Blokování portů od poskytovatele.

[_Antti_]

Dobrý den, chtěl bych vás poprosit, zda by nebylo možné mi zkontrolovat, zda na PC neběží něco nechtěného. Od poskytovatele mám blokované všechny porty kromě 80 a 443 a toto opratření většinou dělá, když na pc běží malware. Dovolat se jim v tuto dobu bylo nemožné a když to bude opravdu malwarem, tak by neuškodilo být o krok napřed.

Log bude ve více příspěvcích z důvodu znakového omezení.

Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jan at 2017-12-26 12:59:49
Microsoft Windows 10 Pro
System drive C: has 65 GB (28%) free of 228 GB
Total RAM: 16327 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:59:51, on 26.12.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0098)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
C:\Windows\SysWOW64\muachost.exe
C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
C:\Windows\SysWOW64\muachost.exe
C:\Windows\SysWOW64\muachost.exe
C:\Windows\SysWOW64\muachost.exe
C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\Jan\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Program Files\trend micro\Jan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [ROCCAT Savu Gaming Mouse] "C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe" /Automation
O4 - HKLM\..\Run: [Corsair Utility Engine] "C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe" --autorun
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [BloodyToneMaker] "C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe" Minimum
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Windows\SysWOW64\muachost.exe /RestartByRestartManager:0DCE1A0B-AED2-40cf-8575-44AB2B06D04A /RestartByRestartManager:91A2A5B8-3537-4fae-A33E-02AAC1F6ACF1 /RestartByRestartManager:7D7EF230-4289-4335-B7CF-F84F4F590B01 /RestartByRestartManager:1545BC3B-EB2D-44e4-A165-1AF009A32A33
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{063d6996-761e-45c8-a6ed-5cab133ec3b5}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{063d6996-761e-45c8-a6ed-5cab133ec3b5}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: acCAMService - Unknown owner - C:\Program Files (x86)\NZXT\CAM\Service\CAMService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\2.00.09\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
O23 - Service: Bitdefender RedLine Service (bdredline) - Bitdefender - C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
O23 - Service: GamingHotkey_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Služba Kaspersky Secure Connection 1.0.0 (KSDE1.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Bitdefender Product Agent Service (ProductAgentService) - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
O23 - Service: Bitdefender Protected Service (vsservp) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

--
End of file - 14908 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k networkservice -s TermService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
"C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe" /service
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s UmRdpService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s SessionEnv
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe"
"C:\Program Files (x86)\NZXT\CAM\Service\CAMService.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\ASUS\AXSP\2.00.09\atkexComSvc.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
"C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe"
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
"C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe"
"C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localservice -s W32Time
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
"C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe" /service


c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
dashost.exe {fb4f99ae-d0c3-4d44-976708fd6a8b94c8}
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\WINDOWS\system32\AUDIODG.EXE 0x7c4
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe"
"C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe" --normal
C:\Windows\SysWOW64\muachost.exe
"C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe"
"C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe" --start
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe"
"C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"ctfmon.exe"
/QuitInfo:00000000000002E8;00000000000002D4;
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
/loadhooks /Parent:000000000000251c
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe" -hidden
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe" Minimum
"C:\Windows\SysWOW64\muachost.exe" /RestartByRestartManager:BFA736F3-F7B5-42e0-AC84-30C8CEB4D41E /RestartByRestartManager:4FA98188-1146-4d8d-AC5D-7FC5379AE629
"C:\Windows\SysWOW64\muachost.exe" /RestartByRestartManager:7E3F7D97-DE22-49e9-882D-89B9F32DEAFA /RestartByRestartManager:D3C1F658-A395-44be-B0AE-EDA2A5DA5B61 /RestartByRestartManager:F0DC7352-DD13-4ec1-9795-6163BD546FCB
"C:\Windows\SysWOW64\muachost.exe" /RestartByRestartManager:7B3B91C3-2803-44b9-AB9C-98AFDCD1018E
"C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe" --autorun
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe" Release
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe" -sync_complete
"C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe"
"C:\Users\Jan\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe" --type=gpu-process --channel="17336.0.58902900\1079504707" --no-sandbox --lang=en-US --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45,55 --gpu-vendor-id=0x10de --gpu-device-id=0x1b06 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.8871 --lang=en-US /prefetch:822062411
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe "
"C:\Program Files\Bitdefender\Bitdefender Security\OBKAgent.exe" 9220
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe"
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.12111.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Jan\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Jan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.108 --initial-client-data=0x1d4,0x1d8,0x1dc,0x1d0,0x1e0,0x7ffa01275720,0x7ffa01275760,0x7ffa01275738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=16600 --on-initialized-event-handle=644 --parent-handle=648 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2300,5191664209740900329,12815226189447933071,131072 --service-pipe-token=A38907E8D8BCA83322E34B38FB253D4D --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --service-request-channel-token=A38907E8D8BCA83322E34B38FB253D4D --renderer-client-id=3 --mojo-platform-channel-handle=3248 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2300,5191664209740900329,12815226189447933071,131072 --use-gl=swiftshader-webgl --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x1b06 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=7C98A98AC5ACC468276C6AEB787829CB --mojo-platform-channel-handle=4456 --ignored=" --type=renderer " /prefetch:2
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s NetSetupSvc
C:\WINDOWS\System32\svchost.exe -k smphost
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2300,5191664209740900329,12815226189447933071,131072 --service-pipe-token=D45541EEE1F4EF65C295EB43C362CCD5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --service-request-channel-token=D45541EEE1F4EF65C295EB43C362CCD5 --renderer-client-id=10 --mojo-platform-channel-handle=3144 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost

C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2300,5191664209740900329,12815226189447933071,131072 --service-pipe-token=496DA2EB4B0C088A9E4D42B755E76409 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --service-request-channel-token=496DA2EB4B0C088A9E4D42B755E76409 --renderer-client-id=12 --mojo-platform-channel-handle=5376 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2300,5191664209740900329,12815226189447933071,131072 --service-pipe-token=8FDE3C9DBB67461F9FBA2CA1148FD622 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --service-request-channel-token=8FDE3C9DBB67461F9FBA2CA1148FD622 --renderer-client-id=15 --mojo-platform-channel-handle=4704 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2300,5191664209740900329,12815226189447933071,131072 --service-pipe-token=839E6EBC9FBCDEC69B7E50A45DD475D5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --service-request-channel-token=839E6EBC9FBCDEC69B7E50A45DD475D5 --renderer-client-id=18 --mojo-platform-channel-handle=6664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2300,5191664209740900329,12815226189447933071,131072 --service-pipe-token=C6C17827763BC5DF61D1536DCDCB7BBB --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --service-request-channel-token=C6C17827763BC5DF61D1536DCDCB7BBB --renderer-client-id=25 --mojo-platform-channel-handle=1256 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2300,5191664209740900329,12815226189447933071,131072 --service-pipe-token=3BB33DD05D363848B27B038CA54A87EE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --service-request-channel-token=3BB33DD05D363848B27B038CA54A87EE --renderer-client-id=28 --mojo-platform-channel-handle=6256 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"D:\Downloads NEW\RSITx64 (2).exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser

======Scheduled tasks folder======

C:\WINDOWS\tasks\MSISW_Host.job - C:\WINDOWS\SysWOW64\muachost.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\5qmcww5u.default

"bdwtwe@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender Security\bdwteff\


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-12-15 534720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-12-18 206000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-12-15 469760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-12-15 534720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-12-15 469760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-09-23 8903176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-11-07 1685704]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-12-15 3111712]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-09-20 9856176]
"BloodyToneMaker"=C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [2017-10-16 8555008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Windows\SysWOW64\muachost.exe [2015-08-18 1692840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ROCCAT Savu Gaming Mouse"=C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [2012-09-10 872048]
"Corsair Utility Engine"=C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [2017-09-15 20233936]
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2017-08-30 596664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=20

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"VIDC.FPS1"=frapsv64.dll
"VIDC.RTV1"=rtvcvfw64.dll
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2017-12-21 21:36:24 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2017-12-21 21:36:20 ----D---- C:\Program Files (x86)\VulkanRT
2017-12-21 21:36:20 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2017-12-21 21:36:20 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2017-12-21 21:36:20 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2017-12-21 21:36:20 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2017-12-21 21:36:15 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2017-12-21 21:36:15 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2017-12-21 21:36:15 ----A---- C:\WINDOWS\system32\nvshext.dll
2017-12-21 21:36:15 ----A---- C:\WINDOWS\system32\nvmctray.dll
2017-12-21 21:36:15 ----A---- C:\WINDOWS\system32\nvcpl.dll
2017-12-21 21:36:15 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2017-12-21 21:36:15 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2017-12-21 21:36:07 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2017-12-21 21:34:39 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2017-12-21 21:34:38 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2017-12-21 21:34:38 ----A---- C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-12-21 21:34:38 ----A---- C:\WINDOWS\system32\drivers\nvhda64v.sys
2017-12-21 21:34:36 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2017-12-21 21:34:36 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2017-12-21 21:34:36 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-12-21 21:34:36 ----A---- C:\WINDOWS\system32\nvopencl.dll
2017-12-21 21:34:36 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2017-12-21 21:34:35 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2017-12-21 21:34:35 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFThevc.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\SYSWOW64\nvEncMFTH264.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\system32\nvEncMFThevc.dll
2017-12-21 21:34:34 ----A---- C:\WINDOWS\system32\nvEncMFTH264.dll
2017-12-21 21:34:33 ----A---- C:\WINDOWS\SYSWOW64\nvDecMFTMjpeg.dll
2017-12-21 21:34:33 ----A---- C:\WINDOWS\system32\nvdispgenco6438871.dll
2017-12-21 21:34:33 ----A---- C:\WINDOWS\system32\nvdispco6438871.dll
2017-12-21 21:34:33 ----A---- C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-12-21 21:34:32 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2017-12-21 21:34:32 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2017-12-21 21:34:32 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2017-12-21 21:34:32 ----A---- C:\WINDOWS\system32\nvcuda.dll
2017-12-21 21:34:31 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2017-12-21 21:34:30 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2017-12-21 21:34:30 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2017-12-21 21:34:30 ----A---- C:\WINDOWS\system32\nvapi64.dll
2017-12-18 23:06:10 ----SHD---- C:\Config.Msi
2017-12-17 14:25:36 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2017-12-17 13:22:48 ----D---- C:\ProgramData\MB3CoreBackup
2017-12-12 19:47:45 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-12-12 19:47:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-12-12 19:47:45 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-12-12 19:47:45 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-12-12 19:47:45 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-12-12 19:47:44 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-12-12 19:47:44 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\AudioSes.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-12 19:47:44 ----A---- C:\WINDOWS\system32\audiodg.exe
2017-12-12 19:47:43 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-12-12 19:47:43 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-12-12 19:47:43 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-12-12 19:47:43 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-12-12 19:47:43 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2017-12-12 19:47:43 ----A---- C:\WINDOWS\system32\jscript.dll
2017-12-12 19:47:43 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-12-12 19:47:43 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-12-12 19:47:43 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-12-12 19:47:42 ----A---- C:\WINDOWS\system32\wininet.dll
2017-12-12 19:47:42 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-12-12 19:47:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-12-12 19:47:42 ----A---- C:\WINDOWS\system32\mispace.dll
2017-12-12 19:47:42 ----A---- C:\WINDOWS\system32\dwmcore.dll
2017-12-12 19:47:42 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2017-12-12 19:47:42 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-12-12 19:47:42 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-12-12 19:47:42 ----A---- C:\WINDOWS\system32\audiosrv.dll
2017-12-12 19:47:42 ----A---- C:\WINDOWS\system32\AcGenral.dll
2017-12-12 19:47:41 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-12-12 19:47:41 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-12-12 19:47:41 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Perception.Stub.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\system32\ISM.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-12 19:47:40 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-12 19:47:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-12 19:47:39 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-12 19:47:39 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2017-12-12 19:47:38 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2017-12-12 19:47:38 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-12-12 19:47:38 ----A---- C:\WINDOWS\system32\AudioEng.dll
2017-12-12 19:47:37 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2017-12-12 19:47:37 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2017-12-12 19:47:37 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2017-12-12 19:47:37 ----A---- C:\WINDOWS\system32\sspicli.dll
2017-12-12 19:47:37 ----A---- C:\WINDOWS\system32\shell32.dll
2017-12-12 19:47:37 ----A---- C:\WINDOWS\system32\AcLayers.dll
2017-12-12 19:47:36 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-12-12 19:47:36 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-12 19:47:36 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-12-12 19:47:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-12-12 19:47:35 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-12-12 19:47:35 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2017-12-12 19:47:35 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-12-12 19:47:35 ----A---- C:\WINDOWS\system32\user32.dll
2017-12-12 19:47:35 ----A---- C:\WINDOWS\system32\twinui.dll
2017-12-12 19:47:34 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-12-12 19:47:34 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-12-12 19:47:34 ----A---- C:\WINDOWS\system32\vac.exe
2017-12-12 19:47:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-12-12 19:47:34 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-12-12 19:47:34 ----A---- C:\WINDOWS\system32\ci.dll
2017-12-12 19:47:34 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-12 19:47:33 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-12-12 19:47:33 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2017-12-12 19:47:33 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-12-12 19:47:33 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-12 19:47:33 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2017-12-12 19:47:33 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-12-12 19:47:33 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-12 19:47:33 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-12 19:47:33 ----A---- C:\WINDOWS\system32\d3d11.dll
2017-12-12 19:47:33 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-12 19:47:33 ----A---- C:\WINDOWS\explorer.exe
2017-12-12 19:47:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-12-12 19:47:32 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\usocore.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\t2embed.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\SRH.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\sppwinob.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\msxml6.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\InstallService.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2017-12-12 19:47:32 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\winmde.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\pnidui.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\mfsvr.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\mfplat.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\dxgi.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\d3d9on12.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\d3d9.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-12-12 19:47:31 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\KeyboardFilterShim.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\gamingtcui.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\WwaApi.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\wow64.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\winresume.exe
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\winload.exe
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\usercpl.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\smartscreenps.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\services.exe
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\samsrv.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\msvproc.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\gamingtcui.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\ExecModelClient.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\evr.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\edgeIso.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\DictationManager.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\comdlg32.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\bisrv.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\AppVClient.exe
2017-12-12 19:47:30 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\WwaApi.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\wscript.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\SpatializerApo.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\smartscreenps.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\slcext.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\scrobj.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\msvcrt.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\ExecModelClient.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\DictationManager.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\d3d9on12.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\cscript.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\bcrypt.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\SYSWOW64\acppage.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\wscript.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\wimserv.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\wimgapi.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\usoapi.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\umpo.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\sppsvc.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\sppcext.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\SpatializerApo.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\slcext.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\schedsvc.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\scrobj.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\reseteng.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\PushToInstall.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\provtool.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\provhandlers.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\provengine.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\msvcrt.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\msIso.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\LogonController.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\itss.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\hascsp.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\hal.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\FSClient.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\drivers\bam.sys
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\cscript.exe
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\bcrypt.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\apphelp.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\acppage.dll
2017-12-12 19:47:29 ----A---- C:\WINDOWS\system32\aadjcsp.dll
2017-12-12 19:47:28 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-12-12 19:47:28 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2017-12-12 19:47:28 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2017-12-12 19:47:28 ----A---- C:\WINDOWS\SYSWOW64\batmeter.dll
2017-12-12 19:47:28 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2017-12-12 19:47:28 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-12-12 19:47:28 ----A---- C:\WINDOWS\system32\tzres.dll
2017-12-12 19:47:28 ----A---- C:\WINDOWS\system32\storagewmi.dll
2017-12-12 19:47:28 ----A---- C:\WINDOWS\system32\batmeter.dll
2017-12-12 19:47:28 ----A---- C:\WINDOWS\system32\actxprxy.dll
2017-12-10 15:51:14 ----D---- C:\Users\Jan\AppData\Roaming\JetBrains
2017-12-09 21:55:04 ----D---- C:\ProgramData\POLYCODE
2017-12-09 12:40:18 ----D---- C:\ProgramData\Oracle
2017-12-08 22:02:02 ----D---- C:\Fortnite
2017-12-03 23:44:08 ----A---- C:\WINDOWS\system32\vcruntime140.dll
2017-12-03 23:44:08 ----A---- C:\WINDOWS\system32\vccorlib140.dll
2017-12-03 23:44:08 ----A---- C:\WINDOWS\system32\msvcp140.dll
2017-12-03 23:44:08 ----A---- C:\WINDOWS\system32\concrt140.dll
2017-12-03 23:38:22 ----A---- C:\WINDOWS\SYSWOW64\vccorlib140.dll
2017-12-03 23:38:20 ----A---- C:\WINDOWS\SYSWOW64\vcruntime140.dll
2017-12-03 23:38:20 ----A---- C:\WINDOWS\SYSWOW64\msvcp140.dll
2017-12-03 23:38:20 ----A---- C:\WINDOWS\SYSWOW64\concrt140.dll
2017-12-02 20:37:45 ----D---- C:\rsit
2017-12-02 20:37:45 ----D---- C:\Program Files\trend micro
2017-12-02 17:18:13 ----A---- C:\WINDOWS\system32\drivers\6473235B.sys
2017-12-02 17:17:50 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)

======List of files/folders modified in the last 1 month======

2017-12-26 12:55:48 ----D---- C:\WINDOWS\Temp
2017-12-26 12:55:48 ----D---- C:\WINDOWS\system32\SleepStudy
2017-12-26 12:40:03 ----D---- C:\WINDOWS\system32\drivers\etc
2017-12-26 12:27:10 ----D---- C:\WINDOWS\Prefetch
2017-12-26 12:25:12 ----D---- C:\ProgramData\NVIDIA
2017-12-26 12:19:06 ----D---- C:\WINDOWS\system32\drivers
2017-12-26 12:16:01 ----D---- C:\Users\Jan\AppData\Roaming\FileZilla
2017-12-26 12:11:48 ----D---- C:\WINDOWS\system32\sru
2017-12-26 12:11:17 ----D---- C:\Users\Jan\AppData\Roaming\TS3Client
2017-12-26 12:10:10 ----D---- C:\Users\Jan\AppData\Roaming\HLSW
2017-12-26 12:10:00 ----D---- C:\Program Files (x86)\Steam
2017-12-26 12:09:20 ----D---- C:\ProgramData\Kaspersky Lab
2017-12-26 03:07:06 ----D---- C:\WINDOWS\system32\NDF
2017-12-26 00:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2017-12-25 22:39:35 ----RD---- C:\WINDOWS\Microsoft.NET
2017-12-25 22:38:39 ----D---- C:\WINDOWS\system32\config
2017-12-25 21:04:38 ----D---- C:\Program Files (x86)\RivaTuner Statistics Server
2017-12-24 18:17:36 ----D---- C:\WINDOWS\Logs
2017-12-23 21:25:27 ----D---- C:\Program Files (x86)\MSI Afterburner
2017-12-23 16:44:55 ----SHD---- C:\System Volume Information
2017-12-23 16:44:55 ----D---- C:\WINDOWS\system32\catroot2
2017-12-23 12:48:28 ----D---- C:\WINDOWS\DeliveryOptimization
2017-12-23 12:47:29 ----HD---- C:\Program Files\WindowsApps
2017-12-23 12:47:29 ----D---- C:\WINDOWS\AppReadiness
2017-12-22 12:19:13 ----D---- C:\WINDOWS\system32\DriverStore
2017-12-22 12:19:12 ----D---- C:\WINDOWS\WinSxS
2017-12-21 22:23:02 ----D---- C:\WINDOWS\System32
2017-12-21 22:23:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-21 22:17:03 ----D---- C:\Windows
2017-12-21 22:16:44 ----D---- C:\ProgramData\Origin
2017-12-21 22:16:42 ----D---- C:\Users\Jan\AppData\Roaming\Origin
2017-12-21 22:16:34 ----AD---- C:\Program Files (x86)\Origin
2017-12-21 21:36:49 ----D---- C:\WINDOWS\INF
2017-12-21 21:36:47 ----D---- C:\Program Files\NVIDIA Corporation
2017-12-21 21:36:28 ----D---- C:\WINDOWS\SysWOW64
2017-12-21 21:36:20 ----RD---- C:\Program Files (x86)
2017-12-21 21:36:14 ----D---- C:\WINDOWS\Help
2017-12-21 21:36:07 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-12-21 21:36:00 ----D---- C:\ProgramData\NVIDIA Corporation
2017-12-21 17:56:05 ----D---- C:\Users\Jan\AppData\Roaming\vlc
2017-12-21 17:05:42 ----D---- C:\WINDOWS\SoftwareDistribution
2017-12-21 06:03:37 ----D---- C:\Users\Jan\AppData\Roaming\qBittorrent
2017-12-20 18:13:28 ----AD---- C:\Program Files\RogueKiller
2017-12-20 18:10:55 ----D---- C:\AdwCleaner
2017-12-18 23:06:22 ----SHD---- C:\WINDOWS\Installer
2017-12-18 23:06:21 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-12-18 23:05:31 ----D---- C:\Program Files (x86)\Microsoft Office
2017-12-18 22:49:06 ----HD---- C:\ProgramData
2017-12-18 18:15:58 ----D---- C:\Users\Jan\AppData\Roaming\obs-studio
2017-12-18 17:52:43 ----D---- C:\ProgramData\Unity
2017-12-17 13:42:57 ----D---- C:\WINDOWS\CbsTemp
2017-12-17 05:59:29 ----D---- C:\WINDOWS\rescache
2017-12-16 15:18:35 ----D---- C:\WINDOWS\LiveKernelReports
2017-12-16 15:18:35 ----D---- C:\WINDOWS\debug
2017-12-16 13:58:37 ----A---- C:\bdlog.txt
2017-12-16 13:58:18 ----D---- C:\WINDOWS\TextInput
2017-12-16 13:58:18 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2017-12-16 13:58:18 ----D---- C:\WINDOWS\SYSWOW64\migration
2017-12-16 13:58:18 ----D---- C:\WINDOWS\SYSWOW64\Dism
2017-12-16 13:58:17 ----D---- C:\WINDOWS\system32\WinMetadata
2017-12-16 13:58:17 ----D---- C:\WINDOWS\system32\wbem
2017-12-16 13:58:17 ----D---- C:\WINDOWS\system32\oobe
2017-12-16 13:58:17 ----D---- C:\WINDOWS\system32\migration
2017-12-16 13:58:17 ----D---- C:\WINDOWS\system32\Dism
2017-12-16 13:58:17 ----D---- C:\WINDOWS\system32\cs-CZ
2017-12-16 13:58:17 ----D---- C:\WINDOWS\system32\Boot
2017-12-16 13:58:17 ----D---- C:\WINDOWS\system32\appraiser
2017-12-16 13:58:16 ----D---- C:\WINDOWS\ShellExperiences
2017-12-16 13:58:16 ----D---- C:\WINDOWS\Provisioning
2017-12-16 13:58:16 ----D---- C:\WINDOWS\apppatch
2017-12-16 13:58:16 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2017-12-16 13:58:16 ----D---- C:\Program Files\Windows Defender
2017-12-16 13:58:16 ----D---- C:\Program Files\internet explorer
2017-12-16 13:58:16 ----D---- C:\Program Files (x86)\Internet Explorer
2017-12-16 13:58:15 ----D---- C:\PerfLogs
2017-12-16 13:56:19 ----D---- C:\WINDOWS\system32\CatRoot
2017-12-16 00:28:51 ----RD---- C:\WINDOWS\assembly
2017-12-12 19:50:02 ----D---- C:\WINDOWS\system32\MRT
2017-12-12 19:48:37 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-12 19:48:34 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-12-12 19:48:15 ----A---- C:\WINDOWS\system32\msxml3.dll
2017-12-12 19:48:14 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2017-12-12 19:48:14 ----A---- C:\WINDOWS\system32\sspisrv.dll
2017-12-09 21:53:12 ----D---- C:\Users\Jan\AppData\Roaming\NexonLauncher
2017-12-03 23:38:40 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-12-02 20:37:45 ----RD---- C:\Program Files
2017-12-02 17:18:17 ----D---- C:\ProgramData\Malwarebytes

[_Antti_]

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-08-23 1763744]
R0 bdprivmon;bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [2017-11-24 47376]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2017-05-11 187688]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-09-19 795640]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-08-10 362664]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2017-09-30 293272]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2014-09-09 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2014-02-25 14464]
R1 atc;atc; C:\WINDOWS\system32\DRIVERS\atc.sys [2017-09-14 1019880]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2017-12-08 59800]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2017-06-06 133088]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-09-29 384000]
R2 inpoutx64;inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [2017-08-05 15008]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2017-05-10 37880]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 rzpmgrk;rzpmgrk; \??\C:\WINDOWS\system32\drivers\rzpmgrk.sys [2017-07-19 45752]
R2 rzpnk;rzpnk; \??\C:\WINDOWS\system32\drivers\rzpnk.sys [2017-08-19 139704]
R3 asmthub3;@oem52.inf,%asmthub3_ServiceDescription%;ASMedia USB3.1 Hub Service; C:\WINDOWS\System32\drivers\asmthub3.sys [2016-02-15 149760]
R3 asmtxhci;@oem58.inf,%asmtxhci_ServiceDescription%;ASMedia XHCI Service; C:\WINDOWS\System32\drivers\asmtxhci.sys [2016-02-15 451320]
R3 CorsairVBusDriver;@oem18.inf,%dev.SVCDESC%;Corsair Bus; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [2017-06-07 45528]
R3 CorsairVHidDriver;@oem39.inf,%dev.SVCDESC%;Corsair virtual device; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [2017-06-07 21968]
R3 cpuz143;cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [2017-12-21 48960]
R3 e1dexpress;@oem82.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [2016-07-26 543184]
R3 hidkmdf;@oem14.inf,%hidkmdf.SVCDESC%;KMDF Driver; C:\WINDOWS\System32\drivers\hidkmdf.sys [2014-10-25 14136]
R3 I2cHkBurn;I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [2015-07-27 41760]
R3 ICCWDT;@oem62.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2017-05-08 38480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-09-23 5324808]
R3 iwdbus;@oem43.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-07 39920]
R3 kltap;@oem51.inf,%DeviceDescription%;Kaspersky Security Data Escort Adapter; C:\WINDOWS\System32\drivers\kltap.sys [2016-06-07 52152]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2017-12-21 253880]
R3 MEIx64;@oem29.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-09-06 204896]
R3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw64e.sys [2016-08-15 50640]
R3 NTIOLib_ACTIVE_X;NTIOLib_ACTIVE_X; \??\C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [2016-04-12 13776]
R3 NVHDA;@oem111.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2017-12-16 225208]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d37ca5c2cde53609\nvlddmkm.sys [2017-12-18 17028552]
R3 nvvad_WaveExtensible;@oem26.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-10-11 50624]
R3 nvvhci;@oem113.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-12-16 57792]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2017-08-27 14024]
R3 rzendpt;@oem91.inf,%rzendpt.SvcDesc%;rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [2016-10-30 52240]
R3 rzudd;@oem101.inf,%Razer.SvcDesc%;Razer Mouse Driver; C:\WINDOWS\System32\drivers\rzudd.sys [2016-10-30 204824]
R4 IOMap;IOMap; \??\C:\WINDOWS\system32\drivers\IOMap64.sys [2017-05-08 34064]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 6473235B;6473235B; \??\C:\WINDOWS\system32\drivers\6473235B.sys [2017-12-02 255928]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2017-09-30 126872]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2017-09-30 158616]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2017-09-30 143768]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 CMUAC;@oem48.inf,%CMUAC.DeviceDesc%;Headset6400x1 Device Driver; C:\WINDOWS\system32\DRIVERS\Headset6400x1.SYS [2013-10-03 387072]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 GPUIO;GPUIO; \??\C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\690b33e1-0462-4e84-9bea-c7552b45432a.sys [2017-06-29 27120]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-11-16 30144]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 acCAMService;acCAMService; C:\Program Files (x86)\NZXT\CAM\Service\CAMService.exe [2017-06-27 30320]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\2.00.09\atkexComSvc.exe [2017-06-27 411096]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [2017-01-24 975832]
R2 bdredline;Bitdefender RedLine Service; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2017-08-11 2090152]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_2180ec83;Uživatelská služba platformy připojených zařízení_2180ec83; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-12-07 7760552]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-12-04 103072]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [2017-02-17 47056]
R2 GamingHotkey_Service;GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2016-10-13 2019792]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2016-08-15 294968]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2017-06-12 21312]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-09-14 177440]
R2 KSDE1.0.0;Služba Kaspersky Secure Connection 1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [2016-06-28 241544]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-09-14 419616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 6234056]
R2 MSI_ActiveX_Service;MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [2017-04-05 75192]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16 519104]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-12-16 463856]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-11-16 460736]
R2 OneSyncSvc_2180ec83;Hostitel synchronizace_2180ec83; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-12-19 3025224]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2017-08-04 75136]
R2 ProductAgentService;Bitdefender Product Agent Service; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-06-21 1269824]
R2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2017-07-20 189264]
R2 Razer Chroma SDK Server;Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2017-11-07 431616]
R2 Razer Chroma SDK Service;Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2017-11-29 919200]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-11-26 519152]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-09-28 43648]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2017-10-24 342456]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-29 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-06 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-12-08 6998536]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_2180ec83;Tok zařízení_2180ec83; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-29 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-07-26 987432]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_2180ec83;Služba zasílání zpráv_2180ec83; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-12 194000]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16 519104]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2017-12-19 2155328]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-12-07 208040]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc_2180ec83;Data kontaktů_2180ec83; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_2180ec83;PrintWorkflow_2180ec83; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-11-26 4329952]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2017-11-26 819096]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[_Antti_]

Adwcleaner jsem už zkoušel, ale nic to nenašlo a teď také ne.

# AdwCleaner 7.0.6.0 - Logfile created on Tue Dec 26 12:22:15 2017
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1230 B] - [2017/10/25 15:27:30]
C:/AdwCleaner/AdwCleaner[S0].txt - [1084 B] - [2017/10/25 15:27:12]
C:/AdwCleaner/AdwCleaner[S1].txt - [1082 B] - [2017/12/20 17:9:35]
C:/AdwCleaner/AdwCleaner[S2].txt - [1150 B] - [2017/12/20 17:10:55]
C:/AdwCleaner/AdwCleaner[S3].txt - [1219 B] - [2017/12/26 12:21:38]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

[Rudy]

OK. Dejte tedy log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .