VIRY.CZ

Dobrý den, chtěl bych vás poprosit o kontrolu logu. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by sitnefr1-locadm at 2018-03-02 20:07:00
Microsoft Windows 10 Pro
System drive C: has 129 GB (57%) free of 226 GB
Total RAM: 8071 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:07:09, on 02.03.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Franta\AppData\Local\JetBrains\Toolbox\bin\jetbrains-toolbox.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Franta\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\WindowsApps\9E2F88E3.Twitter_5.8.1.0_x86__wgeqdkkx372wm\Twitter.Windows.exe
C:\Program Files\WindowsApps\Facebook.Facebook_140.1268.45465.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
C:\Program Files\trend micro\sitnefr1-locadm.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPNotifications] C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe
O4 - HKLM\..\Run: [HPRadioMgr] C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\RunOnce: [{8060a69f-ee27-444b-b126-775f861232ea}] "C:\ProgramData\Package Cache\{8060a69f-ee27-444b-b126-775f861232ea}\Setup.exe" /burn.log.append "C:\WINDOWS\TEMP\Intel®_PROSet_Wireless_Software_20180113124300.log" /quiet -wumode /burn.runonce
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [SideSync] C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
O4 - HKCU\..\Run: [Docker for Windows] C:\Program Files\Docker\Docker\Docker for Windows.exe
O4 - HKCU\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2830779331-3592222151-1840298108-1006\..\Run: [com.squirrel.slack.slack] "C:\Users\Franta\AppData\Local\slack\Update.exe" --processStart "slack.exe" --process-start-args "--startup" (User 'Franta')
O4 - HKUS\S-1-5-21-2830779331-3592222151-1840298108-1006\..\Run: [Spotify] C:\Users\Franta\AppData\Roaming\Spotify\Spotify.exe --autostart (User 'Franta')
O4 - HKUS\S-1-5-21-2830779331-3592222151-1840298108-1006\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart (User 'Franta')
O4 - HKUS\S-1-5-21-2830779331-3592222151-1840298108-1006\..\Run: [Spotify Web Helper] C:\Users\Franta\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart (User 'Franta')
O4 - Global Startup: vpngui.exe.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lan.cortex.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lan.cortex.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = cortex.cz,lan.cortex.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = cortex.cz,lan.cortex.cz
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem34.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service (ApHidMonitorService) - Alps Electric Co., Ltd. - C:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
O23 - Service: Docker for Windows Service (com.docker.service) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: CxMonSvc - Conexant Systems, Inc - C:\WINDOWS\CxSvc\CxMonSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\WINDOWS\CxSvc\CxUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
O23 - Service: @oem62.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Unknown owner - C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP Hotkey Service - HP - C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
O23 - Service: HP MAC Address Manager Service (HPMAMSrv) - HP - C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - HP - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @oem104.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LAN/WLAN Switching Service (LanWlanSwitchingService) - HP - C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Thunderbolt(TM) Service (ThunderboltService) - Intel Corporation - c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmcompute.exe,-100 (vmcompute) - Unknown owner - C:\WINDOWS\system32\vmcompute.exe (file missing)
O23 - Service: @%systemroot%\system32\vmms.exe,-10 (vmms) - Unknown owner - C:\WINDOWS\system32\vmms.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom ISD Service (WTabletServiceISD) - Wacom Technology, Corp. - C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 13942 bytes

======Listing Processes======









winlogon.exe
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k networkservice -s TermService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s HvHost
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservice -s W32Time
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s UmRdpService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder

c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-cf236e5e-0a2c-44ff-9f00-9c830fc4d56b -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a9726d94-681f-4497-90fc-cd7a57368eb9 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-37ad314b-075b-454c-9e84-ea722429d980 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f9bf5f2a-16d5-47e1-93ba-1663eb88a4ef -LifetimeId:92f4cd3b-9555-4c0b-a38f-85bd5e351f81 -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -p -s SessionEnv
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
"C:\Program Files\Tablet\ISD\WTabletServiceISD.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-bc04edf5-7360-4ed1-a93b-090e94f3f08d -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1abfffd6-3330-4cc8-aaa6-e0a80b171a17 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b80f50fc-d670-47c6-86dc-75f40a0a15e5 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b828b6ba-4e7a-4306-9369-dd50189b1a37 -LifetimeId:2aee7413-8f09-4a6c-8b4d-c49fd7d5a637 -DeviceGroupId:
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SensrSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe" -service
"C:\Program Files\Docker\Docker\com.docker.service"
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\WINDOWS\CxSvc\CxMonSvc.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\WINDOWS\CxSvc\CxUtilSvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe
"C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe"
"C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe"
C:\WINDOWS\system32\ibtsiva
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\vmms.exe
dashost.exe {a063a03f-c3ba-4627-9ca96818eaf0e1e5}
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
"C:\Program Files (x86)\HP\Shared\hpqwmiex.exe"
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vmcompute.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s hns
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -p -s SharedAccess
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
"C:\Program Files\Alps\GlidePoint\Apntex.exe"
Apoint.exe
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe"
"C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\MicTray64.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files\Alps\GlidePoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxEM.exe"
"C:\Program Files\Alps\GlidePoint\HidFind.exe"
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.0.5.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe" -ServerName:App.AppX495fygk72hjw82j58ny5h3nr8hpsd8vs.mca
"C:\Program Files\Tablet\ISD\ISD_TabletUser.exe"
"C:\Program Files\Tablet\ISD\WacomHost.exe" "C:\Program Files\Tablet\ISD\ISD_Tablet.exe" au
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Tablet\ISD\ISD_Tablet.exe" au
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
/QuitInfo:000000000000024C;000000000000025C;
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
/loadhooks /Parent:0000000000002648
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Conexant\SA3\HP-NB-AIO\SmartAudio3.exe" /sa3 /cadr /nv:3.0+ /uid:HP-NB-AIO /s /dne
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide /waitservice
"C:\Users\Franta\AppData\Local\slack\app-3.0.5\slack.exe" --startup
"C:\Users\Franta\AppData\Local\JetBrains\Toolbox\bin\jetbrains-toolbox.exe" --minimize
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Franta\AppData\Local\slack\app-3.0.5\slack.exe" --type=gpu-process --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,20,24,43,63,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x5916 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=22.20.16.4771 --gpu-driver-date=8-13-2017 --service-request-channel-token=879E2A867CCC2CF12AC49DD7A5E5E4B9 --mojo-platform-channel-handle=1688 /prefetch:2
C:\Users\Franta\AppData\Local\slack\app-3.0.5\slack.exe --reporter-url=https://slack.com/apps/breakpad?instanc ... annel=prod --application-name=Slack "--crashes-directory=C:\Users\Franta\AppData\Roaming\Slack\temp\Slack Crashes" --v=1
"C:\Users\Franta\AppData\Local\slack\app-3.0.5\slack.exe" --type=renderer --disable-pinch --no-sandbox --primordial-pipe-token=970A609A6CD71FC1F21F1CEB221CF6C4 --lang=cs --standard-schemes=slack-resources,slack-sounds,slack-webapp-dev --app-user-model-id=com.squirrel.slack.slack --app-path="C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar" --node-integration=true --webview-tag=true --no-sandbox --preload="C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar\src\static\index.js" --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=970A609A6CD71FC1F21F1CEB221CF6C4 --renderer-client-id=8 --mojo-platform-channel-handle=2300 /prefetch:1
"C:\Users\Franta\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe"
"C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe"
"C:\Users\Franta\AppData\Local\slack\app-3.0.5\slack.exe" --type=renderer --disable-pinch --no-sandbox --primordial-pipe-token=F00021E956C1F21A802D0227D1ABA2B5 --lang=cs --standard-schemes=slack-resources,slack-sounds,slack-webapp-dev --app-user-model-id=com.squirrel.slack.slack --app-path="C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar" --enable-experimental-web-platform-features --node-integration=false --webview-tag=false --no-sandbox --preload="C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar\src\static\ssb-interop.js" --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=F00021E956C1F21A802D0227D1ABA2B5 --renderer-client-id=9 --mojo-platform-channel-handle=3872 /prefetch:1
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Conexant\Flow\Flow.exe" /sa3 /uid:FLOW /delay:30
"C:\Program Files\HPCommRecovery\HPCommRecovery.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.21675.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.21675.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\9E2F88E3.Twitter_5.8.1.0_x86__wgeqdkkx372wm\Twitter.Windows.exe" -ServerName:x554f661dyd360y462cy8743yf8a99b7d41dbx.AppX6ks60wd4jgx5v0qxmfeghrzez8gaev27.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Facebook.Facebook_140.1268.45465.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe" -ServerName:App.AppXeh7z49cqrvacqjcq0cdjmqt7arbvjen7.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.21675.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe" -ServerName:microsoft.windowslive.calendar.AppXg9pag83k0brz0hvt3yj6hxda2h2y7w14.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\Windows\System32\smartscreen.exe -Embedding

"C:\Program Files\Opera\51.0.2830.34\opera.exe" --ran-launcher --started-from-shortcut
"C:\Program Files\Opera\51.0.2830.34\opera_crashreporter.exe" --ran-launcher --started-from-shortcut --crash-reporter-parent-id=9356
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=gpu-process --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --gpu-vendor-id=0x8086 --gpu-device-id=0x5916 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=22.20.16.4771 --gpu-driver-date=8-13-2017 --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --service-request-channel-token=6889AC6BD736A9CAE7FB46C9B96147B1 --mojo-platform-channel-handle=1860 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=renderer --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --service-pipe-token=65B9A0EBE9E9F9E4FE738B1415738976 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=65B9A0EBE9E9F9E4FE738B1415738976 --renderer-client-id=3 --mojo-platform-channel-handle=3308 /prefetch:1
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=renderer --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --service-pipe-token=DC07BDDCFA6358AA4B589C8120C2A7FC --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=DC07BDDCFA6358AA4B589C8120C2A7FC --renderer-client-id=8 --mojo-platform-channel-handle=3560 /prefetch:1
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=renderer --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --service-pipe-token=3A23F557471273FE8D0CC9979EFA44AA --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=3A23F557471273FE8D0CC9979EFA44AA --renderer-client-id=10 --mojo-platform-channel-handle=4916 /prefetch:1
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=renderer --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --service-pipe-token=D8ACD13F072DC454288F2B36E7DC3C95 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=D8ACD13F072DC454288F2B36E7DC3C95 --renderer-client-id=12 --mojo-platform-channel-handle=5548 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files\Opera\51.0.2830.34\opera.exe" --type=renderer --field-trial-handle=1828,16316219775506188445,13741294889666023311,131072 --service-pipe-token=4B62FF79CEF7A1EACDDFACF6797375BE --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-support-x64-download=on --with-feature:installer-handle-proprietary-uris=on --crash-reporter-pid=3840 --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=4B62FF79CEF7A1EACDDFACF6797375BE --renderer-client-id=15 --mojo-platform-channel-handle=8180 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 740 744 752 8192 748
C:\WINDOWS\system32\AUDIODG.EXE 0x564
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Franta\Downloads\RSITx64.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

======Scheduled tasks folder======

C:\WINDOWS\tasks\HPCeeScheduleForFranta.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForFranta (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-26 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-26 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-10-12 440680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-10-12 416104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RtsCM"=C:\WINDOWS\RTSCM64.EXE [2017-09-17 225280]
"egui"=C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [2012-07-04 4133072]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"CxProper"=C:\Program Files\Conexant\SSPConfig\CxProper.exe [2016-05-03 1763328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2017-09-29 20488312]
"SideSync"=C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [2017-10-26 12477600]
"Docker for Windows"=C:\Program Files\Docker\Docker\Docker for Windows.exe [2018-01-14 1815512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WAB Migrate"=C:\Program Files\Windows Mail\wab.exe [2017-09-29 519680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPNotifications"=C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [2016-10-07 1396544]
"HPRadioMgr"=C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [2016-08-02 324488]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"{8060a69f-ee27-444b-b126-775f861232ea}"=C:\ProgramData\Package Cache\{8060a69f-ee27-444b-b126-775f861232ea}\Setup.exe [2018-01-13 1668128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\WINDOWS\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=HPPwdFilter
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-03-02 20:07:00 ----D---- C:\rsit
2018-03-02 20:07:00 ----D---- C:\Program Files\trend micro
2018-02-20 21:36:54 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2018-02-20 07:40:21 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2018-02-20 07:40:15 ----D---- C:\ProgramData\Malwarebytes
2018-02-20 07:40:15 ----D---- C:\Program Files\Malwarebytes
2018-02-14 18:01:09 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-14 18:01:08 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-02-14 18:01:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-02-14 18:01:06 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-02-14 18:01:06 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-02-14 18:01:05 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-02-14 18:01:05 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-02-14 18:01:05 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-02-14 18:01:04 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-02-14 18:01:02 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-02-14 18:01:02 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-02-14 18:01:02 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-02-14 18:01:01 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-02-14 18:01:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-02-14 18:01:00 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-02-14 18:00:59 ----A---- C:\WINDOWS\system32\audiosrv.dll
2018-02-14 18:00:58 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-02-14 18:00:58 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-02-14 18:00:58 ----A---- C:\WINDOWS\system32\hal.dll
2018-02-14 18:00:58 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-02-14 18:00:57 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2018-02-14 18:00:57 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-02-14 18:00:57 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2018-02-14 18:00:57 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2018-02-14 18:00:57 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-02-14 18:00:56 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-02-14 18:00:56 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-02-14 18:00:55 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-02-14 18:00:54 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-02-14 18:00:54 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-02-14 18:00:54 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-02-14 18:00:53 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-02-14 18:00:53 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2018-02-14 18:00:53 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2018-02-14 18:00:53 ----A---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-14 18:00:53 ----A---- C:\WINDOWS\system32\evr.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-02-14 18:00:52 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-14 18:00:52 ----A---- C:\WINDOWS\system32\audiodg.exe
2018-02-14 18:00:51 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-02-14 18:00:51 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2018-02-14 18:00:51 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2018-02-14 18:00:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2018-02-14 18:00:50 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-02-14 18:00:50 ----A---- C:\WINDOWS\system32\winhttp.dll
2018-02-14 18:00:50 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-02-14 18:00:50 ----A---- C:\WINDOWS\system32\d3d11.dll
2018-02-14 18:00:49 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-14 18:00:49 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-02-14 18:00:48 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-02-14 18:00:48 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-02-14 18:00:47 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-02-14 18:00:47 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-02-14 18:00:45 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-02-14 18:00:44 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-02-14 18:00:44 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-02-14 18:00:43 ----A---- C:\WINDOWS\system32\jscript.dll
2018-02-14 18:00:42 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-02-14 18:00:42 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2018-02-14 18:00:42 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-02-14 18:00:41 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-02-14 18:00:41 ----A---- C:\WINDOWS\system32\AudioEng.dll
2018-02-14 18:00:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-02-14 18:00:40 ----A---- C:\WINDOWS\system32\mfsvr.dll
2018-02-14 18:00:40 ----A---- C:\WINDOWS\system32\actxprxy.dll
2018-02-14 18:00:39 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-02-14 18:00:39 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-02-14 18:00:39 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2018-02-14 18:00:39 ----A---- C:\WINDOWS\system32\dnsapi.dll
2018-02-14 18:00:38 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-02-14 18:00:38 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-02-14 18:00:38 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2018-02-14 18:00:37 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2018-02-14 18:00:37 ----A---- C:\WINDOWS\system32\AudioSes.dll
2018-02-14 18:00:36 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2018-02-14 18:00:36 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-02-14 18:00:36 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-02-14 18:00:35 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-02-14 18:00:35 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-02-14 18:00:35 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2018-02-14 18:00:35 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2018-02-14 18:00:34 ----A---- C:\WINDOWS\system32\wwansvc.dll
2018-02-14 18:00:34 ----A---- C:\WINDOWS\system32\wlansec.dll
2018-02-14 18:00:34 ----A---- C:\WINDOWS\system32\wininet.dll
2018-02-14 18:00:34 ----A---- C:\WINDOWS\system32\msIso.dll
2018-02-14 18:00:34 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-02-14 18:00:31 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-02-14 18:00:27 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-02-14 18:00:27 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-02-14 18:00:26 ----A---- C:\WINDOWS\system32\wmp.dll
2018-02-14 18:00:25 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-02-14 18:00:24 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-14 18:00:23 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-02-14 18:00:21 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-02-14 18:00:20 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2018-02-14 18:00:20 ----A---- C:\WINDOWS\system32\wuauclt.exe
2018-02-14 18:00:20 ----A---- C:\WINDOWS\system32\runexehelper.exe
2018-02-14 18:00:20 ----A---- C:\WINDOWS\system32\ISM.dll
2018-02-14 18:00:20 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-14 18:00:20 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-14 18:00:19 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-02-14 18:00:19 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2018-02-14 18:00:19 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-14 18:00:18 ----A---- C:\WINDOWS\system32\StartTileData.dll
2018-02-14 18:00:17 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-02-14 18:00:17 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2018-02-14 18:00:17 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2018-02-14 18:00:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2018-02-14 18:00:16 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2018-02-14 18:00:15 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-02-14 18:00:14 ----A---- C:\WINDOWS\system32\services.exe
2018-02-14 18:00:14 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-14 18:00:14 ----A---- C:\WINDOWS\system32\comdlg32.dll
2018-02-14 18:00:13 ----A---- C:\WINDOWS\system32\twinui.dll
2018-02-14 18:00:13 ----A---- C:\WINDOWS\system32\sppsvc.exe
2018-02-14 18:00:12 ----A---- C:\WINDOWS\system32\wow64.dll
2018-02-14 18:00:12 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-14 18:00:12 ----A---- C:\WINDOWS\system32\sspicli.dll
2018-02-14 18:00:12 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-02-14 18:00:11 ----A---- C:\WINDOWS\explorer.exe
2018-02-14 18:00:10 ----A---- C:\WINDOWS\system32\shell32.dll
2018-02-14 18:00:09 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-02-14 18:00:08 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-02-14 18:00:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-14 18:00:06 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-14 17:59:54 ----A---- C:\WINDOWS\system32\usocore.dll
2018-02-14 17:59:54 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2018-02-14 17:59:54 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-02-14 17:59:48 ----A---- C:\WINDOWS\system32\vac.exe
2018-02-14 17:59:45 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2018-02-14 17:59:45 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2018-02-14 17:59:45 ----A---- C:\WINDOWS\system32\SRH.dll
2018-02-14 17:59:45 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-14 17:59:44 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-14 17:59:44 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-14 17:59:43 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-14 17:59:43 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-14 17:59:41 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-02-14 17:59:40 ----A---- C:\WINDOWS\system32\vmms.exe
2018-02-14 17:59:40 ----A---- C:\WINDOWS\system32\vmchipset.dll
2018-02-14 17:59:40 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-02-14 17:59:36 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-02-14 17:59:36 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2018-02-14 17:59:36 ----A---- C:\WINDOWS\system32\wimserv.exe
2018-02-14 17:59:36 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-02-14 17:59:36 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-02-14 17:59:35 ----A---- C:\WINDOWS\system32\wimgapi.dll
2018-02-14 17:59:35 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2018-02-14 17:59:35 ----A---- C:\WINDOWS\system32\reseteng.dll
2018-02-14 17:59:35 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-14 17:59:34 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2018-02-14 17:59:34 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-02-14 17:59:33 ----A---- C:\WINDOWS\system32\devinv.dll
2018-02-14 17:59:33 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-14 17:59:33 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-02-14 17:59:32 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-02-14 17:59:27 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-14 17:59:27 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2018-02-14 17:59:27 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2018-02-14 17:59:26 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2018-02-14 17:59:26 ----A---- C:\WINDOWS\system32\HostNetSvc.dll
2018-02-14 17:59:26 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2018-02-14 17:59:26 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-02-14 17:59:25 ----A---- C:\WINDOWS\system32\sppobjs.dll
2018-02-14 17:59:25 ----A---- C:\WINDOWS\system32\InstallService.dll
2018-02-14 17:59:24 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-02-14 17:59:24 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-02-14 17:59:23 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-02-14 17:59:23 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2018-02-14 17:59:22 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-02-14 17:59:22 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-02-14 17:59:20 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-02-14 17:59:20 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-02-14 17:59:20 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-02-14 17:59:20 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-14 17:59:20 ----A---- C:\WINDOWS\system32\ci.dll
2018-02-14 17:59:19 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2018-02-14 17:59:19 ----A---- C:\WINDOWS\system32\usercpl.dll
2018-02-14 17:59:19 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-02-14 17:59:19 ----A---- C:\WINDOWS\system32\rtmpltfm.dll
2018-02-14 17:59:19 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-02-14 17:59:18 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2018-02-14 17:59:18 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2018-02-14 17:59:18 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-14 17:59:18 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-02-14 17:59:17 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-02-14 17:59:17 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2018-02-14 17:59:16 ----A---- C:\WINDOWS\system32\winload.exe
2018-02-14 17:59:16 ----A---- C:\WINDOWS\system32\tquery.dll
2018-02-14 17:59:16 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-02-14 17:59:16 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-02-14 17:59:15 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2018-02-14 17:59:15 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-14 17:59:15 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-14 17:59:15 ----A---- C:\WINDOWS\system32\AppVClient.exe
2018-02-14 17:59:14 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-02-14 17:59:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-14 17:59:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-02-14 17:59:13 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-14 17:59:12 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2018-02-14 17:59:12 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-02-14 17:59:11 ----A---- C:\WINDOWS\SYSWOW64\rtmpltfm.dll
2018-02-14 17:59:11 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2018-02-14 17:59:11 ----A---- C:\WINDOWS\system32\provhandlers.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\vmwp.exe
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\vmusrv.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\VmEmulatedStorage.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\provtool.exe
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\provengine.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2018-02-14 17:59:10 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2018-02-14 17:59:09 ----A---- C:\WINDOWS\system32\Wpc.dll
2018-02-14 17:59:09 ----A---- C:\WINDOWS\system32\sppwinob.dll
2018-02-14 17:59:08 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-14 17:59:08 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2018-02-14 17:59:07 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2018-02-14 17:59:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2018-02-14 17:59:06 ----A---- C:\WINDOWS\system32\FSClient.dll
2018-02-14 17:59:06 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-02-14 17:59:05 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-02-14 17:59:05 ----A---- C:\WINDOWS\system32\vmcompute.exe
2018-02-14 17:59:05 ----A---- C:\WINDOWS\system32\mf.dll
2018-02-14 17:59:05 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2018-02-14 17:59:04 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2018-02-14 17:59:04 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-02-14 17:59:04 ----A---- C:\WINDOWS\system32\InputService.dll
2018-02-14 17:59:04 ----A---- C:\WINDOWS\system32\D3D12.dll
2018-02-14 17:59:04 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2018-02-14 17:59:03 ----A---- C:\WINDOWS\system32\wpncore.dll
2018-02-14 17:59:03 ----A---- C:\WINDOWS\system32\rdvgm.exe
2018-02-14 17:59:03 ----A---- C:\WINDOWS\system32\mmc.exe
2018-02-14 17:59:02 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-14 17:59:02 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-02-14 17:59:02 ----A---- C:\WINDOWS\system32\aepic.dll
2018-02-14 17:59:01 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2018-02-14 17:59:01 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-02-14 17:59:01 ----A---- C:\WINDOWS\system32\VSSVC.exe
2018-02-14 17:59:01 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-02-14 17:59:01 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-14 17:59:01 ----A---- C:\WINDOWS\system32\invagent.dll
2018-02-14 17:59:00 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-02-14 17:59:00 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-02-14 17:59:00 ----A---- C:\WINDOWS\system32\rtmpal.dll
2018-02-14 17:59:00 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-02-14 17:58:59 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-02-14 17:58:59 ----A---- C:\WINDOWS\system32\WpcMon.exe
2018-02-14 17:58:59 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-14 17:58:59 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-02-14 17:58:58 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-02-14 17:58:58 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2018-02-14 17:58:58 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2018-02-14 17:58:58 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-14 17:58:58 ----A---- C:\WINDOWS\system32\FntCache.dll
2018-02-14 17:58:57 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-02-14 17:58:57 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-14 17:58:57 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\system32\drivers\bam.sys
2018-02-14 17:58:56 ----A---- C:\WINDOWS\system32\CPFilters.dll
2018-02-14 17:58:56 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-02-14 17:58:55 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2018-02-14 17:58:55 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-02-14 17:58:55 ----A---- C:\WINDOWS\system32\PeerDistSvc.dll
2018-02-14 17:58:55 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-02-14 17:58:54 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-02-14 17:58:54 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-02-14 17:58:54 ----A---- C:\WINDOWS\system32\ole32.dll
2018-02-14 17:58:54 ----A---- C:\WINDOWS\system32\EncDec.dll
2018-02-14 17:58:54 ----A---- C:\WINDOWS\system32\authui.dll
2018-02-14 17:58:53 ----A---- C:\WINDOWS\SYSWOW64\mmcndmgr.dll
2018-02-14 17:58:53 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-14 17:58:53 ----A---- C:\WINDOWS\system32\UserDataService.dll
2018-02-14 17:58:53 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2018-02-14 17:58:52 ----A---- C:\WINDOWS\SYSWOW64\mmc.exe
2018-02-14 17:58:52 ----A---- C:\WINDOWS\system32\shutdownux.dll
2018-02-14 17:58:52 ----A---- C:\WINDOWS\system32\rtmcodecs.dll
2018-02-14 17:58:52 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-02-14 17:58:52 ----A---- C:\WINDOWS\system32\ieui.dll
2018-02-14 17:58:52 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-02-14 17:58:51 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2018-02-14 17:58:51 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2018-02-14 17:58:51 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-02-14 17:58:51 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-14 17:58:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-14 17:58:50 ----A---- C:\WINDOWS\system32\winresume.exe
2018-02-14 17:58:49 ----A---- C:\WINDOWS\SYSWOW64\rtmpal.dll
2018-02-14 17:58:49 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-14 17:58:49 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-02-14 17:58:49 ----A---- C:\WINDOWS\system32\usermgr.dll
2018-02-14 17:58:49 ----A---- C:\WINDOWS\system32\TransportDSA.dll
2018-02-14 17:58:48 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-02-14 17:58:48 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-02-14 17:58:48 ----A---- C:\WINDOWS\system32\Windows.Payments.dll
2018-02-14 17:58:48 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-02-14 17:58:48 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-14 17:58:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2018-02-14 17:58:47 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2018-02-14 17:58:47 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-02-14 17:58:47 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-14 17:58:47 ----A---- C:\WINDOWS\system32\efswrt.dll
2018-02-14 17:58:46 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2018-02-14 17:58:46 ----A---- C:\WINDOWS\system32\setupapi.dll
2018-02-14 17:58:46 ----A---- C:\WINDOWS\system32\efscore.dll
2018-02-14 17:58:46 ----A---- C:\WINDOWS\system32\drivers\lxcore.sys
2018-02-14 17:58:46 ----A---- C:\WINDOWS\system32\DbgModel.dll
2018-02-14 17:58:45 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-02-14 17:58:45 ----A---- C:\WINDOWS\system32\vmuidevices.dll
2018-02-14 17:58:45 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-02-14 17:58:45 ----A---- C:\WINDOWS\system32\policymanager.dll
2018-02-14 17:58:45 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-02-14 17:58:44 ----A---- C:\WINDOWS\SYSWOW64\EncDec.dll
2018-02-14 17:58:44 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2018-02-14 17:58:44 ----A---- C:\WINDOWS\system32\vmcompute.dll
2018-02-14 17:58:44 ----A---- C:\WINDOWS\system32\uDWM.dll
2018-02-14 17:58:44 ----A---- C:\WINDOWS\system32\localspl.dll
2018-02-14 17:58:44 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2018-02-14 17:58:43 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\vmpmem.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\vmicvdev.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\VmEmulatedNic.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\ncsi.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-02-14 17:58:43 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-02-14 17:58:42 ----A---- C:\WINDOWS\system32\rasdlg.dll
2018-02-14 17:58:42 ----A---- C:\WINDOWS\system32\lsm.dll
2018-02-14 17:58:42 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-14 17:58:42 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\rtmcodecs.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeManagerObj.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-14 17:58:41 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-02-14 17:58:41 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-14 17:58:40 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2018-02-14 17:58:40 ----A---- C:\WINDOWS\system32\wifitask.exe
2018-02-14 17:58:40 ----A---- C:\WINDOWS\system32\vmemulateddevices.dll
2018-02-14 17:58:40 ----A---- C:\WINDOWS\system32\mspaint.exe
2018-02-14 17:58:39 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-02-14 17:58:39 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-02-14 17:58:39 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-14 17:58:39 ----A---- C:\WINDOWS\system32\Magnify.exe
2018-02-14 17:58:39 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\winbrand.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\vmsynthstor.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\VmDataStore.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\systemreset.exe
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\SettingSync.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\PrivateCloudHNSPlugin.dll
2018-02-14 17:58:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-02-14 17:58:37 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-14 17:58:37 ----A---- C:\WINDOWS\system32\vmsynth3dvideo.dll
2018-02-14 17:58:37 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Payments.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\webio.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\vssapi.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\vmserial.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\FrameServer.dll
2018-02-14 17:58:36 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2018-02-14 17:58:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-02-14 17:58:35 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2018-02-14 17:58:35 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 17:58:35 ----A---- C:\WINDOWS\system32\VmSynthNic.dll
2018-02-14 17:58:35 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2018-02-14 17:58:35 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-14 17:58:35 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2018-02-14 17:58:34 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2018-02-14 17:58:34 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-02-14 17:58:34 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-02-14 17:58:34 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-14 17:58:34 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\vmsmb.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\srcore.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\rastls.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\mfps.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-02-14 17:58:33 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-02-14 17:58:32 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\NaturalAuth.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\FsIso.exe
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-02-14 17:58:32 ----A---- C:\WINDOWS\system32\AppVShNotify.exe
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\gpupvdev.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\gameux.dll
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2018-02-14 17:58:31 ----A---- C:\WINDOWS\system32\container.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\SYSWOW64\WMVXENCD.DLL
2018-02-14 17:58:30 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\skci.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\rasgcw.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-14 17:58:30 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\SYSWOW64\sppcomapi.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\wldp.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\vpcievdev.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\vmdynmem.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\SCardSvr.dll
2018-02-14 17:58:29 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-02-14 17:58:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\vmsynthfcvdev.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\Unistore.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\cscui.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\aclui.dll
2018-02-14 17:58:28 ----A---- C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\SYSWOW64\rtmmvrortc.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\SYSWOW64\ortcengine.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\SYSWOW64\Magnify.exe
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\ortcengine.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-02-14 17:58:27 ----A---- C:\WINDOWS\system32\edputil.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2018-02-14 17:58:26 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\drivers\vmswitch.sys
2018-02-14 17:58:26 ----A---- C:\WINDOWS\system32\AppManagementConfiguration.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\hvsicontainerservice.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\edputil.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\DeviceReactivation.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\AppVClientPS.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\system32\vmicrdv.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\system32\twinapi.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2018-02-14 17:58:25 ----A---- C:\WINDOWS\system32\AppVClientPS.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\vssapi.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2018-02-14 17:58:24 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2018-02-14 17:58:24 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\wscapi.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\sud.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\nshhttp.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\netlogon.dll
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-02-14 17:58:23 ----A---- C:\WINDOWS\system32\APHostService.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\WebClnt.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\p2psvc.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\mmcbase.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2018-02-14 17:58:22 ----A---- C:\WINDOWS\system32\drivers\Diskdump.sys
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\WMVSENCD.DLL
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\WcnApi.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\SyncController.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\icfupgd.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\cldapi.dll
2018-02-14 17:58:21 ----A---- C:\WINDOWS\system32\CCG.exe
2018-02-14 17:58:20 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\SYSWOW64\AppManagementConfiguration.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\srchadmin.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\hgcpl.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\davclnt.dll
2018-02-14 17:58:20 ----A---- C:\WINDOWS\system32\CCGLaunchPad.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-02-14 17:58:19 ----A---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\themecpl.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\shsetup.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\SCardDlg.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2018-02-14 17:58:19 ----A---- C:\WINDOWS\system32\P2P.dll
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\wlansvc.dll
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\wcncsvc.dll
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\SensorService.dll
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\ListSvc.dll
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\drivers\vfpext.sys
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-02-14 17:58:18 ----A---- C:\WINDOWS\system32\authz.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\SYSWOW64\shsetup.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\system32\webcheck.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-02-14 17:58:17 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\system32\stobject.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\system32\nlaapi.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\system32\netplwiz.dll
2018-02-14 17:58:16 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2018-02-14 17:58:14 ----A---- C:\WINDOWS\SYSWOW64\setup16.exe
2018-02-14 17:58:14 ----A---- C:\WINDOWS\SYSWOW64\P2P.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\system32\RdvgmProxy.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\system32\FontProvider.dll
2018-02-14 17:58:14 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2018-02-14 17:58:13 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2018-02-14 17:58:13 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2018-02-14 17:58:13 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2018-02-14 17:58:13 ----A---- C:\WINDOWS\system32\themeui.dll
2018-02-14 17:58:13 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2018-02-14 17:58:13 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\system32\msoert2.dll
2018-02-14 17:58:12 ----A---- C:\WINDOWS\system32\bootux.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\system32\ntshrui.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-14 17:58:11 ----A---- C:\WINDOWS\system32\drivers\vmbusr.sys
2018-02-14 17:58:11 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\SYSWOW64\RdvgmProxy.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\wscproxystub.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\spoolsv.exe
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\regsvr32.exe
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2018-02-14 17:58:10 ----A---- C:\WINDOWS\system32\drivers\Dumpstorport.sys
2018-02-14 17:58:09 ----A---- C:\WINDOWS\SYSWOW64\regsvr32.exe
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\vfpctrl.exe
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\rshx32.dll
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\provdatastore.dll
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-02-14 17:58:09 ----A---- C:\WINDOWS\system32\fontext.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\sendmail.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\rfxvmt.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\rasauto.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\convertvhd.exe
2018-02-14 17:58:08 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\wscproxystub.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\msoert2.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\SYSWOW64\EnterpriseAppMgmtClient.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\system32\taskcomp.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\system32\LockScreenContent.dll
2018-02-14 17:58:07 ----A---- C:\WINDOWS\system32\appinfo.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\SYSWOW64\mmcbase.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\twext.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-14 17:58:06 ----A---- C:\WINDOWS\system32\dsreg.dll
2018-02-14 17:58:05 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\synth3dvideoproxy.dll
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\rstrui.exe
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\rfxvmt.dll
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2018-02-14 17:58:05 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\srchadmin.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeHelper.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\wups2.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\winsrv.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\winsku.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\vmsif.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\virtdisk.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\tzres.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\iepeers.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\hnsproxy.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\hgclientserviceps.dll
2018-02-14 17:58:04 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2018-02-14 17:58:03 ----A---- C:\WINDOWS\SYSWOW64\user.exe
2018-02-14 17:58:03 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2018-02-14 17:58:03 ----A---- C:\WINDOWS\system32\atmlib.dll
2018-02-04 19:10:35 ----D---- C:\Program Files\paint.net

Druhá část

======List of files/folders modified in the last 1 month======

2018-03-02 20:07:00 ----RD---- C:\Program Files
2018-03-02 20:06:19 ----D---- C:\WINDOWS\Temp
2018-03-02 20:03:13 ----D---- C:\WINDOWS\system32\Tasks
2018-03-02 20:03:13 ----AD---- C:\Program Files\Opera
2018-03-02 19:15:54 ----D---- C:\WINDOWS\System32
2018-03-02 19:15:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-02 19:15:34 ----HD---- C:\Program Files\WindowsApps
2018-03-02 19:15:32 ----D---- C:\WINDOWS\DeliveryOptimization
2018-03-02 19:13:06 ----D---- C:\WINDOWS\AppReadiness
2018-03-02 19:10:26 ----D---- C:\WINDOWS\Prefetch
2018-03-02 19:09:47 ----D---- C:\ProgramData\Docker
2018-02-26 22:04:19 ----D---- C:\WINDOWS\system32\sru
2018-02-26 21:22:44 ----D---- C:\WINDOWS\system32\FxsTmp
2018-02-25 22:32:38 ----D---- C:\WINDOWS\system32\SleepStudy
2018-02-24 23:36:33 ----D---- C:\WINDOWS\system32\drivers
2018-02-24 13:24:14 ----SHD---- C:\System Volume Information
2018-02-24 13:22:52 ----RD---- C:\WINDOWS\Microsoft.NET
2018-02-24 13:14:32 ----SHD---- C:\WINDOWS\Installer
2018-02-24 13:14:32 ----SHD---- C:\Config.Msi
2018-02-24 13:14:23 ----D---- C:\WINDOWS\SysWOW64
2018-02-20 22:36:54 ----D---- C:\WINDOWS\system32\NDF
2018-02-20 08:04:22 ----D---- C:\WINDOWS\system32\DriverStore
2018-02-20 08:04:22 ----D---- C:\WINDOWS\system32\config
2018-02-20 07:40:15 ----HD---- C:\ProgramData
2018-02-18 20:11:29 ----D---- C:\WINDOWS\system32\catroot2
2018-02-18 19:46:18 ----D---- C:\WINDOWS\WinSxS
2018-02-18 19:42:58 ----D---- C:\WINDOWS\rescache
2018-02-18 19:42:05 ----RSD---- C:\WINDOWS\assembly
2018-02-18 08:39:00 ----D---- C:\WINDOWS\INF
2018-02-17 12:22:54 ----D---- C:\WINDOWS\CbsTemp
2018-02-14 20:21:50 ----D---- C:\WINDOWS\TextInput
2018-02-14 20:21:50 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-02-14 20:21:49 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-02-14 20:21:49 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-02-14 20:21:49 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-02-14 20:21:41 ----D---- C:\WINDOWS\system32\wbem
2018-02-14 20:21:36 ----SD---- C:\WINDOWS\system32\lxss
2018-02-14 20:21:36 ----SD---- C:\WINDOWS\system32\F12
2018-02-14 20:21:36 ----D---- C:\WINDOWS\system32\oobe
2018-02-14 20:21:36 ----D---- C:\WINDOWS\system32\migwiz
2018-02-14 20:21:36 ----D---- C:\WINDOWS\system32\migration
2018-02-14 20:21:35 ----D---- C:\WINDOWS\system32\Dism
2018-02-14 20:21:35 ----D---- C:\WINDOWS\system32\Boot
2018-02-14 20:21:35 ----D---- C:\WINDOWS\system32\appraiser
2018-02-14 20:21:23 ----D---- C:\WINDOWS\ShellExperiences
2018-02-14 20:21:23 ----D---- C:\WINDOWS\Provisioning
2018-02-14 20:21:23 ----D---- C:\WINDOWS\PolicyDefinitions
2018-02-14 20:21:19 ----RSD---- C:\WINDOWS\Fonts
2018-02-14 20:21:18 ----D---- C:\WINDOWS\bcastdvr
2018-02-14 20:21:18 ----D---- C:\WINDOWS\apppatch
2018-02-14 20:21:18 ----D---- C:\Windows
2018-02-14 20:21:18 ----D---- C:\Program Files\internet explorer
2018-02-14 20:21:18 ----D---- C:\Program Files (x86)\Internet Explorer
2018-02-14 20:20:53 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-02-14 18:35:17 ----D---- C:\WINDOWS\system32\MRT
2018-02-14 18:10:10 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 18:10:05 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-02-09 19:22:17 ----D---- C:\Intel
2018-02-06 03:49:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-02-04 13:14:48 ----RD---- C:\Program Files (x86)
2018-02-04 13:11:52 ----D---- C:\Program Files (x86)\Google
2018-02-04 13:11:51 ----D---- C:\Program Files\Common Files
2018-02-04 13:11:51 ----D---- C:\Program Files (x86)\Intel

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2012-07-10 179920]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 lxss;@%SystemRoot%\system32\drivers\lxss.sys,-100; C:\WINDOWS\system32\drivers\lxss.sys [2017-12-07 15768]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2017-09-30 293272]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 DNE;@oem58.inf,%DneLwf_Desc%;DNE LightWeight Filter; C:\WINDOWS\system32\DRIVERS\dnelwf64.sys [2013-02-20 119120]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2012-07-10 213416]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-03-29 152136]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2012-03-29 140752]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R3 ApHidfiltrService;@oem34.inf,%HidFilter.SvcDesc%;Alps GlidePoint HID Filter Driver; C:\WINDOWS\system32\DRIVERS\ApHidFiltr.sys [2017-08-22 278528]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 CnxtHdAudService;@oem74.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [2017-05-14 1660448]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [2011-03-04 306536]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2016-10-25 72592]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2016-10-25 67984]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2016-10-25 355216]
R3 HID_PCI;@oem53.inf,%HID_PCI%;HID PCI Minidriver for ISS; C:\WINDOWS\System32\drivers\HID_PCI.sys [2016-08-10 31328]
R3 HidEventFilter;@oem0.inf,%HidEventFilter%;Intel(R) HID Event Filter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [2016-08-16 54800]
R3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
R3 hvsocketcontrol;hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [2017-12-07 26112]
R3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
R3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
R3 ibtusb;@oem104.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2017-12-06 136128]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igdkmd64.sys [2017-09-07 12842992]
R3 IntcAudioBus;@oem1.inf,%IntcAudioBus.SVCDESC%;Sběrnice technologie Intel(R) Smart Sound; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [2017-02-22 238176]
R3 IntcDAud;@oem101.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-07-24 825376]
R3 IntcOED;@oem9.inf,%IntcOED.SVCDESC%;Technologie Intel(R) Smart Sound OED; C:\WINDOWS\System32\drivers\IntcOED.sys [2017-02-22 750176]
R3 ISH;@oem16.inf,%TEE_SvcDesc%;Intel(R) Integrated Sensor Solution ; C:\WINDOWS\System32\drivers\ISH.sys [2016-09-19 143984]
R3 ISH_BusDriver;@oem54.inf,%ISH_BusDriver.SVCDESC%; ISS Bus Enumerator; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [2016-08-18 80496]
R3 MEIx64;@oem8.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-12-02 204920]
R3 Netwtw06;@oem103.inf,%NIC_Service_DispName_WINT_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwtw06.sys [2018-01-25 8623512]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2017-09-30 126872]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2017-09-30 158616]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2017-09-30 143768]
S3 asmthub3;ASMedia USB3.1 Hub Service; C:\WINDOWS\System32\drivers\asmthub3.sys [2017-01-13 150904]
S3 asmtxhci;ASMedia XHCI Service; C:\WINDOWS\System32\drivers\asmtxhci.sys [2017-01-13 456568]
S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\basp.sys [2016-07-08 150024]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-09-29 191488]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2017-09-29 46592]
S3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-02-10 1015296]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\WINDOWS\System32\drivers\CVirtA64.sys [2010-02-08 14992]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2_SPI;Intel(R) Serial IO SPI Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_SPI.sys [2016-08-30 151352]
S3 iaLPSS2_UART2;Intel(R) Serial IO UART Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [2016-08-30 282424]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 lunparser;@%systemroot%\system32\drivers\lunparser.sys,-10010; C:\WINDOWS\system32\drivers\lunparser.sys [2017-12-07 23040]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2018-02-24 253880]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 Netwtw04;Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [2017-01-24 7932160]
S3 nhi;Thunderbolt(TM) Controller; C:\WINDOWS\System32\drivers\tbt81x.sys [2016-11-21 129608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 passthruparser;@%systemroot%\system32\drivers\passthruparser.sys,-10010; C:\WINDOWS\system32\drivers\passthruparser.sys [2017-12-07 24064]
S3 pcip;@wpcip.inf,%pcip.SVCDESC%;PCI Proxy driver; C:\WINDOWS\System32\drivers\pcip.sys [2017-12-07 48128]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 pvhdparser;@%systemroot%\system32\drivers\pvhdparser.sys,-10010; C:\WINDOWS\system32\drivers\pvhdparser.sys [2017-12-07 51712]
S3 ramparser;@%systemroot%\system32\drivers\ramparser.sys,-10010; C:\WINDOWS\system32\drivers\ramparser.sys [2017-12-07 31744]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 RTSPER;@oem55.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2016-08-05 779232]
S3 RTSUER;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-08-05 418784]
S3 rtsuvc;HP Universal Camera Driver; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2017-09-17 3222016]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-01-17 83984]
R2 ApHidMonitorService;@oem34.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service; C:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe [2017-08-22 178776]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BrcmMgmtAgent;Broadcom Management Agent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2014-08-13 215040]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_a0163;Uživatelská služba platformy připojených zařízení_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 com.docker.service;Docker for Windows Service; C:\Program Files\Docker\Docker\com.docker.service [2018-01-14 15872]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe [2017-09-07 613360]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 CxMonSvc;CxMonSvc; C:\WINDOWS\CxSvc\CxMonSvc.exe [2016-12-20 30840]
R2 CxUtilSvc;CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [2017-02-16 148600]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2012-07-04 999704]
R2 esifsvc;@oem62.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2016-11-09 2211448]
R2 HP Comm Recover;HP Comm Recovery; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [2016-10-07 1309184]
R2 HP Hotkey Service;HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [2017-04-11 966136]
R2 HPMAMSrv;HP MAC Address Manager Service; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [2016-10-28 537592]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-04-07 33640]
R2 ibtsiva;@oem104.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe [2017-09-07 415208]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-12-05 177440]
R2 LanWlanSwitchingService;LAN/WLAN Switching Service; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [2017-04-11 593400]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-12-05 419616]
R2 OneSyncSvc_a0163;Hostitel synchronizace_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-02-10 519144]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe [2017-09-07 397296]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-09-28 43648]
R3 hns;@%systemroot%\system32\HostNetSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-09-28 1077752]
R3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_a0163;Data kontaktů_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-26 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-09-29 52856]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_a0163;Tok zařízení_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [2012-07-04 35720]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2012-07-04 190208]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-26 153752]
S3 HgClientService;@%SystemRoot%\System32\hgclientservice.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-10-19 1102560]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-10-13 630048]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 LxssManager;@%systemroot%\system32\lxss\LxssManager.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 6234056]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_a0163;Služba zasílání zpráv_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-10 175048]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_a0163;PrintWorkflow_a0163; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-12-07 4329952]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2018-02-10 819096]

-----------------EOF-----------------

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Scan (Skenovanie) a pockaj na dokoncenie
• Klikni na Clean (Cistenie) a potvrd kliknutim na OK
• AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
• Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

Ahoj, asi jsem to pokazil, po restartu na mě nic nevyskočilo. Před restartem ano, ale to jsem si bohužel neuložil Mám to spustit znovu?

Log by mal byt ulozeny v zlozke C:/AdwCleaner pod nazvom AdwCleaner[C0].txt

Super díky, tady je

# AdwCleaner 7.0.8.0 - Logfile created on Sat Mar 03 12:55:03 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

Deleted: C:\END


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [948 B] - [2018/3/3 12:15:21]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

Ačkoliv mám FRST64.exe na ploše, tak při spuštění FRSTLauncher mi to řeklo, že tam není, tak jsem spustil scan samotného FRST.

FRST je nutne spustit pod administratorskym uctom.

Omlouvám se, měl jsem za to že jsem to spouštěl jako administrator, teď by to již mělo být v pořádku.

V PC su nainstalovane zastarale verzie Javy, ktore odporucam odinstalovat:

• Java 8 Update 111
  Java 8 Update 131

Ak Javu potrebujes, nainstaluj aktualnu verziu - Java 8 Update 161 - https://java.com/en/download/

Tieto riadky mas v hosts nastavene umyselne?

127.0.0.1 cms
127.0.0.1 skolapropsy
127.0.0.1 atomic-file.localhost
127.0.0.1 di.localhost
127.0.0.1 ladygong.localhost

Poznas tento program?

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2017-12-08]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()

Děkuji, novou Javu jsem nainstaloval a starou odinstaloval. Potřebuji ji pro běh IDE.

Ano v hosts mám tyto záznamy schválně, mám lokální webový server.

Ten vpngui je program Cisco vpn client, kterým se připojuji do pracovní vpnky.

OK. Inak vyzera to ciste, len precistime zopar zbytocnosti.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  ExportKey: HKLM\SOFTWARE\Policies\Google
  HKLM-x32\...\RunOnce: [{8060a69f-ee27-444b-b126-775f861232ea}] => C:\ProgramData\Package Cache\{8060a69f-ee27-444b-b126-775f861232ea}\Setup.exe [1668128 2018-01-13] (Intel Corporation) <==== ATTENTION
  HKU\S-1-5-21-2830779331-3592222151-1840298108-1005\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].tx
  2018-03-03 16:58 - 2018-03-03 16:58 - 000015327 _____ C:\Users\sitnefr1-locadm\Desktop\LM.bat
  2018-03-03 16:57 - 2018-03-03 16:28 - 000112640 _____ (forum.viry.cz) C:\Users\Franta\Desktop\FRSTLauncher.exe
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 28.02.2018
Ran by sitnefr1-locadm (03-03-2018 18:23:08) Run:1
Running from C:\Users\Franta\Desktop
Loaded Profiles: sitnefr1-locadm & Franta (Available Profiles: sitnefr1-locadm & Franta & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKLM\SOFTWARE\Policies\Google
HKLM-x32\...\RunOnce: [{8060a69f-ee27-444b-b126-775f861232ea}] => C:\ProgramData\Package Cache\{8060a69f-ee27-444b-b126-775f861232ea}\Setup.exe [1668128 2018-01-13] (Intel Corporation) <==== ATTENTION
HKU\S-1-5-21-2830779331-3592222151-1840298108-1005\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].tx
2018-03-03 16:58 - 2018-03-03 16:58 - 000015327 _____ C:\Users\sitnefr1-locadm\Desktop\LM.bat
2018-03-03 16:57 - 2018-03-03 16:28 - 000112640 _____ (forum.viry.cz) C:\Users\Franta\Desktop\FRSTLauncher.exe
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Google]
[HKLM\SOFTWARE\Policies\Google\Chrome]
[HKLM\SOFTWARE\Policies\Google\Chrome\EnabledPlugins]
"1"="HP Client Security Manager"
[HKLM\SOFTWARE\Policies\Google\Update]
"UpdateDefault"="1"

=== End of ExportKey ===
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\{8060a69f-ee27-444b-b126-775f861232ea}" => removed successfully
"HKU\S-1-5-21-2830779331-3592222151-1840298108-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Report" => removed successfully
C:\Users\sitnefr1-locadm\Desktop\LM.bat => moved successfully
C:\Users\Franta\Desktop\FRSTLauncher.exe => moved successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2104856 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 197172171 B
Edge => 9216 B
Chrome => 56110943 B
Firefox => 0 B
Opera => 1114848 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 76706 B
NetworkService => 0 B
sitnefr1-locadm => 223790090 B
Franta => 137910144 B
Administrator => 39140 B
pdqdeploy => 10252 B
sitnefr1 => 243472 B

RecycleBin => 15983 B
EmptyTemp: => 597.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:23:59 ====

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

Skontroluj velkost plochy (C:\Users\Franta\Desktop a C:\Users\sitnefr1-locadm\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.