VIRY.CZ

Dobrý den,

mám problém s kterým bych potřeboval poradit. Mám asi rok stary NTB, který se v poslední době hodně spomalil. Když sleduje vytížení ve správci úloh, tak většinou je disk vytížen na 100%, málokdy klesne na kolem 90% a pod 85% se jistě nedostane. Jinak vše funguje jak má, alespoň jsem změnu nezaznamenal, jen je to hodně pomalé.

Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dado at 2018-05-19 16:38:24
Microsoft Windows 10 Pro
System drive C: has 244 GB (26%) free of 943 GB
Total RAM: 8078 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:38:33, on 19. 5. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0371)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Dado.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Killer Control Center.lnk = C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{e9063f24-e839-43b5-a040-552fb7474146}: NameServer = 77.236.192.130,77.236.192.150
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Killer Network Service - Rivet Networks - C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Windows\SysWOW64\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11857 bytes

======Listing Processes======








c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-29cd2778-d624-431c-914e-ee827062b565 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-4fa5585d-b3d5-4342-9896-4c197a0a7ccb -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1d727a03-c9a8-40ca-a6ee-9497ac41abd5 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e265276b-5e0b-47f8-9d37-5a76c4693361 -LifetimeId:76b3ec22-5ebe-4d97-acfa-aa9e1370fb58 -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p

c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 2759012274112
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\DbxSvc.exe
"C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\Windows\SysWOW64\MSIService.exe
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p

"C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe"
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
"C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\locator.exe
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files\KMSpico\Service_KMS.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs
dashost.exe {9bc93aff-402c-40ab-86981ca81b2a7487}
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc

"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time
"C:\WINDOWS\system32\wuauclt.exe" /RunHandlerComServer
C:\WINDOWS\SoftwareDistribution\Download\9eaee87abab23b313c5b7697b9a103ad\WindowsUpdateBox.Exe /Package /Install /ClassId f1851d8e-504f-48a9-acf7-a8c7ff709abe /CancelId 950bb10b-c74a-4bd4-8593-1fa278f0092d /DeploymentSessionID e76799a9-e9d4-463d-a897-d9499b7e2e94 /SuspendId be753913-f42a-41cd-bd9e-776c0b023eed /CorrelationVector TZvkXbLjSEWseosk.1.3.1.2.67 /FlightData RS:1622 /ReportId F8EE1E09-5379-44DF-B86D-E49E70CBE43B.1 /ActionListFile C:\WINDOWS\SoftwareDistribution\Download\9eaee87abab23b313c5b7697b9a103ad\ActionList.xml
"C:\$WINDOWS.~BT\Sources\SetupHost.Exe" /Install /Package /Quiet /progressCLSID f1851d8e-504f-48a9-acf7-a8c7ff709abe /ReportId F8EE1E09-5379-44DF-B86D-E49E70CBE43B.1 /FlightData "RS:1622" "/CancelId" "950bb10b-c74a-4bd4-8593-1fa278f0092d" "/DeploymentSessionID" "e76799a9-e9d4-463d-a897-d9499b7e2e94" "/CorrelationVector" "TZvkXbLjSEWseosk.1.3.1.2.67" "/ActionListFile" "C:\WINDOWS\SoftwareDistribution\Download\9eaee87abab23b313c5b7697b9a103ad\ActionList.xml"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe"
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\WINDOWS\System32\Taskmgr.exe" /3
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
AVGUI.exe /nogui
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Dado\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Dado\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.181 --initial-client-data=0x2cc,0x2f8,0x2fc,0x2f0,0x300,0x7ffa20b83218,0x7ffa20b83228,0x7ffa20b83238
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7048 --on-initialized-event-handle=964 --parent-handle=968 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1740,12693218584307217175,16288854870440684802,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=B47403B3FF2A9A7D09391F90E5429EC1 --mojo-platform-channel-handle=1764 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1740,12693218584307217175,16288854870440684802,131072 --service-pipe-token=3ED0382EBCB1B6E5EAAEC12636D0FE06 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=3ED0382EBCB1B6E5EAAEC12636D0FE06 --renderer-client-id=7 --mojo-platform-channel-handle=5356 /prefetch:1
"C:\Program Files\CCleaner\CCleaner.exe" /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1740,12693218584307217175,16288854870440684802,131072 --service-pipe-token=2A14AF85CE9D10AD61E634047B50C399 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=2A14AF85CE9D10AD61E634047B50C399 --renderer-client-id=13 --mojo-platform-channel-handle=5984 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1740,12693218584307217175,16288854870440684802,131072 --lang=cs --service-sandbox-type=utility --service-request-channel-token=9F510F36A087525834E615F959EC1177 --mojo-platform-channel-handle=4356 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1740,12693218584307217175,16288854870440684802,131072 --service-pipe-token=25BE3AB78BE1A4898310DED733D4F50A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=25BE3AB78BE1A4898310DED733D4F50A --renderer-client-id=15 --mojo-platform-channel-handle=5460 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1740,12693218584307217175,16288854870440684802,131072 --service-pipe-token=75D6A3346D9E419E3A29B3D058B8B789 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=75D6A3346D9E419E3A29B3D058B8B789 --renderer-client-id=24 --mojo-platform-channel-handle=7380 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1740,12693218584307217175,16288854870440684802,131072 --service-pipe-token=ED6A7246550AC05C296EC676DDBF10F9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=ED6A7246550AC05C296EC676DDBF10F9 --renderer-client-id=26 --mojo-platform-channel-handle=7076 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x518
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Dado\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-11-07 9050632]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2016-09-20 71168]
"SCM"=c:\Program Files (x86)\SCM\SCM.exe [2016-10-07 301848]
"AVGUI.exe"=C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [2018-05-17 291568]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-06 3920552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-05-10 18334016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-05-14 3643712]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Killer Control Center.lnk - C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-05-19 16:38:24 ----D---- C:\Program Files\trend micro
2018-05-19 16:38:23 ----D---- C:\rsit
2018-05-19 10:04:07 ----D---- C:\Windows.old
2018-05-19 01:04:53 ----D---- C:\FRST
2018-05-19 00:39:55 ----D---- C:\ProgramData\SecTaskMan
2018-05-19 00:39:46 ----D---- C:\Program Files (x86)\Security Task Manager
2018-05-18 23:37:41 ----D---- C:\Users\Dado\AppData\Roaming\Transport Fever
2018-05-17 20:33:54 ----A---- C:\WINDOWS\system32\avgBoot.exe
2018-05-15 14:01:19 ----D---- C:\Program Files (x86)\Kalypso
2018-05-14 13:45:50 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2018-05-14 13:45:50 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2018-05-14 13:45:50 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2018-05-14 13:45:50 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2018-05-08 22:22:46 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-05-08 21:11:38 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2018-05-08 21:11:38 ----A---- C:\WINDOWS\system32\WpcMon.exe
2018-05-08 21:11:38 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-05-08 21:11:37 ----A---- C:\WINDOWS\system32\Wpc.dll
2018-05-08 21:11:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-05-08 21:11:36 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-05-08 21:11:36 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-05-08 21:11:36 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-08 21:11:36 ----A---- C:\WINDOWS\system32\cdp.dll
2018-05-08 21:11:35 ----A---- C:\WINDOWS\SYSWOW64\ninput.dll
2018-05-08 21:11:35 ----A---- C:\WINDOWS\SYSWOW64\AcSpecfc.dll
2018-05-08 21:11:34 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-05-08 21:11:34 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-05-08 21:11:34 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-05-08 21:11:34 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-05-08 21:11:34 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-05-08 21:11:34 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-05-08 21:11:34 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-05-08 21:11:34 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-08 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-05-08 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-05-08 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-05-08 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-05-08 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-05-08 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-05-08 21:11:33 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-05-08 21:11:33 ----A---- C:\WINDOWS\system32\wups2.dll
2018-05-08 21:11:33 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-08 21:11:33 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-05-08 21:11:33 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-05-08 21:11:32 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-05-08 21:11:32 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-05-08 21:11:32 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-05-08 21:11:32 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2018-05-08 21:11:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-05-08 21:11:31 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-05-08 21:11:31 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-05-08 21:11:31 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-05-08 21:11:30 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\system32\tquery.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\system32\t2embed.dll
2018-05-08 21:11:30 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-05-08 21:11:30 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-05-08 21:11:29 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-05-08 21:11:29 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-05-08 21:11:29 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-05-08 21:11:29 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-05-08 21:11:29 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-05-08 21:11:28 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-05-08 21:11:28 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-05-08 21:11:28 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-05-08 21:11:27 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-05-08 21:11:27 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-05-08 21:11:27 ----A---- C:\WINDOWS\system32\gameux.dll
2018-05-08 21:11:26 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-05-08 21:11:26 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\system32\TSpkg.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\system32\netlogon.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\system32\D3D12.dll
2018-05-08 21:11:25 ----A---- C:\WINDOWS\system32\credssp.dll
2018-05-08 21:11:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-05-08 21:11:24 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2018-05-08 21:11:24 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-05-08 21:11:23 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-05-08 21:11:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2018-05-08 21:11:23 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2018-05-08 21:11:23 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2018-05-08 21:11:23 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-05-08 21:11:23 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-05-08 21:11:23 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-08 21:11:23 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2018-05-08 21:11:23 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-05-08 21:11:23 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2018-05-08 21:11:22 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-08 21:11:22 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-05-08 21:11:22 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-05-08 21:11:21 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-05-08 21:11:21 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-05-08 21:11:21 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-05-08 21:11:21 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-05-08 21:11:20 ----A---- C:\WINDOWS\system32\msisip.dll
2018-05-08 21:11:20 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-05-08 21:11:20 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-05-08 21:11:20 ----A---- C:\WINDOWS\system32\imgutil.dll
2018-05-08 21:11:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-05-08 21:11:19 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-05-08 21:11:19 ----A---- C:\WINDOWS\system32\jscript.dll
2018-05-08 21:11:19 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-08 21:11:19 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-05-08 21:11:19 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-05-08 21:11:19 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-05-08 21:11:19 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-05-08 21:11:19 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-05-08 21:11:18 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-05-08 21:11:18 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2018-05-08 21:11:18 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-05-08 21:11:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-05-08 21:11:18 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-05-08 21:11:18 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-05-08 21:11:18 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-05-08 21:11:17 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-08 21:11:17 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-08 21:11:17 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-05-08 21:11:16 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2018-05-08 21:11:16 ----A---- C:\WINDOWS\system32\ninput.dll
2018-05-08 21:11:16 ----A---- C:\WINDOWS\system32\BFE.DLL
2018-05-08 21:11:16 ----A---- C:\WINDOWS\system32\AcSpecfc.dll
2018-05-08 21:11:15 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-05-08 21:11:15 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-05-08 21:11:15 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-08 21:11:14 ----A---- C:\WINDOWS\system32\wininet.dll
2018-05-08 21:11:14 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-05-08 21:11:13 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-08 21:11:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-05-08 21:11:12 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-05-08 21:11:11 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-05-08 21:11:10 ----A---- C:\WINDOWS\system32\wmp.dll
2018-05-08 21:11:10 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-08 21:11:10 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-05-08 21:11:09 ----A---- C:\WINDOWS\system32\mfplat.dll
2018-05-08 21:11:09 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-05-08 21:11:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-08 21:11:07 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2018-05-08 21:11:07 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2018-05-08 21:11:07 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-08 21:11:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2018-05-08 21:11:06 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-05-08 21:11:06 ----A---- C:\WINDOWS\SYSWOW64\SettingMonitor.dll
2018-05-08 21:11:06 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2018-05-08 21:11:06 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2018-05-08 21:11:06 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-05-08 21:11:06 ----A---- C:\WINDOWS\system32\SettingSync.dll
2018-05-08 21:11:06 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-08 21:11:06 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2018-05-08 21:11:05 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-05-08 21:11:05 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-05-08 21:11:05 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2018-05-08 21:11:05 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2018-05-08 21:11:05 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2018-05-08 21:11:05 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2018-05-08 21:11:05 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-05-08 21:11:05 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2018-05-08 21:11:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-08 21:11:05 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-05-08 21:11:04 ----A---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2018-05-08 21:11:04 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2018-05-08 21:11:04 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-08 21:11:04 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-08 21:11:04 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-08 21:11:04 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2018-05-08 21:11:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2018-05-08 21:11:03 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-05-08 21:11:03 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2018-05-08 21:11:03 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-08 21:11:03 ----A---- C:\WINDOWS\system32\StartTileData.dll
2018-05-08 21:11:03 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-05-08 21:11:03 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2018-05-08 21:11:03 ----A---- C:\WINDOWS\system32\hgcpl.dll
2018-05-08 21:11:02 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2018-05-08 21:11:02 ----A---- C:\WINDOWS\system32\wldp.dll
2018-05-08 21:11:02 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-05-08 21:11:02 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-05-08 21:11:02 ----A---- C:\WINDOWS\system32\twext.dll
2018-05-08 21:11:02 ----A---- C:\WINDOWS\system32\stobject.dll
2018-05-08 21:11:02 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-05-08 21:11:01 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2018-05-08 21:11:01 ----A---- C:\WINDOWS\system32\ntshrui.dll
2018-05-08 21:11:01 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-08 21:11:01 ----A---- C:\WINDOWS\system32\comdlg32.dll
2018-05-08 21:11:00 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-05-08 21:11:00 ----A---- C:\WINDOWS\system32\twinui.dll
2018-05-08 21:11:00 ----A---- C:\WINDOWS\system32\msctf.dll
2018-05-08 21:11:00 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-05-08 21:10:59 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-08 21:10:59 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-05-08 21:10:59 ----A---- C:\WINDOWS\system32\itss.dll
2018-05-08 21:10:59 ----A---- C:\WINDOWS\system32\fontext.dll
2018-05-08 21:10:58 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-05-08 21:10:58 ----A---- C:\WINDOWS\system32\shell32.dll
2018-05-08 21:10:58 ----A---- C:\WINDOWS\explorer.exe
2018-05-08 21:10:57 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-05-08 21:10:57 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2018-05-08 21:10:56 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-05-08 21:10:47 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2018-05-08 21:10:47 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-08 21:10:47 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-08 21:10:46 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-08 21:10:46 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-08 21:10:44 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2018-05-08 21:10:44 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-05-08 21:10:44 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-08 21:10:44 ----A---- C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-08 21:10:43 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2018-05-08 21:10:43 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2018-05-08 21:10:43 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2018-05-08 21:10:43 ----A---- C:\WINDOWS\system32\winresume.exe
2018-05-08 21:10:43 ----A---- C:\WINDOWS\system32\winload.exe
2018-05-08 21:10:43 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-08 21:10:42 ----A---- C:\WINDOWS\system32\ci.dll
2018-05-08 21:10:41 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-08 21:10:40 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2018-05-08 21:10:40 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2018-05-08 21:10:40 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-08 21:10:40 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-08 21:10:40 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2018-05-08 21:10:40 ----A---- C:\WINDOWS\system32\authui.dll
2018-05-08 21:10:39 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2018-05-08 21:10:39 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-08 21:10:39 ----A---- C:\WINDOWS\system32\usercpl.dll
2018-05-08 21:10:39 ----A---- C:\WINDOWS\system32\themecpl.dll
2018-05-08 21:10:39 ----A---- C:\WINDOWS\system32\invagent.dll
2018-05-08 21:10:39 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\devinv.dll
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\aepic.dll
2018-05-08 21:10:38 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-05-08 21:10:37 ----A---- C:\WINDOWS\system32\usocore.dll
2018-05-08 21:10:37 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-05-08 21:10:37 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-05-08 21:10:36 ----A---- C:\WINDOWS\system32\AppVShNotify.exe
2018-05-08 21:10:36 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2018-05-08 21:10:36 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-05-08 21:10:36 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-05-08 21:10:34 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-08 21:10:33 ----A---- C:\WINDOWS\system32\TransportDSA.dll
2018-05-08 21:10:33 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2018-05-08 21:10:33 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2018-05-08 21:10:33 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2018-05-08 21:10:33 ----A---- C:\WINDOWS\system32\AppVClient.exe
2018-05-08 21:10:32 ----A---- C:\WINDOWS\system32\combase.dll
2018-05-08 21:10:31 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2018-05-08 21:10:31 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-05-08 21:10:31 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2018-05-08 21:10:31 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-08 21:10:30 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2018-05-08 21:10:29 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountWAMExtension.dll
2018-05-08 21:10:29 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-05-08 21:10:29 ----A---- C:\WINDOWS\system32\dosvc.dll
2018-05-08 21:10:28 ----A---- C:\WINDOWS\system32\mstscax.dll
2018-05-08 21:10:27 ----A---- C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-08 21:10:26 ----A---- C:\WINDOWS\SYSWOW64\BrowserSettingSync.dll
2018-05-08 21:10:26 ----A---- C:\WINDOWS\system32\ShareHost.dll
2018-05-08 21:10:26 ----A---- C:\WINDOWS\system32\profsvc.dll
2018-05-08 21:10:26 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-05-08 21:10:26 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-05-08 21:10:26 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-05-08 21:10:25 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2018-05-08 21:10:25 ----A---- C:\WINDOWS\SYSWOW64\msisip.dll
2018-05-08 21:10:25 ----A---- C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-08 21:10:25 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-08 21:10:25 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2018-05-08 21:10:25 ----A---- C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2018-05-08 21:10:25 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2018-05-08 21:10:24 ----A---- C:\WINDOWS\system32\msxml3.dll
2018-05-08 21:10:24 ----A---- C:\WINDOWS\system32\comsvcs.dll
2018-05-08 21:10:23 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2018-05-08 21:10:23 ----A---- C:\WINDOWS\system32\oleaut32.dll
2018-05-08 21:10:23 ----A---- C:\WINDOWS\system32\Geolocation.dll
2018-05-08 21:10:23 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2018-05-08 21:10:22 ----A---- C:\WINDOWS\SYSWOW64\Wldap32.dll
2018-05-08 21:10:22 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2018-05-08 21:10:22 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2018-05-08 21:10:22 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2018-05-08 21:10:22 ----A---- C:\WINDOWS\system32\wuauclt.exe
2018-05-08 21:10:22 ----A---- C:\WINDOWS\system32\wlidprov.dll
2018-05-08 21:10:22 ----A---- C:\WINDOWS\system32\WinTypes.dll
2018-05-08 21:10:22 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2018-05-08 21:10:22 ----A---- C:\WINDOWS\system32\crypt32.dll
2018-05-08 21:10:21 ----A---- C:\WINDOWS\SYSWOW64\SmartcardCredentialProvider.dll
2018-05-08 21:10:21 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2018-05-08 21:10:21 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2018-05-08 21:10:21 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2018-05-08 21:10:21 ----A---- C:\WINDOWS\system32\Wldap32.dll
2018-05-08 21:10:21 ----A---- C:\WINDOWS\system32\AppResolver.dll
2018-05-08 21:10:20 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.Office2013CustomActions.dll
2018-05-08 21:10:20 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2018-05-08 21:10:20 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2018-05-08 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2018-05-08 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.AppAgent.dll
2018-05-08 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2018-05-08 21:10:19 ----A---- C:\WINDOWS\system32\kernel32.dll
2018-05-08 21:10:19 ----A---- C:\WINDOWS\system32\domgmt.dll
2018-05-08 21:10:19 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2018-05-08 21:10:19 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2018-05-08 21:10:19 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2018-05-08 21:10:18 ----A---- C:\WINDOWS\system32\comctl32.dll
2018-05-08 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2018-05-08 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\credssp.dll
2018-05-08 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2018-05-08 21:10:16 ----A---- C:\WINDOWS\system32\rdpcore.dll
2018-05-08 21:10:16 ----A---- C:\WINDOWS\system32\mstsc.exe
2018-05-08 21:10:16 ----A---- C:\WINDOWS\system32\LockController.dll
2018-05-08 21:10:16 ----A---- C:\WINDOWS\system32\AssignedAccessManager.dll
2018-05-08 21:10:16 ----A---- C:\WINDOWS\HelpPane.exe
2018-05-08 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2018-05-08 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2018-05-08 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2018-05-08 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2018-05-08 21:10:15 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-08 21:10:15 ----A---- C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-08 21:10:15 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-08 21:10:15 ----A---- C:\WINDOWS\system32\credprovhost.dll
2018-05-08 21:10:15 ----A---- C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-08 21:10:15 ----A---- C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-08 21:10:15 ----A---- C:\WINDOWS\system32\catsrvut.dll
2018-05-08 21:10:14 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2018-05-08 21:10:14 ----A---- C:\WINDOWS\SYSWOW64\CredProv2faHelper.dll
2018-05-08 21:10:14 ----A---- C:\WINDOWS\SYSWOW64\CloudStorageWizard.exe
2018-05-08 21:10:14 ----A---- C:\WINDOWS\SYSWOW64\appidapi.dll
2018-05-08 21:10:14 ----A---- C:\WINDOWS\system32\schannel.dll
2018-05-08 21:10:14 ----A---- C:\WINDOWS\system32\credprovs.dll
2018-05-08 21:10:14 ----A---- C:\WINDOWS\system32\CloudNotifications.exe
2018-05-08 21:10:14 ----A---- C:\WINDOWS\system32\appidapi.dll
2018-05-08 21:10:13 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2018-05-08 21:10:13 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2018-05-08 21:10:13 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-08 21:10:13 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\SYSWOW64\shlwapi.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\system32\wsecedit.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\system32\srpapi.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\system32\shlwapi.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\system32\mssph.dll
2018-05-08 21:10:12 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-08 21:10:11 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-08 21:10:11 ----A---- C:\WINDOWS\system32\eShims.dll
2018-05-08 21:10:11 ----A---- C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-08 21:10:10 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2018-05-08 21:10:10 ----A---- C:\WINDOWS\SYSWOW64\itircl.dll
2018-05-08 21:10:10 ----A---- C:\WINDOWS\system32\itircl.dll
2018-05-08 21:10:09 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncPolicy.dll
2018-05-08 21:10:09 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2018-05-08 21:10:09 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2018-05-08 21:10:09 ----A---- C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-08 21:10:09 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-08 21:10:09 ----A---- C:\WINDOWS\system32\coredpus.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\SYSWOW64\ByteCodeGenerator.exe
2018-05-08 21:10:08 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\system32\wincorlib.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\system32\mssitlb.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2018-05-08 21:10:08 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-08 21:10:08 ----A---- C:\WINDOWS\system32\appidsvc.dll
2018-05-08 21:10:07 ----A---- C:\WINDOWS\system32\pcaevts.dll
2018-05-08 21:10:07 ----A---- C:\WINDOWS\system32\pcadm.dll
2018-05-06 22:20:23 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2018-05-06 22:20:20 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2018-05-06 22:20:20 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2018-05-06 22:20:20 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2018-05-06 22:20:15 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2018-04-25 16:23:51 ----D---- C:\Users\Dado\AppData\Roaming\11bitstudios
2018-04-25 16:23:49 ----D---- C:\ProgramData\SkidRow
2018-04-25 14:13:49 ----D---- C:\Program Files (x86)\This War of Mine
2018-04-22 13:09:02 ----D---- C:\Games

======List of files/folders modified in the last 1 month======

2018-05-19 16:38:24 ----RD---- C:\Program Files
2018-05-19 16:32:05 ----D---- C:\WINDOWS\Temp
2018-05-19 16:21:53 ----SHDC---- C:\WINDOWS\Installer
2018-05-19 16:21:52 ----HD---- C:\Config.Msi
2018-05-19 16:21:52 ----D---- C:\Program Files (x86)\Intel
2018-05-19 16:21:50 ----D---- C:\WINDOWS\system32\DriverStore
2018-05-19 16:21:49 ----D---- C:\WINDOWS\INF
2018-05-19 16:21:43 ----D---- C:\Windows
2018-05-19 16:20:26 ----HD---- C:\Program Files\WindowsApps
2018-05-19 16:20:03 ----D---- C:\WINDOWS\AppReadiness
2018-05-19 16:18:17 ----D---- C:\ProgramData\NVIDIA
2018-05-19 16:16:31 ----D---- C:\WINDOWS\DeliveryOptimization
2018-05-19 16:15:19 ----D---- C:\WINDOWS\system32\sru
2018-05-19 11:30:53 ----D---- C:\Users\Dado\AppData\Roaming\vlc
2018-05-19 11:21:03 ----D---- C:\WINDOWS\system32\SleepStudy
2018-05-19 11:02:15 ----HD---- C:\$WINDOWS.~BT
2018-05-19 10:52:20 ----DC---- C:\WINDOWS\Panther
2018-05-19 10:43:12 ----D---- C:\WINDOWS\system32\drivers
2018-05-19 00:39:55 ----HD---- C:\ProgramData
2018-05-19 00:39:46 ----RD---- C:\Program Files (x86)
2018-05-19 00:32:29 ----D---- C:\Program Files (x86)\Steam
2018-05-19 00:31:36 ----D---- C:\WINDOWS\debug
2018-05-19 00:29:58 ----D---- C:\WINDOWS\system32\Tasks
2018-05-19 00:02:32 ----D---- C:\WINDOWS\system32\config
2018-05-18 23:53:53 ----D---- C:\WINDOWS\system32\catroot2
2018-05-18 23:53:47 ----D---- C:\WINDOWS\CbsTemp
2018-05-18 23:44:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-05-18 23:44:26 ----D---- C:\Program Files (x86)\AVG
2018-05-18 23:44:26 ----AD---- C:\ProgramData\Avg
2018-05-18 23:36:59 ----SHD---- C:\System Volume Information
2018-05-18 22:45:06 ----D---- C:\Users\Dado\AppData\Roaming\uTorrent
2018-05-18 22:44:34 ----D---- C:\GOG Games
2018-05-18 19:44:28 ----RD---- C:\WINDOWS\Microsoft.NET
2018-05-18 19:32:06 ----D---- C:\WINDOWS\Registration
2018-05-17 20:33:55 ----D---- C:\WINDOWS\System32
2018-05-15 14:38:39 ----D---- C:\Hry
2018-05-15 06:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2018-05-15 03:49:34 ----D---- C:\WINDOWS\LiveKernelReports
2018-05-15 02:25:30 ----D---- C:\Program Files (x86)\Dropbox
2018-05-13 13:53:56 ----D---- C:\WINDOWS\Logs
2018-05-13 12:26:03 ----D---- C:\WINDOWS\WinSxS
2018-05-11 17:00:41 ----RSD---- C:\WINDOWS\assembly
2018-05-09 21:56:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-09 21:53:59 ----D---- C:\ProgramData\NVIDIA Corporation
2018-05-09 21:53:49 ----D---- C:\WINDOWS\SysWOW64
2018-05-09 21:51:07 ----D---- C:\Program Files\NVIDIA Corporation
2018-05-08 22:39:00 ----D---- C:\WINDOWS\rescache
2018-05-08 22:21:03 ----SHD---- C:\Boot
2018-05-08 22:16:34 ----SD---- C:\WINDOWS\SYSWOW64\DiagSvcs
2018-05-08 22:16:34 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-05-08 22:16:34 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-05-08 22:16:34 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-05-08 22:16:34 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-05-08 22:16:34 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-05-08 22:16:31 ----D---- C:\WINDOWS\system32\wbem
2018-05-08 22:16:22 ----SD---- C:\WINDOWS\system32\DiagSvcs
2018-05-08 22:16:22 ----D---- C:\WINDOWS\system32\oobe
2018-05-08 22:16:22 ----D---- C:\WINDOWS\system32\migration
2018-05-08 22:16:22 ----D---- C:\WINDOWS\system32\en-US
2018-05-08 22:16:22 ----D---- C:\WINDOWS\system32\Dism
2018-05-08 22:16:22 ----D---- C:\WINDOWS\system32\cs-CZ
2018-05-08 22:16:21 ----D---- C:\WINDOWS\system32\Boot
2018-05-08 22:16:17 ----D---- C:\WINDOWS\ShellExperiences
2018-05-08 22:16:17 ----D---- C:\WINDOWS\servicing
2018-05-08 22:16:16 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-05-08 22:16:15 ----D---- C:\WINDOWS\apppatch
2018-05-08 22:16:15 ----D---- C:\Program Files\Windows Media Player
2018-05-08 22:16:15 ----D---- C:\Program Files (x86)\Windows Media Player
2018-05-08 21:30:50 ----D---- C:\WINDOWS\system32\MRT
2018-05-08 21:28:06 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-08 21:27:54 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-05-08 21:15:03 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2018-05-08 21:14:38 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2018-05-08 21:14:31 ----A---- C:\WINDOWS\system32\jsproxy.dll
2018-04-23 12:05:23 ----D---- C:\Program Files (x86)\Bethesda Softworks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\WINDOWS\system32\drivers\avgbidsha.sys [2018-05-17 192536]
R0 avgblog;avgblog; C:\WINDOWS\system32\drivers\avgbloga.sys [2018-05-17 336848]
R0 avgbuniv;avgbuniv; C:\WINDOWS\system32\drivers\avgbuniva.sys [2018-05-17 50776]
R0 avgRvrt;avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [2018-05-17 78352]
R0 avgVmm;avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [2018-05-17 373944]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-09-20 795640]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2017-09-29 293272]
R1 avgArPot;avgArPot; C:\WINDOWS\system32\drivers\avgArPot.sys [2018-05-17 189032]
R1 avgbidsdriver;avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdrivera.sys [2018-05-17 220600]
R1 avgRdr;avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [2018-05-17 103744]
R1 avgSnx;avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [2018-05-17 1020112]
R1 avgSP;avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [2018-05-17 452904]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-03-30 59808]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2018-03-19 76192]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-03-30 8192]
R2 avgMonFlt;avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [2018-05-17 151504]
R2 avgStm;avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [2018-05-17 198368]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2018-05-06 193768]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 RfeCoSvc;RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [2016-09-29 87904]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 dtlitescsibus;@oem39.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-06-12 30264]
R3 dtliteusbbus;@oem51.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-06-12 47672]
R3 ibtusb;@oem10.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2016-10-15 180992]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igdkmd64.sys [2017-06-22 12838352]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-11-07 5428232]
R3 IntcDAud;@oem18.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-05-11 825344]
R3 iwdbus;@oem34.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-07 39920]
R3 KillerEth;@e2xw10x64.inf,%RIVET.Service.DispName%;NDIS Miniport Driver for Killer PCI-E Gigabit Ethernet Controller; C:\WINDOWS\System32\drivers\e2xw10x64.sys [2017-09-29 145920]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2018-05-18 112864]
R3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [2018-05-18 44768]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2018-05-18 253664]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2018-05-19 102112]
R3 MEIx64;@oem61.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-08-23 204912]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2017-09-29 7689728]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmiwu.inf_amd64_7b11efeca48cd7d3\nvlddmkm.sys [2017-05-18 14456920]
R3 nvvad_WaveExtensible;@oem77.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-12-15 59240]
R3 nvvhci;@oem32.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-03-14 58816]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-05-06 33960]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2017-09-29 126872]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2017-09-29 158616]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2017-09-29 143768]
S3 avgHwid;avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [2018-05-17 39352]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2018-03-13 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-05-08 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-03-30 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-03-14 31168]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 RTSUER;@oem56.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2016-08-05 418784]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVG Antivirus;AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [2018-05-17 318328]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_17b7969;Connected Devices Platform User Service_17b7969; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe [2017-06-22 604624]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2018-05-14 51024]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-08-04 640928]
R2 FoxitReaderService;Foxit Reader Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2017-08-25 1659456]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2017-07-26 192200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2016-09-20 17976]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe [2017-06-22 406480]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-08-30 177440]
R2 Killer Network Service;Killer Network Service; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2016-09-29 1951456]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-08-30 419616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-03-27 6479136]
R2 Micro Star SCM;Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [2009-07-10 160768]
R2 MSI_ActiveX_Service;MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [2017-04-24 62392]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14 522688]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-03-14 469952]
R2 OneSyncSvc_17b7969;Sync Host_17b7969; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-08-04 157600]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-03-01 519152]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2015-12-02 743616]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [2018-05-17 7670672]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe [2017-06-22 388560]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-01-20 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_17b7969;Contact Data_17b7969; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-01-20 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-10 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-01-20 143144]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_17b7969;DevicesFlow_17b7969; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-05-03 86016]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-04-24 1471168]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-10 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-07-27 987432]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_17b7969;MessagingService_17b7969; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-08-04 268704]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14 522688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_17b7969;PrintWorkflow_17b7969; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-01-20 4329952]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2018-05-03 819096]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

hotovo

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-18.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-19-2018
# Duration: 00:00:36
# OS: Windows 10 Pro
# Scanned: 40905
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Toto je OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Dado (administrator) on NOTEBOOK (19-05-2018 19:44:44)
Running from C:\Users\Dado\Desktop
Loaded Profiles: Dado (Available Profiles: Dado)
Platform: Windows 10 Pro Version 1709 16299.431 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe
(Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(forum.viry.cz) C:\Users\Dado\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9050632 2016-11-07] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [SCM] => c:\Program Files (x86)\SCM\SCM.exe [301848 2016-10-07] ()
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2018-05-17] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3920552 2015-05-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-05-14] (Dropbox, Inc.)
HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334016 2018-05-10] (Piriform Ltd)
HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\...\MountPoints2: {4f8973c1-4f23-11e7-9782-4ccc6a851290} - "G:\setup.exe"
HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\...\MountPoints2: {4f8973e7-4f23-11e7-9782-4ccc6a851290} - "G:\Autorun\autorun.exe"
HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\...\MountPoints2: {e58e7e69-2825-11e8-97cd-4ccc6a851290} - "F:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2017-06-10]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{3c586c7b-2843-4fad-8407-c74ef0807ebc}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Default [2018-05-19]
CHR Extension: (Prezentace) - C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-10]
CHR Extension: (YouTube) - C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-10]
CHR Extension: (Tabulky) - C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-10]
CHR Extension: (Chrome Media Router) - C:\Users\Dado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-01]
CHR Profile: C:\Users\Dado\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-19]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [318328 2018-05-17] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7670672 2018-05-17] (AVG Technologies CZ, s.r.o.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-20] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-05-14] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-04-24] (Disc Soft Ltd)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-08-25] (Foxit Software Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation)
R2 Killer Network Service; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [1951456 2016-09-29] (Rivet Networks)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [62392 2017-04-24] (Micro-Star INT'L CO., LTD.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2018-01-20] (Microsoft Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [743616 2015-12-02] (@ByELDI) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [189032 2018-05-17] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [220600 2018-05-17] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [192536 2018-05-17] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [336848 2018-05-17] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [50776 2018-05-17] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39352 2018-05-17] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [151504 2018-05-17] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [103744 2018-05-17] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [78352 2018-05-17] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1020112 2018-05-17] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [452904 2018-05-17] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [198368 2018-05-17] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [373944 2018-05-17] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-06-12] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-06-12] (Disc Soft Ltd)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [180992 2016-10-15] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-09-29] (Qualcomm Atheros, Inc.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmiwu.inf_amd64_7b11efeca48cd7d3\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-14] (NVIDIA Corporation)
R2 RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [87904 2016-09-29] (Rivet Networks, LLC.)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-05] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-05-06] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-19 19:44 - 2018-05-19 19:50 - 000017861 _____ C:\Users\Dado\Desktop\FRST.txt
2018-05-19 19:40 - 2018-05-19 19:41 - 000112640 _____ (forum.viry.cz) C:\Users\Dado\Desktop\FRSTLauncher.exe
2018-05-19 19:22 - 2018-05-19 19:23 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-19 18:33 - 2018-05-19 19:03 - 000003540 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2018-05-19 18:17 - 2018-05-19 18:20 - 000000000 ____D C:\AdwCleaner
2018-05-19 18:17 - 2018-05-19 18:17 - 007271632 _____ (Malwarebytes) C:\Users\Dado\Desktop\adwcleaner_7.1.1.exe
2018-05-19 16:38 - 2018-05-19 16:38 - 000000000 ____D C:\rsit
2018-05-19 16:38 - 2018-05-19 16:38 - 000000000 ____D C:\Program Files\trend micro
2018-05-19 16:28 - 2018-05-19 16:28 - 001222144 _____ C:\Users\Dado\Desktop\RSITx64.exe
2018-05-19 16:23 - 2018-05-19 16:34 - 1310903336 _____ C:\Users\Dado\Downloads\ROBINSON-CRUSOE-dobrodružný-avi-cz-(Xvid-High-720x404)-DERKEN.avi
2018-05-19 10:04 - 2018-05-19 10:04 - 000000000 ____D C:\Windows.old
2018-05-19 01:04 - 2018-05-19 19:44 - 000000000 ____D C:\FRST
2018-05-19 01:04 - 2018-05-19 01:04 - 002413056 _____ (Farbar) C:\Users\Dado\Desktop\FRST64.exe
2018-05-19 00:39 - 2018-05-19 16:19 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-05-19 00:39 - 2018-05-19 00:39 - 002997200 _____ C:\Users\Dado\Downloads\SecurityTaskManager_Setup.exe
2018-05-19 00:39 - 2018-05-19 00:39 - 000001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2018-05-19 00:39 - 2018-05-19 00:39 - 000001220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2018-05-19 00:39 - 2018-05-19 00:39 - 000001208 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2018-05-19 00:39 - 2018-05-19 00:39 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-05-19 00:33 - 2018-05-19 00:34 - 000044430 _____ C:\Users\Dado\Documents\cc_20180519_003346.reg
2018-05-19 00:29 - 2018-05-19 00:29 - 015813432 _____ (Piriform Ltd) C:\Users\Dado\Downloads\ccsetup542 (1).exe
2018-05-18 23:37 - 2018-05-19 00:56 - 000000000 ____D C:\Users\Dado\AppData\Roaming\Transport Fever
2018-05-18 23:37 - 2018-05-18 23:37 - 000001756 _____ C:\Users\Public\Desktop\Transport Fever.lnk
2018-05-18 23:37 - 2018-05-18 23:37 - 000000000 ____D C:\Users\Dado\AppData\Local\GOG.com
2018-05-18 23:37 - 2018-05-18 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transport Fever [GOG.com]
2018-05-18 21:24 - 2018-05-18 21:50 - 000000000 ____D C:\Users\Dado\Downloads\Transport Fever v15313 (20482) [GOG]
2018-05-18 21:24 - 2018-05-18 21:24 - 000015391 _____ C:\Users\Dado\Downloads\[CzT]Transport_Fever_v_15313_2016_CZ_.torrent
2018-05-17 20:33 - 2018-05-17 20:32 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2018-05-17 20:31 - 2018-05-17 20:43 - 1468657664 _____ C:\Users\Dado\Downloads\Trosecnik cz.avi
2018-05-15 14:36 - 2018-05-15 14:36 - 000000000 ____D C:\Users\Dado\Downloads\Jagged.Alliance.Back.in.Action.v1.13b.Update.Draxxus.DLC-SKIDROW
2018-05-15 14:28 - 2018-05-15 14:33 - 716075477 _____ C:\Users\Dado\Downloads\Jagged.Alliance.Back.in.Action.v1.13b.Update.Draxxus.DLC-SKIDROW.rar
2018-05-15 14:01 - 2018-05-15 14:01 - 000000000 ____D C:\Program Files (x86)\Kalypso
2018-05-15 02:24 - 2018-05-15 02:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-05-14 13:45 - 2018-05-14 13:45 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-05-14 13:45 - 2018-05-14 13:45 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-05-14 13:45 - 2018-05-14 13:45 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-05-14 13:45 - 2018-05-14 13:45 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-05-13 15:42 - 2018-05-13 15:44 - 000000000 ____D C:\Users\Dado\Desktop\Huricane factory
2018-05-13 13:00 - 2018-05-13 13:07 - 1131028014 _____ C:\Users\Dado\Downloads\Okresní přebor-Poslední zápas Pepika Hnátka-česká komedie 2012.avi
2018-05-11 20:49 - 2018-05-15 13:06 - 000000000 ____D C:\Users\Public\Documents\Jagged Alliance - Back in Action
2018-05-09 21:51 - 2018-05-09 21:51 - 000004088 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 22:22 - 2018-05-01 23:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-08 22:22 - 2018-05-01 23:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-08 21:11 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-08 21:11 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-08 21:11 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-08 21:11 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-08 21:11 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-08 21:11 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-08 21:11 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-08 21:11 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-08 21:11 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-08 21:11 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-08 21:11 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-08 21:11 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-08 21:11 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-08 21:11 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-08 21:11 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-08 21:11 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-08 21:11 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-08 21:11 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-08 21:11 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-08 21:11 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-08 21:11 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-08 21:11 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-08 21:11 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-08 21:11 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-08 21:11 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-08 21:11 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-08 21:11 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-08 21:11 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-08 21:11 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-08 21:11 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-08 21:11 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-08 21:11 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-08 21:11 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-08 21:11 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-08 21:11 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-08 21:11 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-08 21:11 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-08 21:11 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-08 21:11 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-08 21:11 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-08 21:11 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-08 21:11 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-08 21:11 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-08 21:11 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-08 21:11 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-08 21:11 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-08 21:11 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-08 21:11 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-08 21:11 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-08 21:11 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-08 21:11 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-08 21:11 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-08 21:11 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-08 21:11 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-08 21:11 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-08 21:11 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-08 21:11 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-08 21:11 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-08 21:11 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-08 21:11 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-08 21:11 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-08 21:11 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-08 21:11 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-08 21:11 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-08 21:11 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-08 21:11 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-08 21:11 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-08 21:11 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-08 21:11 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-08 21:11 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-08 21:11 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-08 21:11 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-08 21:11 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-08 21:11 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-08 21:11 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-08 21:11 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-08 21:11 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-08 21:11 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-08 21:11 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-08 21:11 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-08 21:11 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-08 21:11 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-08 21:11 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-08 21:11 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-08 21:11 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-08 21:11 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-08 21:11 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-08 21:11 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-08 21:11 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-08 21:11 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-08 21:11 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-08 21:11 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-08 21:11 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-08 21:11 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-08 21:11 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-08 21:11 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-08 21:11 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-08 21:11 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-08 21:11 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-08 21:11 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-08 21:11 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-08 21:11 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-08 21:11 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-08 21:11 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-08 21:11 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-08 21:11 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-08 21:11 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-08 21:11 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-08 21:11 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-08 21:11 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-08 21:11 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-08 21:11 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-08 21:11 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-08 21:11 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-08 21:11 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-08 21:11 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-08 21:11 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-08 21:11 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-08 21:11 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-08 21:11 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-08 21:11 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-08 21:11 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-08 21:11 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-08 21:11 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-08 21:11 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-08 21:11 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-08 21:11 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-08 21:11 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-08 21:11 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-08 21:11 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-08 21:11 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-08 21:11 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-08 21:11 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-08 21:11 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-08 21:11 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-08 21:11 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-08 21:11 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-08 21:11 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-08 21:11 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-08 21:11 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-08 21:11 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-08 21:11 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-08 21:11 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-08 21:11 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-08 21:11 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-08 21:11 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-08 21:11 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-08 21:11 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-08 21:11 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-08 21:11 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-08 21:11 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-08 21:11 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-08 21:11 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-08 21:11 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-08 21:11 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-08 21:11 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-08 21:11 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-08 21:11 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-08 21:11 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-08 21:11 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-08 21:11 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-08 21:11 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-08 21:11 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-08 21:11 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-08 21:11 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-08 21:11 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-08 21:11 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-08 21:11 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-08 21:11 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-08 21:11 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-08 21:11 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-08 21:11 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-08 21:11 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-08 21:10 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-08 21:10 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-08 21:10 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-08 21:10 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-08 21:10 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-08 21:10 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-08 21:10 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-08 21:10 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-08 21:10 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-08 21:10 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-08 21:10 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-08 21:10 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-08 21:10 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-08 21:10 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-08 21:10 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-08 21:10 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-08 21:10 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-08 21:10 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-08 21:10 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-08 21:10 - 2018-05-03 09:36 - 000397728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-05-08 21:10 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-08 21:10 - 2018-05-03 09:35 - 001628064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-05-08 21:10 - 2018-05-03 09:35 - 000831392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-05-08 21:10 - 2018-05-03 09:35 - 000645536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-05-08 21:10 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-08 21:10 - 2018-05-03 09:32 - 000744864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-05-08 21:10 - 2018-05-03 09:32 - 000670104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-05-08 21:10 - 2018-05-03 09:32 - 000231328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-05-08 21:10 - 2018-05-03 09:31 - 001420704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-05-08 21:10 - 2018-05-03 09:30 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-05-08 21:10 - 2018-05-03 09:30 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-05-08 21:10 - 2018-05-03 09:30 - 000813984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-05-08 21:10 - 2018-05-03 09:30 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-05-08 21:10 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-08 21:10 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-08 21:10 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-08 21:10 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-08 21:10 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-08 21:10 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-08 21:10 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-08 21:10 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-08 21:10 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-08 21:10 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-08 21:10 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-08 21:10 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-08 21:10 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-08 21:10 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-08 21:10 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-08 21:10 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-08 21:10 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-08 21:10 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-08 21:10 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-08 21:10 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-08 21:10 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-08 21:10 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-08 21:10 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-08 21:10 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-08 21:10 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-08 21:10 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-08 21:10 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-08 21:10 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-08 21:10 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-08 21:10 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-08 21:10 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-08 21:10 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-08 21:10 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-08 21:10 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-08 21:10 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-08 21:10 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-08 21:10 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-08 21:10 - 2018-04-15 23:36 - 002376088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2018-05-08 21:10 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-08 21:10 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-08 21:10 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-08 21:10 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-08 21:10 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-08 21:10 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-08 21:10 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-08 21:10 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-08 21:10 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-08 21:10 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-08 21:10 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-08 21:10 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-08 21:10 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-08 21:10 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-08 21:10 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-08 21:10 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-08 21:10 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-08 21:10 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-08 21:10 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-08 21:10 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-08 21:10 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-08 21:10 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-08 21:10 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-08 21:10 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-08 21:10 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-08 21:10 - 2018-04-15 22:33 - 001623960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2018-05-08 21:10 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-08 21:10 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-08 21:10 - 2018-04-15 22:14 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2018-05-08 21:10 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-08 21:10 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-08 21:10 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-08 21:10 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-08 21:10 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-08 21:10 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-08 21:10 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-08 21:10 - 2018-04-15 22:12 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2018-05-08 21:10 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-08 21:10 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-08 21:10 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-08 21:10 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-08 21:10 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-08 21:10 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-08 21:10 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-08 21:10 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-08 21:10 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-08 21:10 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-08 21:10 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-08 21:10 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-08 21:10 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-08 21:10 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-08 21:10 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-08 21:10 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-08 21:10 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-08 21:10 - 2018-04-15 22:09 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2018-05-08 21:10 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-08 21:10 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-08 21:10 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-08 21:10 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-08 21:10 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-08 21:10 - 2018-04-15 22:08 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2018-05-08 21:10 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-08 21:10 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-08 21:10 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-08 21:10 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-08 21:10 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-08 21:10 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-08 21:10 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-08 21:10 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-08 21:10 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-08 21:10 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-08 21:10 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-08 21:10 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-08 21:10 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-08 21:10 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-08 21:10 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-08 21:10 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-08 21:10 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-08 21:10 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-08 21:10 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-08 21:10 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-08 21:10 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-08 21:10 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-08 21:10 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-08 21:10 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-08 21:10 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-08 21:10 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-08 21:10 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-08 21:10 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-08 21:10 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-08 21:10 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-08 21:10 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-08 21:10 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-08 21:10 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-08 21:10 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-08 21:10 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-08 21:10 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-08 21:10 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-08 21:10 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-08 21:10 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-08 21:10 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-08 21:10 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-08 21:10 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-08 21:10 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-08 21:10 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-08 21:10 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-08 21:10 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-08 21:10 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-08 21:10 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-08 21:10 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-08 21:10 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-08 21:10 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-08 21:10 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-08 21:10 - 2017-11-26 15:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-06 22:19 - 2018-05-06 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-06 16:43 - 2018-05-06 16:58 - 1666134884 _____ C:\Users\Dado\Downloads\Poslední samuraj_cz_The Last Samurai.avi
2018-05-01 22:20 - 2018-05-01 22:20 - 015813864 _____ (Piriform Ltd) C:\Users\Dado\Downloads\ccsetup542.exe
2018-04-25 16:23 - 2018-04-25 16:23 - 000000000 ____D C:\Users\Dado\AppData\Roaming\11bitstudios
2018-04-25 16:23 - 2018-04-25 16:23 - 000000000 ____D C:\ProgramData\SkidRow
2018-04-25 14:19 - 2018-04-25 14:34 - 2224074968 _____ C:\Users\Dado\Downloads\Sci-Fi-Armagedon-cz.avi
2018-04-25 14:15 - 2018-04-25 14:15 - 000001176 _____ C:\Users\Public\Desktop\This War of Mine.lnk
2018-04-25 14:15 - 2018-04-25 14:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\This War of Mine
2018-04-25 14:13 - 2018-04-25 14:15 - 000000000 ____D C:\Program Files (x86)\This War of Mine
2018-04-25 12:48 - 2018-04-25 12:51 - 000000000 ____D C:\Users\Dado\Downloads\This War of Mine (CZ)
2018-04-25 12:48 - 2018-04-25 12:48 - 000018692 _____ C:\Users\Dado\Downloads\[CzT]This_War_of_Mine_2014_2015_CZ_.torrent
2018-04-22 13:09 - 2018-04-22 13:09 - 000000000 ____D C:\Games
2018-04-22 13:08 - 2018-04-22 13:08 - 004759760 _____ (Wargaming.net ) C:\Users\Dado\Downloads\WoT_internet_install_eu.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-19 19:35 - 2018-01-20 10:04 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C5253606-21AC-4288-83AF-21C1562EF0A3}
2018-05-19 19:24 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-19 19:23 - 2018-01-14 14:48 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-19 19:09 - 2017-08-01 04:48 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-19 19:05 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-19 18:58 - 2017-06-10 15:04 - 000000000 __SHD C:\Users\Dado\IntelGraphicsProfiles
2018-05-19 18:57 - 2018-01-20 10:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-19 18:56 - 2018-01-20 09:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-19 18:53 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-19 18:23 - 2018-01-20 17:01 - 000000922 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-05-19 18:23 - 2018-01-20 17:01 - 000000918 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-05-19 18:20 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Registration
2018-05-19 18:18 - 2017-06-10 22:07 - 000000000 ____D C:\Users\Dado\AppData\Roaming\vlc
2018-05-19 17:34 - 2018-01-20 10:02 - 000026673 _____ C:\WINDOWS\diagwrn.xml
2018-05-19 17:34 - 2018-01-20 10:02 - 000026673 _____ C:\WINDOWS\diagerr.xml
2018-05-19 16:21 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-19 16:21 - 2017-08-01 04:47 - 000000000 ____D C:\Program Files (x86)\Intel
2018-05-19 16:20 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-19 16:20 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-19 16:15 - 2018-01-20 10:04 - 000004278 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-05-19 09:38 - 2018-01-20 17:01 - 000003982 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-05-19 09:38 - 2018-01-20 17:01 - 000003750 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-05-19 00:32 - 2017-06-10 14:31 - 000000000 ____D C:\Program Files (x86)\Steam
2018-05-19 00:31 - 2017-06-10 22:53 - 000000000 ____D C:\Users\Dado\AppData\Local\CrashDumps
2018-05-19 00:29 - 2018-01-20 10:04 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-05-19 00:29 - 2017-06-10 21:57 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-18 23:49 - 2017-06-11 21:05 - 000000000 ____D C:\Users\Dado\AppData\Local\Avg
2018-05-18 23:44 - 2017-08-01 04:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-05-18 23:44 - 2017-06-11 21:07 - 000000000 ____D C:\Program Files (x86)\AVG
2018-05-18 23:44 - 2017-06-11 21:05 - 000000000 ____D C:\ProgramData\Avg
2018-05-18 22:45 - 2017-06-11 22:44 - 000000000 ____D C:\Users\Dado\AppData\Roaming\uTorrent
2018-05-18 22:44 - 2017-06-17 21:06 - 000000000 ____D C:\GOG Games
2018-05-18 22:32 - 2017-06-11 22:46 - 000000000 ____D C:\Users\Dado\Downloads\Torrenty
2018-05-18 21:19 - 2018-01-16 01:57 - 000000000 ____D C:\Users\Dado\Documents\DAVAProject
2018-05-18 20:20 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-18 19:42 - 2018-01-20 10:04 - 000005218 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for NOTEBOOK-Dado Notebook
2018-05-17 20:56 - 2017-06-10 09:20 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-17 20:35 - 2018-01-20 10:04 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-17 20:35 - 2018-01-20 10:04 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-17 20:32 - 2017-11-15 00:01 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-05-17 20:32 - 2017-06-11 21:11 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-05-17 20:32 - 2017-06-11 21:11 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-05-17 20:32 - 2017-06-11 21:11 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-05-17 20:32 - 2017-06-11 21:11 - 000151504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-05-17 20:32 - 2017-06-11 21:11 - 000103744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2018-05-17 20:32 - 2017-06-11 21:11 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-05-17 20:32 - 2017-06-11 21:11 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-05-17 20:30 - 2017-06-11 21:11 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-05-17 20:30 - 2017-06-11 21:11 - 000336848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-05-17 20:30 - 2017-06-11 21:11 - 000220600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-05-17 20:30 - 2017-06-11 21:11 - 000192536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-05-17 20:30 - 2017-06-11 21:11 - 000050776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2018-05-15 20:25 - 2017-06-18 23:52 - 000000000 ____D C:\Users\Dado\Documents\Práce
2018-05-15 14:38 - 2018-01-27 10:01 - 000000000 ____D C:\Hry
2018-05-15 14:18 - 2017-11-11 11:38 - 000000000 ____D C:\Users\Dado\Documents\Games
2018-05-15 03:49 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-15 02:25 - 2018-01-20 17:01 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-05-11 20:49 - 2018-01-20 18:45 - 000000000 ____D C:\Users\Dado\AppData\Local\SKIDROW
2018-05-09 21:56 - 2018-01-20 18:06 - 000919764 _____ C:\WINDOWS\system32\perfh005.dat
2018-05-09 21:56 - 2018-01-20 18:06 - 000201364 _____ C:\WINDOWS\system32\perfc005.dat
2018-05-09 21:56 - 2018-01-20 10:02 - 002217748 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-09 21:53 - 2018-01-20 10:04 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-09 21:53 - 2018-01-20 10:04 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-09 21:53 - 2017-08-01 04:48 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-05-09 21:53 - 2017-06-10 19:14 - 000001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-05-09 21:51 - 2018-01-20 10:04 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-09 21:51 - 2017-08-01 04:47 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-09 21:50 - 2018-01-20 10:04 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-09 21:50 - 2018-01-20 10:04 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-09 21:50 - 2018-01-20 10:04 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-09 21:50 - 2018-01-20 10:04 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-05-08 22:39 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-08 22:24 - 2018-01-20 15:34 - 000000000 ___RD C:\Users\Dado\3D Objects
2018-05-08 22:24 - 2017-06-10 14:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-08 22:19 - 2018-01-20 09:31 - 000393392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-08 22:16 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-08 22:16 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-08 22:16 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-08 22:16 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-08 22:16 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-08 22:16 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-08 22:16 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-08 22:16 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-08 21:30 - 2017-06-10 10:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-08 21:28 - 2017-10-11 01:49 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-08 21:27 - 2017-06-10 10:55 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-08 21:15 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-08 21:14 - 2017-09-29 15:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-08 21:14 - 2017-09-29 15:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-08 21:14 - 2017-09-29 15:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-06 22:19 - 2017-09-03 07:56 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-04 07:16 - 2017-06-10 15:09 - 000000000 ____D C:\Users\Dado\AppData\Local\NVIDIA Corporation
2018-05-03 08:59 - 2015-10-30 10:13 - 000398136 __RSH C:\bootmgr
2018-05-01 16:35 - 2018-01-20 10:04 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2676326611-3279175106-2647828312-1001
2018-05-01 16:35 - 2017-06-10 14:55 - 000002388 _____ C:\Users\Dado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-01 16:35 - 2017-06-10 14:55 - 000000000 ___RD C:\Users\Dado\OneDrive
2018-04-23 12:05 - 2017-06-12 06:18 - 000000000 ____D C:\Program Files (x86)\Bethesda Softworks
2018-04-23 11:53 - 2018-01-27 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2018-04-22 13:09 - 2017-07-22 06:43 - 000000810 _____ C:\Users\Dado\Desktop\World of Tanks.lnk
2018-04-22 13:09 - 2017-07-22 06:43 - 000000000 ____D C:\Users\Dado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks

==================== Files in the root of some directories =======

2017-07-13 19:07 - 2017-12-19 15:26 - 000009216 _____ () C:\Users\Dado\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Dado\Desktop" je 1930 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\...\MountPoints2: {4f8973c1-4f23-11e7-9782-4ccc6a851290} - "G:\setup.exe"
HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\...\MountPoints2: {4f8973e7-4f23-11e7-9782-4ccc6a851290} - "G:\Autorun\autorun.exe"
HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\...\MountPoints2: {e58e7e69-2825-11e8-97cd-4ccc6a851290} - "F:\HiSuiteDownLoader.exe"
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Dado\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Dado\Desktop" je 1930 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Dado novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

provedeno

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Dado (19-05-2018 20:19:53) Run:1
Running from C:\Users\Dado\Desktop
Loaded Profiles: Dado (Available Profiles: Dado)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\...\MountPoints2: {4f8973c1-4f23-11e7-9782-4ccc6a851290} - "G:\setup.exe"
HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\...\MountPoints2: {4f8973e7-4f23-11e7-9782-4ccc6a851290} - "G:\Autorun\autorun.exe"
HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\...\MountPoints2: {e58e7e69-2825-11e8-97cd-4ccc6a851290} - "F:\HiSuiteDownLoader.exe"
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Dado\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f8973c1-4f23-11e7-9782-4ccc6a851290}" => removed successfully
HKLM\Software\Classes\CLSID\{4f8973c1-4f23-11e7-9782-4ccc6a851290} => not found
"HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f8973e7-4f23-11e7-9782-4ccc6a851290}" => removed successfully
HKLM\Software\Classes\CLSID\{4f8973e7-4f23-11e7-9782-4ccc6a851290} => not found
"HKU\S-1-5-21-2676326611-3279175106-2647828312-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e58e7e69-2825-11e8-97cd-4ccc6a851290}" => removed successfully
HKLM\Software\Classes\CLSID\{e58e7e69-2825-11e8-97cd-4ccc6a851290} => not found
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Dado\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 118422849 B
Java, Flash, Steam htmlcache => 133633031 B
Windows/system/drivers => 37109 B
Edge => 13908 B
Chrome => 372277911 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3282 B
NetworkService => 0 B
Dado => 26785554 B

RecycleBin => 0 B
EmptyTemp: => 631 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:20:52 ====

myslím, že problém je vyřešen, nyní mám vytíženost disku na 7%.
Děkuji strašně moc za pomoc, posílám příspěvek

Měl jste tam víceméně zbytečnosti. Za příspěvek děkujeme a vy nemáte zač!