:3|191:0|201:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|35:1|36:0|37:0|38:0|41:1|42:1|45:0|46:0|47:0|48:0|50:0|55:1|56:1|57:0|58:1|62:1|63:1|64:0|65:1|66:1|67:0|68:1|71:0|72:0|75:1|76:1|80:1|81:1|82:1|83:0|84:0|86:0|87:0|88:1|89:0|94:1|95:0|101:0|106:0|109:1|110:1|113:1|115:1|119:0|122:1|125:1|126:1|132:0|133:0|134:1|136:0|142:0|144:1|145:0|146:1|147:0|154:0|155:0|158:1|161:0|163:1|165:1|166:0|171:0|175:1|180:0|181:0|182:0|183:1|184:0|185:0|186:1|189:0|193:0|194:0|195:1|196:1|197:0|198:1|199:1|200:1|202:0|203:0|205:0|213:1|214:1|215:0|216:0|217:0| -stringPrefs "3:7;release|135:3;1.0|152:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|153:8;moderate|188:38;{ce083d01-9e4e-4381-ac34-223dd90903a5}|" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6624 "\\.\pipe\gecko-crash-server-pipe.6624" tab
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6624.12.1989355823\1701891157" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|33:20|34:10|43:128|44:10000|49:0|51:400|52:1|53:0|54:0|59:0|60:120|61:120|92:2|93:1|107:5000|118:0|120:0|131:10000|143:-1|148:128|149:10000|150:0|156:24|157:32768|159:0|160:0|168:5|172:1048576|173:100|174:5000|176:600|178:1|187:3|191:0|201:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|35:1|36:0|37:0|38:0|41:1|42:1|45:0|46:0|47:0|48:0|50:0|55:1|56:1|57:0|58:1|62:1|63:1|64:0|65:1|66:1|67:0|68:1|71:0|72:0|75:1|76:1|80:1|81:1|82:1|83:0|84:0|86:0|87:0|88:1|89:0|94:1|95:0|101:0|106:0|109:1|110:1|113:1|115:1|119:0|122:1|125:1|126:1|132:0|133:0|134:1|136:0|142:0|144:1|145:0|146:1|147:0|154:0|155:0|158:1|161:0|163:1|165:1|166:0|171:0|175:1|180:0|181:0|182:0|183:1|184:0|185:0|186:1|189:0|193:0|194:0|195:1|196:1|197:0|198:1|199:1|200:1|202:0|203:0|205:0|213:1|214:1|215:0|216:0|217:0| -stringPrefs "3:7;release|135:3;1.0|152:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|153:8;moderate|188:38;{ce083d01-9e4e-4381-ac34-223dd90903a5}|" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6624 "\\.\pipe\gecko-crash-server-pipe.6624" tab
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
AvastUI.exe /nogui
"C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Users\helen\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe" importagent
szndesktop.exe default start
"C:\Users\helen\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe"
"fontdrvhost.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\WINDOWS\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8600.40525.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe" -ServerName:microsoft.windowslive.calendar.AppXg9pag83k0brz0hvt3yj6hxda2h2y7w14.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8600.40525.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
taskhostw.exe
C:\WINDOWS\system32\WLANExt.exe 2294587659024
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
-name 93f64eef-9e09-4a50-8994-c02cda2c7845 -runas -pluginName LenovoAudioPlugin -pluginVersion 1.2.189.0
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x370
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\helen\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default

prefs.js - "browser.search.suggest.enabled" - false

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.159 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_159.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.159 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_159.dll


C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-27 210112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-27 3229896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-27 149696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-27 2179272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-06-24 16412920]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-24 1415928]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-24 1415928]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-24 1415928]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-07-30 36352]
"Bluetooth"=C:\Program Files\Lenovo\Bluetooth Software\bttray.exe [2015-07-08 535808]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-10-12 253344]
"LenovoUtility"=C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [2017-07-27 911272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\helen\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-19 1686736]
"cz.seznam.software.autoupdate"=C:\Users\helen\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\helen\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"PhotoMasterImportAgent"=C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [2016-09-22 675608]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-07-18 3062560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\helen\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"=C:\WINDOWS\system32\cmd.exe [2016-07-16 232960]
"Uninstall C:\Users\helen\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_2\amd64"=C:\WINDOWS\system32\cmd.exe [2016-07-16 232960]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-10-14 17:42:21 ----D---- C:\ProgramData\TrueKey
2017-10-12 11:16:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2017-10-12 11:16:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-12 11:16:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2017-10-12 11:16:34 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2017-10-12 11:16:34 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2017-10-12 11:16:34 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-10-12 11:16:34 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2017-10-12 11:16:34 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2017-10-12 11:16:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2017-10-12 11:16:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2017-10-12 11:16:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-10-12 11:16:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2017-10-12 11:16:33 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2017-10-12 11:16:33 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-12 11:16:33 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-10-12 11:16:33 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-10-12 11:16:33 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-10-12 11:16:33 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-10-12 11:16:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2017-10-12 11:16:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-10-12 11:16:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-10-12 11:16:32 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.Ngc.dll
2017-10-12 11:16:32 ----A---- C:\WINDOWS\SYSWOW64\PCPTpm12.dll
2017-10-12 11:16:32 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-10-12 11:16:32 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-10-12 11:16:32 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-10-12 11:16:32 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2017-10-12 11:16:32 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2017-10-12 11:16:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2017-10-12 11:16:31 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-10-12 11:16:31 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2017-10-12 11:16:31 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2017-10-12 11:16:30 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2017-10-12 11:16:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2017-10-12 11:16:30 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2017-10-12 11:16:30 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-10-12 11:16:30 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-10-12 11:16:30 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2017-10-12 11:16:30 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2017-10-12 11:16:30 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2017-10-12 11:16:29 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-10-12 11:16:29 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-12 11:16:29 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2017-10-12 11:16:29 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-10-12 11:16:29 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2017-10-12 11:16:29 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2017-10-12 11:16:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-12 11:16:28 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-10-12 11:16:28 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-10-12 11:16:28 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-10-12 11:16:28 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-10-12 11:16:28 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2017-10-12 11:16:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-10-12 11:16:27 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-12 11:16:27 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2017-10-12 11:16:27 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-10-12 11:16:26 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2017-10-12 11:16:26 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2017-10-12 11:16:26 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-10-12 11:16:25 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-10-12 11:16:25 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2017-10-12 11:16:25 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-10-12 11:16:24 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-12 11:16:23 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-12 11:16:22 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2017-10-12 11:16:22 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2017-10-12 11:16:22 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2017-10-12 11:16:22 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2017-10-12 11:16:22 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-10-12 11:16:22 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-10-12 11:16:21 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-10-12 11:16:20 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2017-10-12 11:16:20 ----A---- C:\WINDOWS\SYSWOW64\SmartcardCredentialProvider.dll
2017-10-12 11:16:20 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2017-10-12 11:16:20 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2017-10-12 11:16:20 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2017-10-12 11:16:19 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-10-12 11:16:19 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2017-10-12 11:16:19 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-10-12 11:16:19 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-12 11:16:19 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-12 11:16:18 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2017-10-12 11:16:18 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-10-12 11:16:18 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-10-12 11:16:18 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2017-10-12 11:16:18 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-12 11:16:17 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-10-12 11:16:17 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-12 11:16:17 ----A---- C:\WINDOWS\SYSWOW64\mcbuilder.exe
2017-10-12 11:16:17 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-10-12 11:16:17 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2017-10-12 11:16:17 ----A---- C:\WINDOWS\SYSWOW64\dinput8.dll
2017-10-12 11:16:17 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll
2017-10-12 11:16:17 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2017-10-12 11:16:17 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys
2017-10-12 11:16:17 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-10-12 11:16:16 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2017-10-12 11:16:16 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2017-10-12 11:16:16 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2017-10-12 11:16:16 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-10-12 11:16:16 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-12 11:16:16 ----A---- C:\WINDOWS\SYSWOW64\dinput.dll
2017-10-12 11:16:16 ----A---- C:\WINDOWS\SYSWOW64\certreq.exe
2017-10-12 11:16:16 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2017-10-12 11:16:15 ----A---- C:\WINDOWS\SYSWOW64\netprofm.dll
2017-10-12 11:16:15 ----A---- C:\WINDOWS\SYSWOW64\MSWB7.dll
2017-10-12 11:16:15 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2017-10-12 11:16:15 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollUI.dll
2017-10-12 11:16:15 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2017-10-12 11:16:15 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-10-12 11:16:15 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-10-12 11:16:14 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2017-10-12 11:16:14 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2017-10-12 11:16:14 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-12 11:16:13 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-10-12 11:16:13 ----A---- C:\WINDOWS\system32\CertEnrollUI.dll
2017-10-12 11:16:12 ----A---- C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-12 11:16:12 ----A---- C:\WINDOWS\system32\usocore.dll
2017-10-12 11:16:12 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-10-12 11:16:12 ----A---- C:\WINDOWS\system32\mfps.dll
2017-10-12 11:16:12 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-10-12 11:16:12 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-10-12 11:16:12 ----A---- C:\WINDOWS\system32\EmailApis.dll
2017-10-12 11:16:12 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2017-10-12 11:16:12 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-10-12 11:16:11 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-10-12 11:16:11 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-10-12 11:16:11 ----A---- C:\WINDOWS\system32\ChatApis.dll
2017-10-12 11:16:11 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-10-12 11:16:10 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-12 11:16:10 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-10-12 11:16:10 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-10-12 11:16:09 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-10-12 11:16:09 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-10-12 11:16:09 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-10-12 11:16:09 ----A---- C:\WINDOWS\system32\mstsc.exe
2017-10-12 11:16:08 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-10-12 11:16:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-10-12 11:16:08 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-10-12 11:16:07 ----A---- C:\WINDOWS\system32\wlansvc.dll
2017-10-12 11:16:07 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2017-10-12 11:16:06 ----A---- C:\WINDOWS\system32\Unistore.dll
2017-10-12 11:16:06 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-10-12 11:16:06 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-10-12 11:16:06 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-10-12 11:16:05 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-10-12 11:16:05 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-10-12 11:16:05 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-12 11:16:04 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-12 11:16:03 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-10-12 11:16:03 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-10-12 11:16:02 ----A---- C:\WINDOWS\system32\VCardParser.dll
2017-10-12 11:16:02 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2017-10-12 11:16:02 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2017-10-12 11:16:02 ----A---- C:\WINDOWS\system32\cryptngc.dll
2017-10-12 11:16:01 ----A---- C:\WINDOWS\system32\wlansec.dll
2017-10-12 11:16:01 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-10-12 11:16:01 ----A---- C:\WINDOWS\system32\sspicli.dll
2017-10-12 11:16:01 ----A---- C:\WINDOWS\system32\puiobj.dll
2017-10-12 11:16:01 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2017-10-12 11:16:01 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-10-12 11:16:01 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2017-10-12 11:16:00 ----A---- C:\WINDOWS\system32\umrdp.dll
2017-10-12 11:16:00 ----A---- C:\WINDOWS\system32\termsrv.dll
2017-10-12 11:16:00 ----A---- C:\WINDOWS\system32\sspisrv.dll
2017-10-12 11:16:00 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2017-10-12 11:16:00 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2017-10-12 11:16:00 ----A---- C:\WINDOWS\system32\lsass.exe
2017-10-12 11:15:48 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2017-10-12 11:15:48 ----A---- C:\WINDOWS\system32\AppointmentActivation.dll
2017-10-12 11:15:47 ----A---- C:\WINDOWS\system32\wksprt.exe
2017-10-12 11:15:47 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-10-12 11:15:46 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-10-12 11:15:45 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-12 11:15:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-12 11:15:44 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-10-12 11:15:44 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-12 11:15:44 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-10-12 11:15:43 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-12 11:15:43 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-12 11:15:42 ----A---- C:\WINDOWS\system32\netshell.dll
2017-10-12 11:15:42 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2017-10-12 11:15:42 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-10-12 11:15:41 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-10-12 11:15:41 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-12 11:15:41 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-10-12 11:15:40 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2017-10-12 11:15:40 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-10-12 11:15:40 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2017-10-12 11:15:40 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2017-10-12 11:15:40 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-10-12 11:15:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-12 11:15:38 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-12 11:15:38 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-12 11:15:37 ----A---- C:\WINDOWS\system32\shutdownux.dll
2017-10-12 11:15:37 ----A---- C:\WINDOWS\system32\msdtctm.dll
2017-10-12 11:15:37 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-10-12 11:15:37 ----A---- C:\WINDOWS\system32\dnsapi.dll
2017-10-12 11:15:36 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2017-10-12 11:15:36 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2017-10-12 11:15:36 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2017-10-12 11:15:36 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-10-12 11:15:36 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-10-12 11:15:36 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2017-10-12 11:15:35 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-10-12 11:15:35 ----A---- C:\WINDOWS\system32\msftedit.dll
2017-10-12 11:15:35 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-10-12 11:15:35 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-10-12 11:15:32 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2017-10-12 11:15:32 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-10-12 11:15:32 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-10-12 11:15:32 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-10-12 11:15:32 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-10-12 11:15:31 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-10-12 11:15:31 ----A---- C:\WINDOWS\system32\domgmt.dll
2017-10-12 11:15:30 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-10-12 11:15:29 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-10-12 11:15:29 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2017-10-12 11:15:28 ----A---- C:\WINDOWS\system32\jscript.dll
2017-10-12 11:15:28 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2017-10-12 11:15:28 ----A---- C:\WINDOWS\system32\dinput8.dll
2017-10-12 11:15:27 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-10-12 11:15:27 ----A---- C:\WINDOWS\system32\rpchttp.dll
2017-10-12 11:15:27 ----A---- C:\WINDOWS\system32\ChxAPDS.dll
2017-10-12 11:15:27 ----A---- C:\WINDOWS\system32\ChtHkStrokeDS.dll
2017-10-12 11:15:27 ----A---- C:\WINDOWS\system32\ChtCangjieDS.dll
2017-10-12 11:15:27 ----A---- C:\WINDOWS\system32\dinput.dll
2017-10-12 11:15:27 ----A---- C:\WINDOWS\system32\comuid.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\VocabRoamingHandler.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\trie.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\StaticDictDS.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\msimeChsPinyinMainDS.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\jpnranker.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\jpndecoder.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\chxinputrouter.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\ChxHAPDS.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\ChtQuickDS.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\ChsStrokeDS.dll
2017-10-12 11:15:26 ----A---- C:\WINDOWS\system32\ChsPinyinRanker.dll
2017-10-12 11:15:25 ----A---- C:\WINDOWS\system32\TransliterationRanker.dll
2017-10-12 11:15:25 ----A---- C:\WINDOWS\system32\RuleBasedDS.dll
2017-10-12 11:15:25 ----A---- C:\WINDOWS\system32\MTFSpellcheckDS.dll
2017-10-12 11:15:25 ----A---- C:\WINDOWS\system32\MTFFuzzyDS.dll
2017-10-12 11:15:25 ----A---- C:\WINDOWS\system32\MtfDecoder.dll
2017-10-12 11:15:25 ----A---- C:\WINDOWS\system32\jpninputrouter.dll
2017-10-12 11:15:25 ----A---- C:\WINDOWS\system32\IHDS.dll
2017-10-12 11:15:25 ----A---- C:\WINDOWS\system32\chxranker.dll
2017-10-12 11:15:25 ----A---- C:\WINDOWS\system32\EmojiDS.dll
2017-10-12 11:15:23 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-10-12 11:15:23 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-10-12 11:15:23 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-12 11:15:22 ----A---- C:\WINDOWS\system32\PCPTpm12.dll
2017-10-12 11:15:22 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2017-10-12 11:15:22 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2017-10-12 11:15:22 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-10-12 11:15:21 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-10-12 11:15:21 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-10-12 11:15:21 ----A---- C:\WINDOWS\system32\offlinesam.dll
2017-10-12 11:15:21 ----A---- C:\WINDOWS\system32\mispace.dll
2017-10-12 11:15:21 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-10-12 11:15:21 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-12 11:15:20 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-10-12 11:15:20 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-10-12 11:15:20 ----A---- C:\WINDOWS\system32\msxml6.dll
2017-10-12 11:15:20 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-10-12 11:15:19 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-10-12 11:15:19 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2017-10-12 11:15:19 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2017-10-12 11:15:19 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-10-12 11:15:19 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-12 11:15:18 ----A---- C:\WINDOWS\system32\wsp_health.dll
2017-10-12 11:15:18 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-10-12 11:15:18 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-10-12 11:15:18 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-10-12 11:15:18 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-10-12 11:15:17 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-12 11:15:17 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-10-12 11:15:17 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-10-12 11:15:16 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2017-10-12 11:15:16 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-12 11:15:14 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-12 11:15:13 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-10-12 11:15:13 ----A---- C:\WINDOWS\system32\apprepsync.dll
2017-10-12 11:15:13 ----A---- C:\WINDOWS\system32\apprepapi.dll
2017-10-12 11:15:13 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-10-12 11:15:12 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2017-10-12 11:15:12 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-10-12 11:15:11 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-10-12 11:15:11 ----A---- C:\WINDOWS\system32\msctf.dll
2017-10-12 11:15:11 ----A---- C:\WINDOWS\system32\dsreg.dll
2017-10-12 11:15:10 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-10-12 11:15:09 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-10-12 11:15:09 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-10-12 11:15:09 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-12 11:15:09 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-12 11:15:08 ----A---- C:\WINDOWS\system32\webio.dll
2017-10-12 11:15:08 ----A---- C:\WINDOWS\system32\user32.dll
2017-10-12 11:15:07 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-10-12 11:15:07 ----A---- C:\WINDOWS\system32\Wldap32.dll
2017-10-12 11:15:07 ----A---- C:\WINDOWS\system32\mcbuilder.exe
2017-10-12 11:15:07 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-10-12 11:15:05 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2017-10-12 11:15:05 ----A---- C:\WINDOWS\system32\netlogon.dll
2017-10-12 11:15:05 ----A---- C:\WINDOWS\system32\certutil.exe
2017-10-12 11:15:04 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2017-10-12 11:15:04 ----A---- C:\WINDOWS\system32\AppContracts.dll
2017-10-12 11:15:03 ----A---- C:\WINDOWS\system32\TabSvc.dll
2017-10-12 11:15:03 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-10-12 11:15:03 ----A---- C:\WINDOWS\system32\MSWB7.dll
2017-10-12 11:15:03 ----A---- C:\WINDOWS\system32\dsregcmd.exe
2017-10-12 11:15:03 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-10-12 11:15:03 ----A---- C:\WINDOWS\system32\authz.dll
2017-10-12 11:15:02 ----A---- C:\WINDOWS\system32\netprofm.dll
2017-10-12 11:15:02 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2017-10-12 11:15:02 ----A---- C:\WINDOWS\system32\certreq.exe
2017-10-12 09:14:45 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-10-12 09:07:53 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-10 10:34:29 ----D---- C:\ProgramData\SWCUTemp
2017-10-07 14:56:42 ----A---- C:\WINDOWS\system32\ImController.InfInstaller.exe
2017-10-07 14:56:42 ----A---- C:\WINDOWS\system32\ImController.CoInstaller.dll
2017-10-07 14:56:22 ----A---- C:\WINDOWS\system32\WudfUpdate_01011.dll
2017-09-29 16:59:49 ----AD---- C:\Program Files\rempl
2017-09-21 23:14:18 ----D---- C:\ProgramData\McAfee Security Scan

======List of files/folders modified in the last 1 month======

2017-10-15 22:17:52 ----D---- C:\Program Files\trend micro
2017-10-15 22:17:28 ----D---- C:\WINDOWS\Prefetch
2017-10-15 22:15:45 ----D---- C:\WINDOWS\Temp
2017-10-15 21:36:10 ----D---- C:\WINDOWS\system32\sru
2017-10-15 21:35:38 ----D---- C:\WINDOWS\system32\SleepStudy
2017-10-15 15:47:08 ----D---- C:\WINDOWS\system32\NDF
2017-10-15 12:53:46 ----D---- C:\WINDOWS\rescache
2017-10-15 12:47:35 ----RD---- C:\WINDOWS\Microsoft.NET
2017-10-15 10:54:08 ----D---- C:\Users\helen\AppData\Roaming\vlc
2017-10-15 10:25:57 ----D---- C:\WINDOWS\system32\config
2017-10-15 09:31:29 ----D---- C:\WINDOWS\system32\drivers
2017-10-14 21:05:01 ----D---- C:\WINDOWS\AppReadiness
2017-10-14 20:00:51 ----D---- C:\WINDOWS\system32\DriverStore
2017-10-14 20:00:50 ----D---- C:\WINDOWS\WinSxS
2017-10-14 17:42:21 ----HD---- C:\ProgramData
2017-10-14 13:42:15 ----D---- C:\WINDOWS\system32\catroot2
2017-10-14 09:52:33 ----D---- C:\Program Files (x86)\Steam
2017-10-13 20:33:02 ----HD---- C:\Program Files\WindowsApps
2017-10-13 20:15:35 ----RSD---- C:\WINDOWS\assembly
2017-10-13 20:11:40 ----SHD---- C:\System Volume Information
2017-10-13 18:53:42 ----SHDC---- C:\WINDOWS\Installer
2017-10-13 18:52:27 ----D---- C:\Users\helen\AppData\Roaming\Seznam.cz
2017-10-13 18:46:54 ----D---- C:\WINDOWS\System32
2017-10-13 18:46:54 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-10-13 18:46:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-13 18:40:22 ----D---- C:\WINDOWS\INF
2017-10-13 18:39:20 ----D---- C:\Windows
2017-10-12 23:16:50 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-10-12 23:16:50 ----D---- C:\WINDOWS\SysWOW64
2017-10-12 23:16:48 ----D---- C:\WINDOWS\system32\oobe
2017-10-12 23:16:48 ----D---- C:\WINDOWS\system32\en-US
2017-10-12 23:16:46 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-10-12 23:16:46 ----D---- C:\WINDOWS\ShellExperiences
2017-10-12 23:16:46 ----D---- C:\WINDOWS\AppPatch
2017-10-12 23:16:46 ----D---- C:\Program Files\Windows Mail
2017-10-12 23:16:46 ----D---- C:\Program Files (x86)\Windows Mail
2017-10-12 11:32:06 ----D---- C:\WINDOWS\CbsTemp
2017-10-12 09:15:27 ----D---- C:\WINDOWS\system32\Tasks
2017-10-12 09:14:40 ----D---- C:\ProgramData\AVAST Software
2017-10-12 09:10:49 ----D---- C:\WINDOWS\system32\MRT
2017-10-12 09:07:35 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-10-10 16:06:27 ----D---- C:\WINDOWS\system32\Macromed
2017-10-10 16:06:26 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-10-09 16:14:27 ----D---- C:\WINDOWS\Minidump
2017-10-09 16:14:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-09 16:14:25 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-10-09 16:11:47 ----D---- C:\Users\helen\AppData\Roaming\qBittorrent
2017-10-07 14:56:46 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-10-07 14:56:18 ----D---- C:\WINDOWS\Logs
2017-09-29 16:59:49 ----RD---- C:\Program Files
2017-09-27 20:05:15 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-09-27 20:04:40 ----D---- C:\Program Files (x86)\Common Files
2017-09-27 20:03:10 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-09-21 23:14:26 ----D---- C:\Program Files\McAfee Security Scan

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-10-12 198976]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-10-12 343288]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-10-12 57736]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-10-12 84416]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-10-12 363440]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-07-30 1462720]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-10-12 321032]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-09-07 41832]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-10-12 110376]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-10-12 1020536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-10-12 587168]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-10-12 147776]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-10-12 201352]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 ACPIVPC;@oem7.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-06-15 42328]
R3 bcbtums;@oem24.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2015-07-03 199472]
R3 BCMWL63A;@oem14.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2015-05-26 11134472]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-08-20 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2017-07-12 250880]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-07 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-08-20 84992]
R3 btwampfl;@oem24.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2015-07-08 205608]
R3 btwaudio;@oem9.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys [2015-07-08 220448]
R3 btwavdt;@oem9.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\WINDOWS\system32\drivers\btwavdt.sys [2015-07-08 239392]
R3 btwl2cap;@oem12.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [2015-07-08 48984]
R3 iaLPSS_GPIO;@oem4.inf,%iaLPSS_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Driver; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [2015-06-15 46856]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-05-02 7970288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-06-24 4601080]
R3 MEIx64;@oem22.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-12 183584]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 rt640x64;@oem6.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-05-29 886528]
R3 rtsuvc;@oem26.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-05-29 3049176]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2017-01-23 72800]
R3 SynTP;@oem50.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2017-01-23 912992]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-06-21 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-10-12 47008]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2017-04-28 967680]
S3 btwrchid;btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys [2015-07-08 47392]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem86.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 IntcDAud;@oem48.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\System32\drivers\NETwew01.sys [2015-07-10 3354384]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2017-07-12 124928]
S3 ssudmdm;@oem87.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-10-12 281416]
R2 BcmBtRSupport;@oem24.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2015-07-08 2269440]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2015-07-08 980224]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_1a29f2;CDPUserSvc_1a29f2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-09-08 7761608]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-07-27 18856]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-05-02 373736]
R2 ImControllerService;@oem89.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08 68416]
R2 IntelBCAsvc;Intel(R) Biometric and Context Agent Service; C:\Program Files\Intel\BCA\pabeSvc64.exe [2016-05-06 3026584]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-06-24 223008]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-06-24 411936]
R2 OneSyncSvc_1a29f2;Sync Host_1a29f2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-12-03 743688]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2017-01-23 267360]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-10-12 7446024]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-26 43696]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_1a29f2;Contact Data_1a29f2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-19 153752]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-10 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-05-02 301552]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-19 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [2017-09-05 404376]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_1a29f2;MessagingService_1a29f2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-05 175568]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-08 213704]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-04 1312768]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-07-18 1608480]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------

Děkuji mockrát za pomoc

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Divné chování, zpomalení, divně fungující js

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

papperwing
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 13 bře 2013 20:34

Re: Divné chování, zpomalení, divně fungující js

#3 Příspěvek od papperwing »

# AdwCleaner 7.0.3.1 - Logfile created on Mon Oct 16 19:48:32 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/10/16 19:45:24]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Divné chování, zpomalení, divně fungující js

#4 Příspěvek od Rudy »

Toto je OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

papperwing
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 13 bře 2013 20:34

Re: Divné chování, zpomalení, divně fungující js

#5 Příspěvek od papperwing »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2017
Ran by helen (administrator) on LAPTOP-S2PCB5HK (16-10-2017 22:12:35)
Running from C:\Users\helen\Desktop
Loaded Profiles: helen (Available Profiles: helen)
Platform: Windows 10 Home Version 1607 170917-1700 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
() C:\Users\helen\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe
() C:\Users\helen\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\helen\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412920 2016-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [Bluetooth] => C:\Program Files\Lenovo\Bluetooth Software\bttray.exe [535808 2015-07-08] (Broadcom Corporation.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-12] (AVAST Software)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\helen\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\helen\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp.)
HKU\S-1-5-21-31940000-418457942-2495688642-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-21]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 176.74.128.10 176.74.128.11
Tcpip\..\Interfaces\{4dd19970-c1e3-4507-8169-91ee19f3688d}: [DhcpNameServer] 176.74.128.10 176.74.128.11

Internet Explorer:
==================
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-27] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-27] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-27] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-27] (Microsoft Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-27] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-27] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-27] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-27] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: hkkqchdr.default
FF ProfilePath: C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default [2017-10-16]
FF Extension: (Firefox Hotfix) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\firefox-hotfix@mozilla.org.xpi [2017-03-10]
FF Extension: (Avast SafePrice) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\sp@avast.com.xpi [2017-10-14]
FF Extension: (Avast Online Security) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\wrc@avast.com.xpi [2017-10-12]
FF Extension: (Adblock Plus) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Seznam lištička) - C:\Users\helen\AppData\Roaming\Mozilla\Firefox\Profiles\hkkqchdr.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-10-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_159.dll [2017-10-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_159.dll [2017-10-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-27] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default [2017-10-16]
CHR Extension: (Google Slides) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-19]
CHR Extension: (Google Docs) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-19]
CHR Extension: (Google Drive) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-19]
CHR Extension: (Seznam Lištička - Email) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-03-20]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-03-20]
CHR Extension: (YouTube) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-19]
CHR Extension: (Avast SafePrice) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-19]
CHR Extension: (Google Sheets) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-19]
CHR Extension: (Google Docs Offline) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-14]
CHR Extension: (Avast Online Security) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-19]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-03-20]
CHR Extension: (Gmail) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\helen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-12] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-12] (AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2269440 2015-07-08] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [980224 2015-07-08] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761608 2017-09-08] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373736 2017-05-02] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [68416 2017-09-08] (Lenovo Group Limited)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [267360 2017-01-23] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-22] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-22] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-12] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-12] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1020536 2017-10-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-12] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-12] (AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [199472 2015-07-03] (Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11134472 2015-05-26] (Broadcom Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72800 2017-01-23] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-16 22:12 - 2017-10-16 22:13 - 000021049 _____ C:\Users\helen\Desktop\FRST.txt
2017-10-16 22:12 - 2017-10-16 22:12 - 000000000 ____D C:\FRST
2017-10-16 22:10 - 2017-10-16 22:10 - 000112640 _____ (forum.viry.cz) C:\Users\helen\Desktop\FRSTLauncher.exe
2017-10-16 22:10 - 2017-10-16 22:10 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-10-16 22:09 - 2017-10-16 22:09 - 002401792 _____ (Farbar) C:\Users\helen\Desktop\FRST64.exe
2017-10-16 21:44 - 2017-10-16 21:48 - 000000000 ____D C:\AdwCleaner
2017-10-16 21:43 - 2017-10-16 21:43 - 008250832 _____ (Malwarebytes) C:\Users\helen\Desktop\adwcleaner_7.0.3.1.exe
2017-10-15 01:35 - 2017-10-15 01:35 - 000954518 _____ C:\Users\helen\Downloads\Výroční zpráva Studentští poradci 2016.pdf
2017-10-14 17:42 - 2017-10-14 17:42 - 000000000 ____D C:\ProgramData\TrueKey
2017-10-12 11:16 - 2017-09-18 05:27 - 000218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-10-12 11:16 - 2017-09-18 05:09 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-12 11:16 - 2017-09-18 05:09 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-12 11:16 - 2017-09-18 05:08 - 000998920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-12 11:16 - 2017-09-18 05:05 - 001177688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-12 11:16 - 2017-09-18 05:05 - 000497424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-12 11:16 - 2017-09-18 05:05 - 000172536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-12 11:16 - 2017-09-18 05:04 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-12 11:16 - 2017-09-18 05:04 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-12 11:16 - 2017-09-18 05:03 - 000791272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-12 11:16 - 2017-09-18 05:02 - 007213464 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-12 11:16 - 2017-09-18 05:02 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-10-12 11:16 - 2017-09-18 05:00 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-10-12 11:16 - 2017-09-18 04:59 - 022220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-12 11:16 - 2017-09-18 04:59 - 008173672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-12 11:16 - 2017-09-18 04:59 - 004260072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-10-12 11:16 - 2017-09-18 04:59 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-10-12 11:16 - 2017-09-18 04:59 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-10-12 11:16 - 2017-09-18 04:59 - 000341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-12 11:16 - 2017-09-18 04:56 - 000057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-12 11:16 - 2017-09-18 04:55 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-12 11:16 - 2017-09-18 04:55 - 001431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-10-12 11:16 - 2017-09-18 04:54 - 001980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-10-12 11:16 - 2017-09-18 04:52 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-12 11:16 - 2017-09-18 04:52 - 006672680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-12 11:16 - 2017-09-18 04:52 - 004023560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-10-12 11:16 - 2017-09-18 04:52 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-10-12 11:16 - 2017-09-18 04:52 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-10-12 11:16 - 2017-09-18 04:52 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-10-12 11:16 - 2017-09-18 04:52 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-10-12 11:16 - 2017-09-18 04:51 - 000178016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-12 11:16 - 2017-09-18 04:49 - 001435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-12 11:16 - 2017-09-18 04:49 - 001412128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-12 11:16 - 2017-09-18 04:49 - 001260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-12 11:16 - 2017-09-18 04:48 - 000117792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-12 11:16 - 2017-09-18 04:35 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-10-12 11:16 - 2017-09-18 04:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-10-12 11:16 - 2017-09-18 04:33 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-12 11:16 - 2017-09-18 04:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-10-12 11:16 - 2017-09-18 04:32 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-12 11:16 - 2017-09-18 04:32 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-12 11:16 - 2017-09-18 04:31 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-10-12 11:16 - 2017-09-18 04:31 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-10-12 11:16 - 2017-09-18 04:31 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-12 11:16 - 2017-09-18 04:31 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-10-12 11:16 - 2017-09-18 04:31 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-12 11:16 - 2017-09-18 04:30 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-12 11:16 - 2017-09-18 04:30 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-10-12 11:16 - 2017-09-18 04:29 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-12 11:16 - 2017-09-18 04:29 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-10-12 11:16 - 2017-09-18 04:29 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-10-12 11:16 - 2017-09-18 04:28 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-12 11:16 - 2017-09-18 04:28 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-10-12 11:16 - 2017-09-18 04:28 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-10-12 11:16 - 2017-09-18 04:27 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-10-12 11:16 - 2017-09-18 04:27 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-10-12 11:16 - 2017-09-18 04:27 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-10-12 11:16 - 2017-09-18 04:27 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-10-12 11:16 - 2017-09-18 04:27 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-12 11:16 - 2017-09-18 04:27 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-10-12 11:16 - 2017-09-18 04:27 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-12 11:16 - 2017-09-18 04:26 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-10-12 11:16 - 2017-09-18 04:26 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-10-12 11:16 - 2017-09-18 04:26 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-12 11:16 - 2017-09-18 04:26 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-12 11:16 - 2017-09-18 04:26 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-10-12 11:16 - 2017-09-18 04:26 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-10-12 11:16 - 2017-09-18 04:26 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-12 11:16 - 2017-09-18 04:26 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-10-12 11:16 - 2017-09-18 04:25 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-10-12 11:16 - 2017-09-18 04:25 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-12 11:16 - 2017-09-18 04:24 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-12 11:16 - 2017-09-18 04:24 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-10-12 11:16 - 2017-09-18 04:24 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-10-12 11:16 - 2017-09-18 04:24 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-12 11:16 - 2017-09-18 04:24 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-12 11:16 - 2017-09-18 04:23 - 000857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-10-12 11:16 - 2017-09-18 04:23 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-10-12 11:16 - 2017-09-18 04:23 - 000636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-10-12 11:16 - 2017-09-18 04:23 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-10-12 11:16 - 2017-09-18 04:23 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-12 11:16 - 2017-09-18 04:23 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-10-12 11:16 - 2017-09-18 04:22 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-12 11:16 - 2017-09-18 04:22 - 001137664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-12 11:16 - 2017-09-18 04:20 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-12 11:16 - 2017-09-18 04:20 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-10-12 11:16 - 2017-09-18 04:20 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-10-12 11:16 - 2017-09-18 04:19 - 002750976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-10-12 11:16 - 2017-09-18 04:19 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-12 11:16 - 2017-09-18 04:19 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-12 11:16 - 2017-09-18 04:19 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-12 11:16 - 2017-09-18 04:18 - 008077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-12 11:16 - 2017-09-18 04:18 - 007470592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-12 11:16 - 2017-09-18 04:18 - 001145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-10-12 11:16 - 2017-09-18 04:18 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-10-12 11:16 - 2017-09-18 04:17 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-12 11:16 - 2017-09-18 04:17 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-10-12 11:16 - 2017-09-18 04:16 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-10-12 11:16 - 2017-09-18 04:16 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-10-12 11:16 - 2017-09-18 04:15 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-10-12 11:16 - 2017-09-18 04:15 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-10-12 11:16 - 2017-09-18 04:14 - 002997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-12 11:16 - 2017-09-18 04:14 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 000983552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-10-12 11:16 - 2017-09-18 04:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-10-12 11:16 - 2017-09-18 04:14 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-12 11:16 - 2017-09-18 04:13 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-10-12 11:16 - 2017-09-18 04:13 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-10-12 11:16 - 2017-09-18 04:13 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-10-12 11:16 - 2017-09-18 04:13 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-10-12 11:16 - 2017-09-18 04:13 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-10-12 11:16 - 2017-09-18 04:13 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-10-12 11:16 - 2017-09-18 04:13 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2017-10-12 11:16 - 2017-09-18 04:12 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-10-12 11:16 - 2017-09-18 04:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-12 11:16 - 2017-09-18 04:11 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-10-12 11:16 - 2017-09-18 04:11 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-12 11:16 - 2017-09-15 01:05 - 001302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-10-12 11:16 - 2017-09-15 00:59 - 000096064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-10-12 11:16 - 2017-09-15 00:52 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-10-12 11:16 - 2017-09-15 00:49 - 001202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-10-12 11:16 - 2017-09-15 00:34 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-10-12 11:16 - 2017-09-15 00:32 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2017-10-12 11:16 - 2017-09-15 00:32 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-12 11:16 - 2017-09-15 00:31 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-12 11:16 - 2017-09-15 00:30 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-10-12 11:16 - 2017-09-15 00:30 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2017-10-12 11:16 - 2017-09-15 00:30 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB7.dll
2017-10-12 11:16 - 2017-09-15 00:30 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-10-12 11:16 - 2017-09-15 00:30 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-10-12 11:16 - 2017-09-15 00:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-12 11:16 - 2017-09-15 00:28 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-10-12 11:16 - 2017-09-15 00:28 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-10-12 11:16 - 2017-09-15 00:27 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-10-12 11:16 - 2017-09-15 00:26 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-10-12 11:16 - 2017-09-15 00:26 - 000636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-10-12 11:16 - 2017-09-15 00:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2017-10-12 11:16 - 2017-09-15 00:25 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-10-12 11:16 - 2017-09-15 00:22 - 000987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-10-12 11:16 - 2017-09-15 00:18 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-12 11:16 - 2017-09-15 00:18 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2017-10-12 11:16 - 2017-09-15 00:15 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-12 11:16 - 2017-09-14 04:04 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-12 11:16 - 2017-09-14 04:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-12 11:16 - 2017-09-14 04:04 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-12 11:16 - 2017-03-04 08:28 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-10-12 11:16 - 2017-03-04 08:25 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-10-12 11:16 - 2017-03-04 08:24 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-10-12 11:16 - 2017-03-04 08:23 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-10-12 11:16 - 2017-03-04 08:23 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-10-12 11:16 - 2017-03-04 08:18 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-10-12 11:16 - 2017-03-04 08:16 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-10-12 11:16 - 2017-03-04 08:00 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-10-12 11:16 - 2017-03-04 08:00 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-10-12 11:16 - 2016-08-27 07:12 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-10-12 11:15 - 2017-09-18 05:17 - 001564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-10-12 11:15 - 2017-09-18 05:17 - 000245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-10-12 11:15 - 2017-09-18 05:17 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-10-12 11:15 - 2017-09-18 05:09 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-12 11:15 - 2017-09-18 05:09 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-12 11:15 - 2017-09-18 05:08 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-12 11:15 - 2017-09-18 05:05 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-10-12 11:15 - 2017-09-18 05:04 - 000404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-12 11:15 - 2017-09-18 05:01 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-10-12 11:15 - 2017-09-18 05:01 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-12 11:15 - 2017-09-18 05:01 - 000431456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-10-12 11:15 - 2017-09-18 05:01 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-12 11:15 - 2017-09-18 04:59 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-10-12 11:15 - 2017-09-18 04:58 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-10-12 11:15 - 2017-09-18 04:58 - 000206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-12 11:15 - 2017-09-18 04:57 - 001566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-12 11:15 - 2017-09-18 04:57 - 001460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-12 11:15 - 2017-09-18 04:57 - 001415712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-12 11:15 - 2017-09-18 04:36 - 022570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-12 11:15 - 2017-09-18 04:33 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransliterationRanker.dll
2017-10-12 11:15 - 2017-09-18 04:32 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-12 11:15 - 2017-09-18 04:32 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpninputrouter.dll
2017-10-12 11:15 - 2017-09-18 04:32 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmojiDS.dll
2017-10-12 11:15 - 2017-09-18 04:31 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\RuleBasedDS.dll
2017-10-12 11:15 - 2017-09-18 04:30 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpnranker.dll
2017-10-12 11:15 - 2017-09-18 04:30 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-12 11:15 - 2017-09-18 04:30 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-10-12 11:15 - 2017-09-18 04:30 - 000174592 _____ C:\WINDOWS\system32\IHDS.dll
2017-10-12 11:15 - 2017-09-18 04:30 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\VocabRoamingHandler.dll
2017-10-12 11:15 - 2017-09-18 04:30 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\StaticDictDS.dll
2017-10-12 11:15 - 2017-09-18 04:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-10-12 11:15 - 2017-09-18 04:30 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxranker.dll
2017-10-12 11:15 - 2017-09-18 04:29 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-12 11:15 - 2017-09-18 04:29 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsStrokeDS.dll
2017-10-12 11:15 - 2017-09-18 04:29 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-10-12 11:15 - 2017-09-18 04:28 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtHkStrokeDS.dll
2017-10-12 11:15 - 2017-09-18 04:28 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsPinyinRanker.dll
2017-10-12 11:15 - 2017-09-18 04:28 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtfDecoder.dll
2017-10-12 11:15 - 2017-09-18 04:28 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-10-12 11:15 - 2017-09-18 04:28 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-10-12 11:15 - 2017-09-18 04:28 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-10-12 11:15 - 2017-09-18 04:28 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxAPDS.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimeChsPinyinMainDS.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxHAPDS.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtCangjieDS.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtQuickDS.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpndecoder.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxinputrouter.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-10-12 11:15 - 2017-09-18 04:27 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-12 11:15 - 2017-09-18 04:26 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-10-12 11:15 - 2017-09-18 04:26 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-10-12 11:15 - 2017-09-18 04:26 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2017-10-12 11:15 - 2017-09-18 04:26 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-12 11:15 - 2017-09-18 04:26 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-10-12 11:15 - 2017-09-18 04:26 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-10-12 11:15 - 2017-09-18 04:26 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-10-12 11:15 - 2017-09-18 04:26 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-10-12 11:15 - 2017-09-18 04:25 - 001914368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-12 11:15 - 2017-09-18 04:25 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-12 11:15 - 2017-09-18 04:25 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-12 11:15 - 2017-09-18 04:25 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-10-12 11:15 - 2017-09-18 04:24 - 013107712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-12 11:15 - 2017-09-18 04:24 - 002103808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-10-12 11:15 - 2017-09-18 04:24 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-10-12 11:15 - 2017-09-18 04:24 - 001584640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-12 11:15 - 2017-09-18 04:23 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-10-12 11:15 - 2017-09-18 04:22 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-10-12 11:15 - 2017-09-18 04:22 - 003291648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-10-12 11:15 - 2017-09-18 04:22 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-10-12 11:15 - 2017-09-18 04:22 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-12 11:15 - 2017-09-18 04:22 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-12 11:15 - 2017-09-18 04:21 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-12 11:15 - 2017-09-18 04:20 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-12 11:15 - 2017-09-18 04:20 - 019414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-12 11:15 - 2017-09-18 04:20 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-10-12 11:15 - 2017-09-18 04:19 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-10-12 11:15 - 2017-09-18 04:19 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2017-10-12 11:15 - 2017-09-18 04:18 - 012204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-12 11:15 - 2017-09-18 04:18 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-12 11:15 - 2017-09-18 04:18 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-12 11:15 - 2017-09-18 04:18 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-12 11:15 - 2017-09-18 04:18 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-10-12 11:15 - 2017-09-18 04:17 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-12 11:15 - 2017-09-18 04:17 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-12 11:15 - 2017-09-18 04:16 - 004743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-12 11:15 - 2017-09-18 04:16 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-12 11:15 - 2017-09-18 04:15 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-12 11:15 - 2017-09-18 04:15 - 003202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-12 11:15 - 2017-09-18 04:15 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-10-12 11:15 - 2017-09-18 04:15 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-10-12 11:15 - 2017-09-18 04:15 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-12 11:15 - 2017-09-18 04:15 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-12 11:15 - 2017-09-18 04:15 - 001231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-12 11:15 - 2017-09-18 04:15 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-12 11:15 - 2017-09-18 04:15 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-12 11:15 - 2017-09-18 04:14 - 002897408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 002321408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 001518080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-12 11:15 - 2017-09-18 04:14 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-10-12 11:15 - 2017-09-18 04:14 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-12 11:15 - 2017-09-18 04:13 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-10-12 11:15 - 2017-09-18 04:13 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-10-12 11:15 - 2017-09-18 04:13 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-10-12 11:15 - 2017-09-18 04:13 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2017-10-12 11:15 - 2017-09-18 04:12 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-10-12 11:15 - 2017-09-18 04:11 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\trie.dll
2017-10-12 11:15 - 2017-09-18 04:11 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFFuzzyDS.dll
2017-10-12 11:15 - 2017-09-18 04:11 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFSpellcheckDS.dll
2017-10-12 11:15 - 2017-09-15 01:14 - 000119328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-10-12 11:15 - 2017-09-15 00:32 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB7.dll
2017-10-12 11:15 - 2017-09-15 00:32 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-10-12 11:15 - 2017-09-15 00:32 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-10-12 11:15 - 2017-09-15 00:31 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-12 11:15 - 2017-09-15 00:31 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-10-12 11:15 - 2017-09-15 00:29 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-10-12 11:15 - 2017-09-15 00:25 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-10-12 11:15 - 2017-09-15 00:24 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-10-12 11:15 - 2017-09-15 00:24 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2017-10-12 11:15 - 2017-09-15 00:23 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-12 11:15 - 2017-09-15 00:22 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-10-12 11:15 - 2017-09-15 00:22 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-10-12 11:15 - 2017-09-15 00:20 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-10-12 11:15 - 2017-09-15 00:19 - 001421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-10-12 11:15 - 2017-09-15 00:19 - 000928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-10-12 11:15 - 2017-09-15 00:16 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2017-10-12 11:15 - 2017-03-04 09:10 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-10-12 11:15 - 2017-03-04 08:11 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-10-12 11:15 - 2017-03-04 08:07 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-10-12 11:15 - 2016-08-06 06:16 - 000026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-10-12 11:15 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-10-12 09:14 - 2017-10-12 09:14 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-10-12 09:07 - 2017-10-12 09:07 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-10 11:42 - 2017-10-10 11:42 - 003799538 _____ C:\Users\helen\Downloads\CRISPR dropout screen identifies targets in AML - Tzelepis2016.pdf
2017-10-09 23:13 - 2017-10-09 23:30 - 264723798 _____ C:\Users\helen\Downloads\Lucifer.S03E02.HDTV.x264-LOL.mkv
2017-10-09 16:14 - 2017-10-09 16:15 - 000611748 _____ C:\WINDOWS\Minidump\100917-28500-01.dmp
2017-10-09 15:57 - 2017-10-09 16:06 - 000000000 ____D C:\Users\helen\Downloads\Desperate Housewives Season 1, 2, 3, 4, 5, 6, 7 & 8 + Extras DVDRip TSV
2017-10-09 15:52 - 2017-10-09 16:11 - 261788520 _____ C:\Users\helen\Downloads\Outlander.S03E05.WEB.H264-STRiFE.mkv
2017-10-07 14:57 - 2017-10-07 14:57 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_iMDriver_01_11_00.Wdf
2017-10-07 14:56 - 2017-09-08 03:57 - 002365296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2017-10-07 14:56 - 2017-09-08 03:57 - 000103744 _____ (Lenovo Group Limited.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2017-10-07 14:56 - 2017-09-08 03:57 - 000039744 _____ (Lenovo Group Limited) C:\WINDOWS\system32\ImController.InfInstaller.exe
2017-10-02 22:30 - 2017-10-02 22:51 - 352635410 _____ C:\Users\helen\Downloads\outlander.s03e04.web.h264-convoy.mkv.part
2017-09-29 19:59 - 2017-09-29 20:10 - 000000000 ____D C:\Users\helen\Desktop\Desperate Housewives Season 3 Complete HDTV-soagg
2017-09-29 16:59 - 2017-10-13 18:53 - 000000000 ____D C:\Program Files\rempl
2017-09-28 20:32 - 2017-09-28 20:32 - 000000562 _____ C:\Users\helen\Downloads\Story_images.txt
2017-09-27 20:25 - 2017-09-27 20:48 - 370525992 _____ C:\Users\helen\Downloads\Outlander.S03E03.WEB.XviD-AFG.avi.part
2017-09-24 16:49 - 2017-09-24 16:49 - 000000000 ____D C:\Users\helen\Downloads\desperate.housewives.remember.part.1.(2006).tv.s02.e23.cze.4cd
2017-09-24 16:48 - 2017-09-24 16:49 - 000147494 _____ C:\Users\helen\Downloads\desperate.housewives.remember.part.1.(2006).tv.s02.e23.cze.4cd.zip
2017-09-24 16:44 - 2017-09-24 16:44 - 000000000 ____D C:\Users\helen\Downloads\desperate.housewives.no.one.is.alone.(2006).tv.s02.e22.cze.4cd
2017-09-24 16:43 - 2017-09-24 16:43 - 000071979 _____ C:\Users\helen\Downloads\desperate.housewives.no.one.is.alone.(2006).tv.s02.e22.cze.4cd.zip
2017-09-24 16:41 - 2017-09-24 16:41 - 000058897 _____ C:\Users\helen\Downloads\desperate.housewives.i.know.things.now.(2006).tv.s02.e21.cze.3cd.zip
2017-09-24 16:41 - 2017-09-24 16:41 - 000051624 _____ C:\Users\helen\Downloads\Desperate-Housewives-S02E21(0000148955).srt
2017-09-24 16:41 - 2017-09-24 16:41 - 000051624 _____ C:\Users\helen\Downloads\Desperate.Housewives.S02E21.HDTV.XviD-LOL.srt
2017-09-24 16:41 - 2017-09-24 16:41 - 000034017 _____ C:\Users\helen\Downloads\Desperate.Housewives.S02E21.I.Know.Things.Now.DVDrip.XviD-FoV.CZ.sub
2017-09-24 16:36 - 2017-09-24 16:36 - 000082600 _____ C:\Users\helen\Downloads\desperate.housewives.it.wasnt.meant.to.happen.(2006).tv.s02.e20.cze.4cd.zip
2017-09-24 16:36 - 2017-09-24 16:36 - 000000000 ____D C:\Users\helen\Downloads\desperate.housewives.it.wasnt.meant.to.happen.(2006).tv.s02.e20.cze.4cd
2017-09-24 16:32 - 2017-09-24 16:32 - 000066916 _____ C:\Users\helen\Downloads\desperate.housewives.dont.look.at.me.(2006).tv.s02.e19.cze.3cd.zip
2017-09-24 16:32 - 2017-09-24 16:32 - 000000000 ____D C:\Users\helen\Downloads\desperate.housewives.dont.look.at.me.(2006).tv.s02.e19.cze.3cd
2017-09-24 16:26 - 2017-09-24 16:26 - 000109594 _____ C:\Users\helen\Downloads\desperate.housewives.everybody.says.dont.(2006).tv.s02.e18.cze.5cd.zip
2017-09-24 16:26 - 2017-09-24 16:26 - 000000000 ____D C:\Users\helen\Downloads\desperate.housewives.everybody.says.dont.(2006).tv.s02.e18.cze.5cd
2017-09-24 16:20 - 2017-09-24 16:20 - 000083173 _____ C:\Users\helen\Downloads\desperate.housewives.could.i.leave.you.(2006).tv.s02.e17.cze.4cd.zip
2017-09-24 16:20 - 2017-09-24 16:20 - 000000000 ____D C:\Users\helen\Downloads\desperate.housewives.could.i.leave.you.(2006).tv.s02.e17.cze.4cd
2017-09-24 16:18 - 2017-09-24 16:18 - 000091050 _____ C:\Users\helen\Downloads\desperate.housewives.there.is.no.other.way.(2006).tv.s02.e16.cze.4cd.zip
2017-09-24 16:18 - 2017-09-24 16:18 - 000000000 ____D C:\Users\helen\Downloads\desperate.housewives.there.is.no.other.way.(2006).tv.s02.e16.cze.4cd
2017-09-24 16:14 - 2017-09-24 16:14 - 000000000 ____D C:\Users\helen\Downloads\desperate.housewives.thank.you.so.much.(2006).tv.s02.e15.cze.4cd
2017-09-24 16:13 - 2017-09-24 16:14 - 000084748 _____ C:\Users\helen\Downloads\desperate.housewives.thank.you.so.much.(2006).tv.s02.e15.cze.4cd.zip
2017-09-24 16:04 - 2017-09-24 16:04 - 000000000 ____D C:\Users\helen\Downloads\desperate.housewives.silly.people.(2006).tv.s02.e14.cze.4cd
2017-09-24 16:03 - 2017-09-24 16:04 - 000081588 _____ C:\Users\helen\Downloads\desperate.housewives.silly.people.(2006).tv.s02.e14.cze.4cd.zip
2017-09-24 12:38 - 2017-09-24 12:38 - 000070276 _____ C:\Users\helen\Downloads\1363-seznam-neplaticu-ud.pdf
2017-09-21 23:14 - 2017-09-21 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-09-21 23:14 - 2017-09-21 23:14 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2017-09-19 20:10 - 2017-09-19 20:58 - 350009575 _____ C:\Users\helen\Downloads\Outlander.S03E02.WEB.H264-STRiFE.mkv.part

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-16 21:55 - 2016-11-19 08:15 - 000122301 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-10-16 21:55 - 2016-06-25 12:20 - 000000000 ____D C:\Users\helen\AppData\Roaming\Seznam.cz
2017-10-16 21:51 - 2017-07-26 21:03 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-16 21:51 - 2016-11-18 22:12 - 000000000 ____D C:\Users\helen\AppData\LocalLow\Mozilla
2017-10-16 21:50 - 2016-08-23 09:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-10-16 21:50 - 2016-06-24 17:27 - 000000000 __SHD C:\Users\helen\IntelGraphicsProfiles
2017-10-16 21:49 - 2016-08-23 10:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-16 21:48 - 2016-07-16 08:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-10-16 21:35 - 2016-08-23 09:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-16 18:14 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-15 22:17 - 2016-10-01 13:34 - 000000000 ____D C:\Program Files\trend micro
2017-10-15 12:53 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-10-15 10:54 - 2016-06-25 12:26 - 000000000 ____D C:\Users\helen\AppData\Roaming\vlc
2017-10-14 21:05 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-13 20:33 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-13 18:46 - 2016-08-23 19:40 - 002098306 _____ C:\WINDOWS\system32\perfh005.dat
2017-10-13 18:46 - 2016-08-23 19:40 - 000577228 _____ C:\WINDOWS\system32\perfc005.dat
2017-10-13 18:46 - 2016-04-27 08:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-13 18:46 - 2015-07-16 17:54 - 004666724 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-13 18:40 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-10-13 18:39 - 2016-08-23 09:48 - 000357144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-12 23:16 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-10-12 23:16 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-10-12 23:16 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-12 11:32 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-12 09:15 - 2017-06-10 13:51 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-10-12 09:15 - 2017-02-08 21:25 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-10-12 09:14 - 2017-02-08 21:25 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-10-12 09:14 - 2017-02-08 21:25 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-10-12 09:14 - 2017-02-08 21:25 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-10-12 09:14 - 2017-02-08 21:25 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-10-12 09:14 - 2016-08-10 10:11 - 001020536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-10-12 09:14 - 2016-08-10 10:11 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-10-12 09:14 - 2016-08-10 10:11 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-10-12 09:14 - 2016-08-10 10:11 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-10-12 09:14 - 2016-08-10 10:11 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-10-12 09:14 - 2016-08-10 10:11 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-10-12 09:14 - 2016-08-10 10:11 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-10-12 09:14 - 2016-08-10 10:11 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-10-12 09:14 - 2016-08-10 10:09 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-12 09:10 - 2016-06-25 08:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-12 09:07 - 2016-06-25 08:21 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-10 16:06 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-10 16:06 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-10 09:26 - 2016-08-23 09:56 - 000000000 ____D C:\Users\helen
2017-10-09 16:14 - 2016-11-19 12:30 - 000000000 ____D C:\WINDOWS\Minidump
2017-10-09 16:14 - 2016-11-18 19:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-09 16:14 - 2016-07-26 11:30 - 821424478 _____ C:\WINDOWS\MEMORY.DMP
2017-10-09 16:14 - 2016-06-24 17:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-09 16:11 - 2017-01-15 22:14 - 000000000 ____D C:\Users\helen\AppData\Roaming\qBittorrent
2017-10-05 22:21 - 2016-06-24 17:27 - 000000000 ____D C:\Users\helen\AppData\Local\Packages
2017-09-27 20:05 - 2016-07-16 13:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-27 20:03 - 2015-09-02 18:46 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-27 19:46 - 2017-03-19 19:23 - 000002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-27 19:46 - 2017-03-19 19:23 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-21 23:14 - 2017-09-03 12:40 - 000002016 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-09-21 23:14 - 2017-08-01 23:13 - 000000000 ____D C:\Program Files\McAfee Security Scan
2017-09-19 20:09 - 2017-07-25 19:21 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-31940000-418457942-2495688642-1001
2017-09-19 20:09 - 2016-06-24 17:31 - 000002366 _____ C:\Users\helen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-19 20:09 - 2016-06-24 17:31 - 000000000 ___RD C:\Users\helen\OneDrive

==================== Files in the root of some directories =======

2017-07-26 20:26 - 2017-07-26 20:26 - 000005937 _____ () C:\Users\helen\AppData\Local\recently-used.xbel
2016-08-23 09:52 - 2016-08-23 09:52 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2017-02-11 11:04 - 2017-06-04 10:22 - 000534528 _____ () C:\Users\helen\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-09 15:43

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows) (Fixed) (Total:419.45 GB) (Free:272.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.45 GB) NTFS

Available physical RAM: 1261.76 MB
Total physical RAM: 4001.92 MB
Percentage of memory in use: 68%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: 3495B3E9)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\helen\Desktop" je 19794 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Divné chování, zpomalení, divně fungující js

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-21]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
HKU\S-1-5-21-31940000-418457942-2495688642-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\helen\AppData\Local\Temp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:
C:\Users\helen\Desktop" je 19794 MB.
To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\helen novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět