VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivku 2/2

https://forum.viry.cz:443/viewtopic.php?t=153016

Stránka 1 z 1

Prosím o preventivku 1/2

Napsal: 12 říj 2017 17:20
od ras099
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2017-10-12 17:57:40
Microsoft Windows 10 Home
System drive C: has 78 GB (34%) free of 231 GB
Total RAM: 3982 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:57:44, on 12. 10. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
C:\Program Files (x86)\eM Client\MailClient.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
C:\Program Files (x86)\eM Client\MailClient.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\Xianzhi\Service\XianZhiDeviceProxy.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{77a2dced-c301-442e-bef8-8021202dffe3}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: @oem31.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem4.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @oem12.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LnvMHService (LnvHotSpotSvc) - Lenovo - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XianzhiDeviceService - Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd - C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe

--
End of file - 11377 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k netsvcs -s gpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4b36bb16-d77a-4e03-9f30-8acc362b5b9b -SystemEventPortName:HostProcess-4457606b-9476-4c70-b2a3-48e0779a1199 -IoCancelEventPortName:HostProcess-9bd2da78-4a72-44c9-ba27-a2f25faa2512 -NonStateChangingEventPortName:HostProcess-5e918aa7-8897-4889-a613-a2ab2f3ef4a3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b1f83af9-675c-43b3-809b-fec9dbeb5e15 -DeviceGroupId:
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e8f9b93e-c3ec-488d-9ebd-82fc5ad944db -SystemEventPortName:HostProcess-4c4136de-c54c-42cc-9ec1-0a937d1e9e4d -IoCancelEventPortName:HostProcess-d5d087a3-37b5-47e2-942f-f512d9a7de0f -NonStateChangingEventPortName:HostProcess-98f6113b-5fc7-4baa-9b0f-46cebf06a643 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:603f0700-477c-4a4b-acab-3f045aafe4aa -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
C:\WINDOWS\system32\ibmpmsvc.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservice -s netprofm
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-22a132fd-a7c9-4a39-878e-88dffb4a44bf -SystemEventPortName:HostProcess-37949adb-3c21-46d1-89d9-6d8b9b14a437 -IoCancelEventPortName:HostProcess-3036af5a-509f-40eb-ab3c-723fa5b95857 -NonStateChangingEventPortName:HostProcess-5cfd8ed4-9a62-4219-a8a4-ff2e62a2dfa3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:96135758-554e-4c32-9f1b-011e5e981160 -DeviceGroupId:
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-14f8eaad-57ef-43f2-b444-9648d345421a -SystemEventPortName:HostProcess-36f4e1bf-a445-4816-8834-35aeecebbfba -IoCancelEventPortName:HostProcess-6a58b5a8-dde7-428b-8902-a2359cd8577b -NonStateChangingEventPortName:HostProcess-0d79b958-1ce9-42b6-96df-07262ec84eb2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b4bb396f-2171-4169-b4b4-40dfd56b9cd0 -DeviceGroupId:
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e910548d-ba9f-4120-b1a1-e85acc6b7dad -SystemEventPortName:HostProcess-408d7226-a466-4a40-9cd3-717afbeb1b90 -IoCancelEventPortName:HostProcess-c4e70326-0d65-4827-8653-bd626dead5bf -NonStateChangingEventPortName:HostProcess-fa5319ec-3d7e-4815-9b70-9b4c123aa475 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bd57ad33-7f13-449b-90b8-67a27faf6570 -DeviceGroupId:

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
dashost.exe {b077cdfd-bc81-4854-8bfafd71b714a106}
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
"C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe"
"C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
C:\WINDOWS\system32\BtwRSupportService.exe

C:\WINDOWS\system32\AUDIODG.EXE 0x3b0
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV

c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
"C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe"
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000cb4
C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
c:\windows\system32\svchost.exe -k netsvcs -s wlidsvc
"C:\Program Files (x86)\BatteryCare\BatteryCare.exe"
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
igfxEM.exe
igfxHK.exe

"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Martin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x1e8,0x1ec,0x1f0,0x1e4,0x1f4,0x7ff87fc71988,0x7ff87fc71948,0x7ff87fc71958
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6736 --on-initialized-event-handle=636 --parent-handle=640 /prefetch:6
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1420,5845109646770529521,14316598202299005028,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,23,27,29,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.4358 --gpu-driver-date=12-21-2015 --service-request-channel-token=2D5A7D22E944D5A557EDF37F8FE08A52 --mojo-platform-channel-handle=1436 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,5845109646770529521,14316598202299005028,131072 --service-pipe-token=6FD347687D734EFD43AD0484C7EAF5D2 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=6FD347687D734EFD43AD0484C7EAF5D2 --renderer-client-id=4 --mojo-platform-channel-handle=3464 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,5845109646770529521,14316598202299005028,131072 --service-pipe-token=3F37CAD42E38C690762326E61621A2A3 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=3F37CAD42E38C690762326E61621A2A3 --renderer-client-id=5 --mojo-platform-channel-handle=3472 /prefetch:1
"C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe"
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,5845109646770529521,14316598202299005028,131072 --service-pipe-token=E6DC8489D508E51C844C80752B7B2333 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=E6DC8489D508E51C844C80752B7B2333 --renderer-client-id=8 --mojo-platform-channel-handle=5848 /prefetch:1
"C:\Program Files (x86)\eM Client\MailClient.exe"
-name 3ae7c4db-93b6-42d8-81f3-6cd8ca03fc51 -runas -pluginName LenovoAudioPlugin -pluginVersion 1.2.189.0
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\eM Client\MailClient.exe" --type=renderer --no-sandbox --disable-databases --lang=en-US --lang=en-US --log-file="C:\Users\Martin\AppData\Roaming\eM Client\Logs\cef.log" --log-severity=error --uncaught-exception-stack-size=8 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="8672.0.1804867183\779344784" /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
"C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
"C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe"
c:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,5845109646770529521,14316598202299005028,131072 --service-pipe-token=5053CFA4BC728FF7AEC259E6A5D6F600 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=5053CFA4BC728FF7AEC259E6A5D6F600 --renderer-client-id=11 --mojo-platform-channel-handle=3628 /prefetch:1
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe"
"C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe"
"C:\Program Files (x86)\Xianzhi\Service\XianZhiDeviceProxy.exe" -first
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 692 696 704 8192 700
"C:\Users\Martin\AppData\Local\Apps\2.0\LMMWYGP1.R6T\JNHGCGXC.ZBK\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Users\Martin\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\SlimCleaner Plus (Scheduled Scan - Martin).job - C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe /doScheduledScan

=========Mozilla firefox=========

ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\xn9lknim.default-1448133334052

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll


C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\xn9lknim.default-1448133334052\extensions\
abs@avira.com

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-12-04 16408320]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-12-04 1407104]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-07-20 373760]
"LnvMobHotspotClient"=C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2014-08-12 937968]
"LenovoUtility"=C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [2017-07-27 911272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-01-01 3952800]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2016-01-01 561672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAPower"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-10-12 17:57:40 ----D---- C:\rsit
2017-10-09 18:16:27 ----D---- C:\ProgramData\Microsoft OneDrive
2017-10-09 04:40:12 ----SHD---- C:\Recovery
2017-10-09 04:36:21 ----D---- C:\Windows.old
2017-10-09 04:31:37 ----A---- C:\WINDOWS\SYSWOW64\IpNatHlpClient.dll
2017-10-09 04:31:37 ----A---- C:\WINDOWS\SYSWOW64\CredentialUIBroker.exe
2017-10-09 04:31:35 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-10-09 04:31:29 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-10-09 04:31:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-10-09 04:31:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-10-09 04:31:29 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-10-09 04:31:29 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2017-10-09 04:31:29 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-10-09 04:31:29 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-10-09 04:31:29 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2017-10-09 04:31:29 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\VCardParser.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-10-09 04:31:28 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-10-09 04:31:27 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-10-09 04:31:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-10-09 04:31:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-10-09 04:31:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2017-10-09 04:31:27 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-10-09 04:31:27 ----A---- C:\WINDOWS\SYSWOW64\Phoneutil.dll
2017-10-09 04:31:27 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-10-09 04:31:27 ----A---- C:\WINDOWS\SYSWOW64\cmintegrator.dll
2017-10-09 04:31:27 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-10-09 04:31:26 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2017-10-09 04:31:26 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2017-10-09 04:31:26 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2017-10-09 04:31:26 ----A---- C:\WINDOWS\SYSWOW64\qasf.dll
2017-10-09 04:31:26 ----A---- C:\WINDOWS\SYSWOW64\ntprint.exe
2017-10-09 04:31:26 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2017-10-09 04:31:26 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-10-09 04:31:26 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2017-10-09 04:31:26 ----A---- C:\WINDOWS\SYSWOW64\dinput8.dll
2017-10-09 04:31:26 ----A---- C:\WINDOWS\SYSWOW64\dinput.dll
2017-10-09 04:31:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-10-09 04:31:25 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-10-09 04:31:25 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2017-10-09 04:31:25 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2017-10-09 04:31:25 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-10-09 04:31:25 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-10-09 04:31:25 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2017-10-09 04:31:25 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2017-10-09 04:31:25 ----A---- C:\WINDOWS\SYSWOW64\bcd.dll
2017-10-09 04:31:25 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2017-10-09 04:31:24 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-10-09 04:31:24 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-10-09 04:31:24 ----A---- C:\WINDOWS\system32\msvproc.dll
2017-10-09 04:31:24 ----A---- C:\WINDOWS\system32\mfps.dll
2017-10-09 04:31:24 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-10-09 04:31:24 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-10-09 04:31:24 ----A---- C:\WINDOWS\system32\mfds.dll
2017-10-09 04:31:24 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-10-09 04:31:24 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-10-09 04:31:23 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2017-10-09 04:31:23 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2017-10-09 04:31:23 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-10-09 04:31:23 ----A---- C:\WINDOWS\system32\inetpp.dll
2017-10-09 04:31:11 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-10-09 04:31:11 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-10-09 04:31:11 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2017-10-09 04:31:11 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-10-09 04:31:11 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-10-09 04:31:11 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-10-09 04:31:10 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-10-09 04:31:10 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-10-09 04:31:10 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2017-10-09 04:31:10 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-10-09 04:31:06 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-10-09 04:31:06 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2017-10-09 04:31:06 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-10-09 04:31:06 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-10-09 04:31:06 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-10-09 04:31:06 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-10-09 04:31:05 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-10-09 04:31:05 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-10-09 04:31:05 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-10-09 04:31:05 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-10-09 04:31:05 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-10-09 04:31:05 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-10-09 04:31:04 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-10-09 04:31:04 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-10-09 04:31:03 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-10-09 04:31:03 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-10-09 04:31:03 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-10-09 04:31:03 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-10-09 04:31:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-10-09 04:31:03 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-10-09 04:31:03 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-10-09 04:31:03 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-10-09 04:31:03 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-10-09 04:31:02 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2017-10-09 04:31:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-10-09 04:31:01 ----A---- C:\WINDOWS\system32\dab.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\spbcd.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\shsvcs.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\shlwapi.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\shdocvw.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\scksp.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\RstrtMgr.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\rasplap.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\fdeploy.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\basecsp.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\autofmt.exe
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2017-10-09 04:31:00 ----A---- C:\WINDOWS\SYSWOW64\appidapi.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\winsrvext.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\werui.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-10-09 04:31:00 ----A---- C:\WINDOWS\system32\dwmredir.dll
2017-10-09 04:30:59 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-10-09 04:30:59 ----A---- C:\WINDOWS\system32\dui70.dll
2017-10-09 04:30:58 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-09 04:30:58 ----A---- C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-10-09 04:30:58 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-10-09 04:30:58 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-10-09 04:30:58 ----A---- C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-10-09 04:30:58 ----A---- C:\WINDOWS\system32\NotificationController.dll
2017-10-09 04:30:58 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\twinui.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\shsvcs.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\shlwapi.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\shell32.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\shdocvw.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\fdeploy.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-10-09 04:30:57 ----A---- C:\WINDOWS\system32\comdlg32.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\spoolsv.exe
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\SHCore.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\ntprint.exe
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\ntprint.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\localspl.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\httpprxm.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-09 04:30:56 ----A---- C:\WINDOWS\system32\cmintegrator.dll
2017-10-09 04:30:56 ----A---- C:\WINDOWS\explorer.exe
2017-10-09 04:30:55 ----A---- C:\WINDOWS\system32\wininet.dll
2017-10-09 04:30:55 ----A---- C:\WINDOWS\system32\PhoneService.dll
2017-10-09 04:30:55 ----A---- C:\WINDOWS\system32\IpNatHlpClient.dll
2017-10-09 04:30:55 ----A---- C:\WINDOWS\system32\efscore.dll
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\rastls.dll
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\rascustom.dll
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\policymanager.dll
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\officecsp.dll
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\ofdeploy.exe
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\lpasvc.dll
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-10-09 04:30:54 ----A---- C:\WINDOWS\system32\dmcsps.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\rasman.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\msIso.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\csplte.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\coredpus.dll
2017-10-09 04:30:48 ----A---- C:\WINDOWS\system32\CfgSPCellular.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\wpx.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\wevtapi.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\untfs.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\srpapi.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\rasapi32.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\OpcServices.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\nltest.exe
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\configmanager2.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\bcdedit.exe
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\bcdboot.exe
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\autochk.exe
2017-10-09 04:30:47 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\rastlsext.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\rasplap.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\rasgcw.dll

Prosím o preventivku 2/2

Napsal: 12 říj 2017 17:20
od ras099
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\rasdlg.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\qasf.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\nettrace.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\dinput8.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\dinput.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-09 04:30:46 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-09 04:30:45 ----A---- C:\WINDOWS\system32\winresume.exe
2017-10-09 04:30:45 ----A---- C:\WINDOWS\system32\winload.exe
2017-10-09 04:30:45 ----A---- C:\WINDOWS\system32\services.exe
2017-10-09 04:30:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-10-09 04:30:45 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-10-09 04:30:45 ----A---- C:\WINDOWS\system32\hal.dll
2017-10-09 04:30:45 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-10-09 04:30:45 ----A---- C:\WINDOWS\system32\bcd.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\wisp.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\spbcd.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\scksp.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\profsvcext.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\ole32.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\drivers\nsiproxy.sys
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\basecsp.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\autofmt.exe
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\autoconv.exe
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\appinfo.dll
2017-10-09 04:30:44 ----A---- C:\WINDOWS\system32\appidapi.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\setupapi.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\RstrtMgr.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\reseteng.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\ReAgent.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\msacm32.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-10-09 04:30:43 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\wups.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\wer.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\VCardParser.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\psmsrv.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\Phoneutil.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\ngcrecovery.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\FrameServer.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\eShims.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\DolbyMATEnc.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-10-09 04:30:42 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\win32u.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\win32k.sys
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\user32.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\tquery.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\tbs.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\InputService.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\datamarketsvc.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\cryptngc.dll
2017-10-09 04:30:39 ----A---- C:\WINDOWS\system32\BingMaps.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\wininit.exe
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\wc_storage.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\tokenbinding.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\sscore.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\srvsvc.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\SEMgrPS.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\rpcss.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\propsys.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\profsvc.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\netlogon.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\msv1_0.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\dxgi.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\combase.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\authz.dll
2017-10-09 04:30:38 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\tokenbinding.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\msacm32.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\tdh.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\offreg.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\dsreg.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-10-09 04:30:37 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\wisp.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\wevtapi.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\tbs.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\sscore.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msxbde40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\mswstr10.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\mswdat10.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\mstext40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msrepl40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\mspbde40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msjtes40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msjter40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msjint40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msjetoledb40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\UcmUcsi.sys
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2017-10-09 04:30:36 ----A---- C:\WINDOWS\system32\BthHFSrv.dll
2017-10-09 04:18:50 ----A---- C:\WINDOWS\system32\prm0015.dll
2017-10-09 04:18:32 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2017-10-09 04:18:32 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2017-10-09 04:18:32 ----A---- C:\WINDOWS\system32\prm0009.dll
2017-10-09 04:18:32 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2017-10-09 04:18:32 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2017-10-09 04:17:41 ----D---- C:\WINDOWS\system32\Microsoft
2017-10-09 04:17:41 ----D---- C:\WINDOWS\ServiceProfiles
2017-10-09 04:15:24 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2017-10-09 04:15:23 ----D---- C:\Program Files\Reference Assemblies
2017-10-09 04:15:23 ----D---- C:\Program Files\MSBuild
2017-10-09 04:15:23 ----D---- C:\Program Files (x86)\Reference Assemblies
2017-10-09 04:15:23 ----D---- C:\Program Files (x86)\MSBuild
2017-10-09 04:14:26 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2017-10-09 04:14:25 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2017-10-09 04:14:24 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-10-09 04:14:21 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2017-10-09 04:14:21 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-10-09 04:14:21 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-10-09 04:02:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-09 03:56:04 ----ASH---- C:\hiberfil.sys
2017-10-09 03:52:33 ----D---- C:\ProgramData\USOShared
2017-10-09 03:46:35 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2017-10-09 03:45:48 ----HD---- C:\Program Files\Uninstall Information
2017-10-09 03:45:45 ----D---- C:\Program Files (x86)\USB Camera
2017-10-09 03:45:26 ----D---- C:\WINDOWS\system32\DAX2
2017-10-09 03:45:10 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2017-10-09 03:45:10 ----D---- C:\Program Files\Realtek
2017-10-09 03:45:07 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.DLL
2017-10-09 03:45:07 ----A---- C:\WINDOWS\system32\OpenCL.DLL
2017-10-09 03:45:00 ----D---- C:\Program Files\Intel
2017-10-09 03:44:40 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2017-10-09 03:44:16 ----D---- C:\Program Files\Synaptics
2017-10-09 03:43:38 ----D---- C:\Program Files (x86)\Lenovo
2017-10-09 03:43:35 ----D---- C:\Program Files\Lenovo
2017-10-09 03:43:34 ----D---- C:\ProgramData\Lenovo
2017-10-09 03:43:06 ----AS---- C:\WINDOWS\bootstat.dat
2017-10-09 03:41:45 ----D---- C:\WINDOWS\Prefetch
2017-10-09 03:41:28 ----D---- C:\WINDOWS\system32\SleepStudy
2017-10-09 03:41:21 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-08 23:01:55 ----AD---- C:\Program Files\rempl
2017-10-08 22:21:15 ----DC---- C:\WINDOWS\Panther
2017-10-08 21:17:01 ----A---- C:\WINDOWS\system32\iMDriverHelper.dll
2017-10-08 21:17:01 ----A---- C:\WINDOWS\system32\ImController.InfInstaller.exe
2017-10-08 21:17:01 ----A---- C:\WINDOWS\system32\ImController.CoInstaller.dll
2017-09-26 18:09:32 ----D---- C:\Users\Martin\AppData\Roaming\F5 Networks
2017-09-26 18:09:23 ----A---- C:\WINDOWS\f5unistall.INI
2017-09-26 18:09:08 ----D---- C:\ProgramData\F5 Networks

======List of files/folders modified in the last 1 month======

2017-10-12 17:57:42 ----D---- C:\Program Files\trend micro
2017-10-12 17:57:34 ----D---- C:\WINDOWS\Temp
2017-10-12 17:57:08 ----D---- C:\WINDOWS\system32\Tasks
2017-10-12 17:55:19 ----D---- C:\Users\Martin\AppData\Roaming\eM Client
2017-10-12 17:51:59 ----D---- C:\WINDOWS\system32\sru
2017-10-12 17:50:47 ----AD---- C:\Program Files (x86)\BatteryCare
2017-10-11 18:00:43 ----RD---- C:\WINDOWS\Microsoft.NET
2017-10-11 17:59:35 ----RSD---- C:\WINDOWS\assembly
2017-10-11 17:17:30 ----D---- C:\Users\Martin\AppData\Roaming\BatteryCare
2017-10-10 20:00:43 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2017-10-10 18:00:32 ----SHD---- C:\System Volume Information
2017-10-10 16:54:20 ----RD---- C:\Program Files (x86)
2017-10-10 16:53:07 ----SHD---- C:\WINDOWS\Installer
2017-10-10 16:52:57 ----RD---- C:\Program Files (x86)\Skype
2017-10-10 16:52:57 ----D---- C:\Program Files (x86)\Common Files
2017-10-10 16:52:53 ----D---- C:\ProgramData\Skype
2017-10-10 16:37:46 ----D---- C:\WINDOWS\System32
2017-10-10 16:35:29 ----D---- C:\WINDOWS\system32\WDI
2017-10-10 16:30:20 ----D---- C:\WINDOWS\system32\catroot2
2017-10-09 19:54:15 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2017-10-09 19:09:08 ----D---- C:\WINDOWS\AppReadiness
2017-10-09 19:09:07 ----HD---- C:\Program Files\WindowsApps
2017-10-09 18:47:31 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-10-09 18:31:03 ----D---- C:\WINDOWS\INF
2017-10-09 18:20:33 ----D---- C:\WINDOWS\system32\NDF
2017-10-09 18:19:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2017-10-09 18:19:17 ----D---- C:\WINDOWS\system32\drivers
2017-10-09 18:19:14 ----D---- C:\WINDOWS\SYSWOW64\drivers
2017-10-09 18:19:14 ----D---- C:\WINDOWS\SysWOW64
2017-10-09 18:18:28 ----D---- C:\WINDOWS\system32\restore
2017-10-09 18:16:27 ----HD---- C:\ProgramData
2017-10-09 18:06:31 ----D---- C:\WINDOWS\Logs
2017-10-09 18:06:07 ----A---- C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-10-09 04:34:05 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-10-09 04:34:05 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2017-10-09 04:34:05 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-10-09 04:34:04 ----SD---- C:\WINDOWS\system32\F12
2017-10-09 04:34:04 ----D---- C:\WINDOWS\system32\WinMetadata
2017-10-09 04:34:04 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-10-09 04:34:04 ----D---- C:\WINDOWS\system32\setup
2017-10-09 04:34:04 ----D---- C:\WINDOWS\system32\cs
2017-10-09 04:34:04 ----D---- C:\WINDOWS\ShellExperiences
2017-10-09 04:34:02 ----D---- C:\WINDOWS\AppPatch
2017-10-09 04:34:02 ----D---- C:\Program Files\Internet Explorer
2017-10-09 04:34:02 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-09 04:18:57 ----D---- C:\WINDOWS\OCR
2017-10-09 04:13:08 ----D---- C:\Program Files\Windows NT
2017-10-09 04:12:30 ----D---- C:\WINDOWS\Registration
2017-10-09 04:12:23 ----D---- C:\WINDOWS\system32\WinBioDatabase
2017-10-09 04:12:12 ----D---- C:\WINDOWS\debug
2017-10-09 04:12:07 ----D---- C:\WINDOWS\SoftwareDistribution
2017-10-09 04:12:00 ----D---- C:\WINDOWS\rescache
2017-10-09 04:10:16 ----D---- C:\Windows
2017-10-09 04:09:17 ----RSD---- C:\WINDOWS\Fonts
2017-10-09 04:09:17 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2017-10-09 04:09:16 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-10-09 04:09:16 ----D---- C:\WINDOWS\system32\wbem
2017-10-09 04:04:23 ----D---- C:\WINDOWS\HoloShell
2017-10-09 04:04:12 ----D---- C:\WINDOWS\system32\LogFiles
2017-10-09 04:03:44 ----D---- C:\WINDOWS\Tasks
2017-10-09 04:03:31 ----SD---- C:\ProgramData\Microsoft
2017-10-09 04:02:49 ----RSD---- C:\WINDOWS\Media
2017-10-09 04:02:37 ----D---- C:\WINDOWS\system32\drivers\etc
2017-10-09 04:02:19 ----D---- C:\WINDOWS\system32\config
2017-10-09 03:58:37 ----D---- C:\WINDOWS\system32\DriverStore
2017-10-09 03:55:32 ----D---- C:\WINDOWS\system32\CatRoot
2017-10-09 03:55:20 ----D---- C:\WINDOWS\system32\UNP
2017-10-09 03:55:19 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-10-09 03:55:10 ----D---- C:\WINDOWS\WinSxS
2017-10-09 03:52:36 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-10-09 03:52:33 ----D---- C:\ProgramData\USOPrivate
2017-10-09 03:52:17 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2017-10-09 03:52:17 ----D---- C:\WINDOWS\SYSWOW64\zh-HK
2017-10-09 03:52:17 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2017-10-09 03:52:17 ----D---- C:\WINDOWS\SYSWOW64\winrm
2017-10-09 03:52:15 ----D---- C:\WINDOWS\SYSWOW64\WCN
2017-10-09 03:52:15 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2017-10-09 03:52:15 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2017-10-09 03:52:15 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2017-10-09 03:52:15 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2017-10-09 03:52:15 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\slmgr
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\Samsung_USB_Drivers
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\Printing_Admin_Scripts
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\oobe
2017-10-09 03:52:14 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2017-10-09 03:52:13 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2017-10-09 03:52:13 ----D---- C:\WINDOWS\SYSWOW64\MUI
2017-10-09 03:52:13 ----D---- C:\WINDOWS\SYSWOW64\migration
2017-10-09 03:52:13 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2017-10-09 03:52:13 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2017-10-09 03:52:13 ----D---- C:\WINDOWS\SYSWOW64\Lenovo
2017-10-09 03:52:13 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2017-10-09 03:52:13 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2017-10-09 03:52:13 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2017-10-09 03:52:12 ----D---- C:\WINDOWS\SYSWOW64\IME
2017-10-09 03:52:12 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2017-10-09 03:52:12 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2017-10-09 03:52:12 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2017-10-09 03:52:12 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2017-10-09 03:52:12 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2017-10-09 03:52:12 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2017-10-09 03:52:12 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2017-10-09 03:52:11 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-10-09 03:52:11 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2017-10-09 03:52:11 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2017-10-09 03:52:11 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2017-10-09 03:52:11 ----D---- C:\WINDOWS\SYSWOW64\Dism
2017-10-09 03:52:11 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2017-10-09 03:52:11 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2017-10-09 03:52:11 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-10-09 03:52:10 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2017-10-09 03:52:10 ----D---- C:\WINDOWS\SYSWOW64\BestPractices
2017-10-09 03:52:10 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2017-10-09 03:52:04 ----D---- C:\WINDOWS\system32\zh-TW
2017-10-09 03:52:04 ----D---- C:\WINDOWS\system32\zh-HK
2017-10-09 03:52:04 ----D---- C:\WINDOWS\system32\zh-CN
2017-10-09 03:52:04 ----D---- C:\WINDOWS\system32\winrm
2017-10-09 03:52:02 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-10-09 03:52:02 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-10-09 03:52:02 ----D---- C:\WINDOWS\system32\WCN
2017-10-09 03:52:01 ----D---- C:\WINDOWS\system32\uk-UA
2017-10-09 03:52:01 ----D---- C:\WINDOWS\system32\tr-TR
2017-10-09 03:52:01 ----D---- C:\WINDOWS\system32\th-TH
2017-10-09 03:52:01 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2017-10-09 03:52:01 ----D---- C:\WINDOWS\system32\sv-SE
2017-10-09 03:52:01 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2017-10-09 03:52:01 ----D---- C:\WINDOWS\system32\spool
2017-10-09 03:51:59 ----D---- C:\WINDOWS\system32\sl-SI
2017-10-09 03:51:59 ----D---- C:\WINDOWS\system32\slmgr
2017-10-09 03:51:59 ----D---- C:\WINDOWS\system32\sk-SK
2017-10-09 03:51:59 ----D---- C:\WINDOWS\system32\ru-RU
2017-10-09 03:51:59 ----D---- C:\WINDOWS\system32\ro-RO
2017-10-09 03:51:59 ----D---- C:\WINDOWS\system32\pt-PT
2017-10-09 03:51:59 ----D---- C:\WINDOWS\system32\pt-BR
2017-10-09 03:51:59 ----D---- C:\WINDOWS\system32\Printing_Admin_Scripts
2017-10-09 03:51:59 ----D---- C:\WINDOWS\system32\pl-PL
2017-10-09 03:51:58 ----D---- C:\WINDOWS\system32\oobe
2017-10-09 03:51:58 ----D---- C:\WINDOWS\system32\nl-NL
2017-10-09 03:51:58 ----D---- C:\WINDOWS\system32\nb-NO
2017-10-09 03:51:58 ----D---- C:\WINDOWS\system32\MUI
2017-10-09 03:51:58 ----D---- C:\WINDOWS\system32\migration
2017-10-09 03:51:58 ----D---- C:\WINDOWS\system32\lv-LV
2017-10-09 03:51:58 ----D---- C:\WINDOWS\system32\lt-LT
2017-10-09 03:51:58 ----D---- C:\WINDOWS\system32\Lenovo
2017-10-09 03:51:57 ----D---- C:\WINDOWS\system32\ko-KR
2017-10-09 03:51:57 ----D---- C:\WINDOWS\system32\ja-jp
2017-10-09 03:51:57 ----D---- C:\WINDOWS\system32\it-IT
2017-10-09 03:51:57 ----D---- C:\WINDOWS\system32\InputMethod
2017-10-09 03:51:57 ----D---- C:\WINDOWS\system32\IME
2017-10-09 03:51:57 ----D---- C:\WINDOWS\system32\hu-HU
2017-10-09 03:51:57 ----D---- C:\WINDOWS\system32\hr-HR
2017-10-09 03:51:57 ----D---- C:\WINDOWS\system32\he-IL
2017-10-09 03:51:57 ----D---- C:\WINDOWS\system32\fr-FR
2017-10-09 03:51:56 ----D---- C:\WINDOWS\system32\fi-FI
2017-10-09 03:51:56 ----D---- C:\WINDOWS\system32\et-EE
2017-10-09 03:51:56 ----D---- C:\WINDOWS\system32\es-ES
2017-10-09 03:51:56 ----D---- C:\WINDOWS\system32\en-US
2017-10-09 03:51:56 ----D---- C:\WINDOWS\system32\en-GB
2017-10-09 03:51:55 ----D---- C:\WINDOWS\system32\el-GR
2017-10-09 03:51:55 ----D---- C:\WINDOWS\system32\DRVSTORE
2017-10-09 03:51:54 ----D---- C:\WINDOWS\system32\Dism
2017-10-09 03:51:54 ----D---- C:\WINDOWS\system32\de-DE
2017-10-09 03:51:54 ----D---- C:\WINDOWS\system32\da-DK
2017-10-09 03:51:54 ----D---- C:\WINDOWS\system32\cs-CZ
2017-10-09 03:51:25 ----D---- C:\WINDOWS\system32\CodeIntegrity
2017-10-09 03:50:19 ----D---- C:\WINDOWS\system32\Boot
2017-10-09 03:50:19 ----D---- C:\WINDOWS\system32\bg-BG
2017-10-09 03:50:19 ----D---- C:\WINDOWS\system32\BestPractices
2017-10-09 03:50:19 ----D---- C:\WINDOWS\system32\ar-SA
2017-10-09 03:50:12 ----D---- C:\WINDOWS\PolicyDefinitions
2017-10-09 03:50:10 ----D---- C:\WINDOWS\LiveKernelReports
2017-10-09 03:49:57 ----D---- C:\WINDOWS\InputMethod
2017-10-09 03:49:54 ----D---- C:\WINDOWS\IME
2017-10-09 03:49:54 ----D---- C:\WINDOWS\Help
2017-10-09 03:49:50 ----RD---- C:\Users
2017-10-09 03:49:35 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-10-09 03:49:35 ----D---- C:\Program Files (x86)\Windows Media Player
2017-10-09 03:49:35 ----D---- C:\Program Files (x86)\Windows Mail
2017-10-09 03:49:28 ----RD---- C:\Program Files
2017-10-09 03:49:26 ----D---- C:\Program Files\Windows Photo Viewer
2017-10-09 03:49:26 ----D---- C:\Program Files\Windows Media Player
2017-10-09 03:49:26 ----D---- C:\Program Files\Windows Mail
2017-10-09 03:49:24 ----D---- C:\Program Files\Common Files\System
2017-10-09 03:49:24 ----D---- C:\Program Files\Common Files\microsoft shared
2017-10-09 03:49:24 ----D---- C:\Program Files\Common Files
2017-10-09 03:48:54 ----D---- C:\WINDOWS\system32\Recovery
2017-10-09 03:45:50 ----D---- C:\WINDOWS\system32\Sysprep
2017-10-09 03:45:45 ----D---- C:\WINDOWS\twain_32
2017-10-09 03:45:45 ----D---- C:\WINDOWS\System
2017-10-09 02:54:35 ----HD---- C:\$WINDOWS.~BT
2017-10-09 02:02:20 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-CS
2017-10-09 02:02:14 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-10-08 22:43:55 ----D---- C:\WINDOWS\system32\MRT
2017-10-08 22:25:03 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-09-13 21:02:03 ----D---- C:\Program Files (x86)\Avira
2017-09-13 21:01:59 ----D---- C:\ProgramData\Avira

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avdevprot;avdevprot; C:\WINDOWS\system32\DRIVERS\avdevprot.sys [2017-08-17 60920]
R0 avusbflt;avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [2017-08-17 38048]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-11-19 652344]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2017-08-17 167464]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2017-08-17 44488]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-03-12 27552]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2017-10-10 176224]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2017-08-17 88488]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-03-18 79872]
R3 AmUStor;@oem21.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2012-07-20 100992]
R3 bcbtums;@oem31.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2016-01-01 173312]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2017-03-18 7585280]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2016-01-01 72400]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-05-04 3811288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-12-04 4694784]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem27.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 LnvHIDHW;@oem42.inf,%LnvHIDHW%;Lenovo HID Mini-driver for Hardware Radio Switch; C:\WINDOWS\System32\drivers\LnvHIDHW.sys [2014-04-07 29496]
R3 MEIx64;@oem17.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-03-12 64624]
R3 rt640x64;@oem38.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-05-29 886528]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2016-01-01 44192]
R3 SynTP;@oem41.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2016-01-01 630944]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys [2014-09-05 44640]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2017-10-09 982016]
S3 btwampfl;@oem31.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2016-01-01 188160]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-10-09 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 Fastboot;Fastboot; C:\WINDOWS\System32\DRIVERS\fastboot.sys [2014-02-23 66288]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 50160]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2017-10-10 490968]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2017-10-10 490968]
R2 AVControlCenter;AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2015-01-21 560584]
R2 BcmBtRSupport;@oem31.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2016-01-01 2251992]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_3feb0;Uživatelská služba platformy připojených zařízení_3feb0; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 FastbootService;FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2014-02-23 140016]
R2 IBMPMSVC;@oem4.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2016-01-01 131312]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-04 337888]
R2 ImControllerService;@oem12.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08 68416]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-03-12 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432]
R2 Lenovo Settings Service;Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2015-01-23 2016472]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-11 136288]
R2 LnvHotSpotSvc;LnvMHService; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [2014-08-12 474608]
R2 LocationTaskManager;LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [2015-01-09 469720]
R2 OneSyncSvc_3feb0;Hostitel synchronizace_3feb0; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-07-11 336320]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-01-01 247968]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_3feb0;Data kontaktů_3feb0; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2017-08-16 23928]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2017-10-10 1128432]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2017-10-10 1525240]
S2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2017-08-30 402768]
S2 AviraUpdaterService;Avira Updater Service; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2017-08-31 102304]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-20 144200]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-12 366552]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-04 299488]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_3feb0;Tok zařízení_3feb0; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-20 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2015-01-21 626120]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-06-02 273232]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_3feb0;Služba zasílání zpráv_3feb0; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-06 146888]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 Power Manager DBC Service;Lenovo Settings Power Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2015-01-16 1668848]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S4 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller; C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2015-01-21 456136]
S4 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2015-01-21 453576]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]

-----------------EOF-----------------

Re: Prosím o preventivku 2/2

Napsal: 13 říj 2017 17:11
od Rudy
Zdravím!
Proč rozdělujete příspěvek do dvou vláken? Myslíte si, že to budu řešit nadvakrát? Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o preventivku 2/2

Napsal: 13 říj 2017 22:33
od ras099
# AdwCleaner v5.037 - Logfile created 01/03/2016 at 06:44:22
# Updated 28/02/2016 by Xplode
# Database : 2016-02-28.2 [Local]
# Operating system : Windows 10 Home (x64)
# Username : Martin - MARTINRASZKA
# Running from : C:\Users\Martin\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\slimcleaner plus
[-] Folder Deleted : C:\Program Files\slimservice
[-] Folder Deleted : C:\ProgramData\slimware utilities inc
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\slimcleaner plus
[-] Folder Deleted : C:\Users\Martin\AppData\Local\slimware utilities inc
[-] Folder Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall

***** [ Files ] *****

[-] File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage
[-] File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage-journal

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\dobreprogramy
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[-] Key Deleted : HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : [x64] HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.

***** [ Web browsers ] *****

[-] [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chphlpgkkbolifaimnlloiipkdnihall

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1970 bytes] - [01/03/2016 06:44:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [1947 bytes] - [01/03/2016 06:42:37]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2116 bytes] ##########

Re: Prosím o preventivku 2/2

Napsal: 14 říj 2017 17:39
od Rudy
OK. Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .

Re: Prosím o preventivku 2/2

Napsal: 14 říj 2017 19:11
od ras099
Posílám v příloze. Nevešlo se mi to do jedné zprávy :(

Re: Prosím o preventivku 2/2

Napsal: 14 říj 2017 20:17
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> DefaultScope {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o preventivku 2/2

Napsal: 14 říj 2017 20:49
od ras099
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-10-2017
Ran by Martin (14-10-2017 21:43:13) Run:3
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> DefaultScope {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
SearchScopes: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001 -> {4726F2FD-48EF-44CA-9501-F2771B5F9B81} URL =
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4726F2FD-48EF-44CA-9501-F2771B5F9B81} => key not found.
HKLM\Software\Classes\CLSID\{4726F2FD-48EF-44CA-9501-F2771B5F9B81} => key not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found.
"C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat" => not found.
"C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found.
"C:\ProgramData\DP45977C.lfl" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3216306 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 12067686 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1646 B
NetworkService => 0 B
Martin => 19906 B

RecycleBin => 0 B
EmptyTemp: => 20.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:43:19 ====

Re: Prosím o preventivku 2/2

Napsal: 14 říj 2017 21:08
od Rudy
Smazáno. Log by již měl být OK.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz